IT Jobs
IE 7.0 tops study of anti-phishing tools
Which to use and which to avoid.
By John E. Dunn, Techworld | Techworld
Published: 16:08 GMT, 29 September 06
Internet Explorer 7.0’s anti-phishing security is superior to any of its rivals, the first significant study to rate this element of browser security has concluded.
The tests by US Microsoft consultants 3Sharp LLC pitted a range of browser plug-ins for anti-phishing security against the phishing filter, in beta three of IE 7.0, finding the Microsoft technology to be the most effective.
Each of seven filters – from eBay, Earthlink, GeoTrust, Google, Netcraft, McAfee Site Advisor, and Netscape – were tested on 100 known phishing sites, and 500 legitimate sites, to gauge how well the different systems could distinguish friend from foe. Each was then rated on a scale from zero (defined as no anti-phishing capability) to a maximum score of 200.
The final “accuracy” score took into account both detection rates as well as the number of false positives. The results found Microsoft’s browser to lead the pack in most aspects of detection.
IE 7.0 ended up with a score of 172, only four ahead Netcraft’s toolbar which scored 168. Google/Firefox was a distant third with 106, eBay fourth on 92, Earthlink ScamBlocker fifth on 76, GeoTrust Trustwatch sixth with 67, Netscape 8.1 seventh with 56, and McAfee SiteAdvisor coming in last place with an almost useless 3.
Breaking down the scores, GeoTrust had the highest catch rate, 99 percent, but was marked down heavily because the software only warned users, and did not automatically block access to problem sites as did its rivals.
According to the report’s authors, this is deficient because it gives users too much discretion. GeoTrust also had a high rate of false positives, mis-labelling a third of legitimate sites as suspect. IE 7.0’s catch rate was second on 89 percent, with Netcraft’s third on 84 percent.
Google’s Toolbar was the only one of the technologies to integrate with Mozilla’s Firefox, and it proved to be modest performer. Equally, this used version 1.5’s “Safe Browsing” plug-in which will be superseded by integrated anti-phishing in the forthcoming version 2.0 of the browser.
The excellent showing accorded to Microsoft’s browser does need to be put into context – the study was commissioned by Microsoft.
Nevertheless, 3Sharp comes up with the interesting and valid observation that anti-phishing systems built on databases of problem and legitimate sites need to compliment this by employing heuristics. Phishing evolves rapidly so databases built from honeypot data quickly date.
The full report, Gone Phishing: Evaluating Anti-Phishing Tools for Windows, can be downloaded from the company’s website.
.gif)
Add your commentComments