PAPG -- Personalized Anti-Phishing Guard

TL;DR

PAPG is a personalized, device-managed plugin that uses local data and user feedback to protect against phishing attacks without relying on third-party services.

Contribution

It introduces a novel, user-centric anti-phishing plugin that operates locally, reducing computational load and dependency on third-party synchronization.

Findings

Operates fully on user device with local data storage

Utilizes user feedback to improve phishing detection

Allows profile reuse across devices without reconfiguration

Abstract

Security and privacy have been considered a corner stone in all electronic transactions nowadays. People are becoming very cautious when conducting electronic transactions over internet. One of the major issues that frightens them is identity theft. Identity theft might be conducted using phishing techniques that aims to trick the user to provide his credentials in a well-organized tactic. Efforts have been done towards fighting against phishing attacks and hence identify theft. However, most of these efforts are either computationally exhaustive to the electronic device or depend on a third party to perform the task. In this paper, we propose a plugin called Personalized Anti-Phishing Guard - PAPG that is managed personally on the device and is used to guard the user against phishing attacks. The plugin maintains data locally and may not need to synchronize with a third party. Besides, PAPG depends on the user's feedback to build the local knowledge base that is used to support the decision. The user might also store his profile and reuse it with other devices and from different locations without having to configure it again