SiteWatcher - an Anti-Phishing System

Description

A series of anti-phishing software called SiteWatcher will be developed in this project, including SiteWatcher Client for end-users, SiteWatcher Server for ISPs, and SiteWatcher Enterprise for company users. They can monitor the network traffics (including webpages and emails) at the users' PCs, the ISPs' servers, the companies' servers, and alert them if any suspicious phishing attack is detected. One of the main techniques we will develop is the technique for assessment of visual similarity between similar Internet Identities (IID) (e.g., domain names and user names) and between webpages. This is because the basic phishing trick is to make the appearance of webpages and their addresses similar to real ones such that the potential victims believe they are accessing the right webpages and leak their personal information. Our research also shows that some visually legitimate addresses, such as, "www.paypal.com", may direct users to unexpected websites because some characters have different Unicode values from their visually similar counterparts which are normal ASCII characters. Hence, we will also develop a method to display characters in different colors to remind the users that some IID may contain some obfuscating characters. Both economic and social impacts of this series of software will be great.