Con esta herramienta te facilitamos un acceso a todas las ofertas y demandas de tecnología europeas y a búsquedas de socios para participar en propuestas europeas de I+D publicadas en la red Enterprise Europe Network, pudiendo filtrar los resultados para facilitar las búsquedas más acordes con tus necesidades.

¿Quieres recibir estos listados de oportunidades de colaboración en tu correo de forma periódica y personalizada? Date de alta en nuestro Boletín

Para optimizar los resultados de la búsqueda, se recomienda utilizar términos en inglés.

Tecnología de protección contra phishing disponible para licencia

Resumen

Tipo:
Oferta Tecnológica
Referencia:
TOUK20180226002
Publicado:
05/03/2018
Caducidad:
06/03/2019
Resumen:
Un centro de transferencia de tecnología de Reino Unido responsable de licenciar la investigación tecnológica del Ministerio de Defensa de Reino Unido está licenciando una nueva tecnología para detectar enlaces a páginas web maliciosas (phishing) antes de mostrar las páginas al usuario. Gracias al uso de un algoritmo que emula el proceso visual del usuario, esta tecnología permite detectar estrategias de phishing que pueden ocurrir en el futuro. La técnica consta de tres elementos: una lista blanca de dominios web conocidos y una imagen de referencia de cada uno, una función para capturar una imagen digital de un dominio web en un correo electrónico sospechoso y técnicas para medir la similitud de dos dominios y determinar si un enlace puede ser un ataque de phishing. La empresa busca proveedores de productos de seguridad informática, detección de phishing, antivirus y firewall interesados en complementar sus catálogos de productos.

Details

Tittle:
A UK phishing protection technology available for license
Summary:
A technology transfer organisation responsible for licensing technology research created by the UK Ministry of Defence is licensing a novel technology to detect malicious links online (known as phishing) before they are presented to the user. The company is looking to offer this technology to existing suppliers of cyber-security / phishing detection / anti-virus / firewall products to complement their existing product portfolio.
Description:
Phishing attacks present a significant risk to organisations as they are not reliably blocked by cyber security software. In particular the Internationalised Domain Name (IDN) homograph attack which mimics genuine web links is difficult to detect. An IDN homograph attack exploits the fact that different characters on the internet can look alike. This vulnerability is used by spammers to register a domain that appears to be trustworthy but is actually malicious. Unsuspecting users therefore click on what appears to be a trustworthy link when in fact they are sent to a malicious website.

A UK technology transfer organisation responsible for converting UK Ministry of Defence technology research into industry applications is licensing a technology that detects malicious links by performing text and image comparisons on each link in a message. An alert is raised when a link is visually similar to a whitelisted website but is typographically different. Further checks are then performed to refine the likelihood of it being a phishing attack at which point the link can be quarantined.
By using an algorithm which emulates the visual process of the user this technology has the ability to detect phishing strategies that may occur in the future.

The phishing protection technique is comprised of three main elements:
1. A whitelist of known good web domains and a reference image of each
2. A function to capture a digital image of a web domain in a suspect email
3. Various techniques to measure the similarity of the two domains to determine whether a link is likely to be a phishing attack.

Since the technology uses whitelists, it benefits from not being dependent upon an ever increasing blacklist which renders protection vulnerable between updates and takes longer to process as the list grows.

The whitelist can easily be tailored, updated or expanded to suit an individual organisation. If required, it can also be "hashed" to provide additional security.

The company is looking to license out this phishing protection technology to existing suppliers of cyber-security / phishing detection / anti-virus / firewall products to complement their existing product portfolio.
Advantages and Innovations:
- A new layer of defence against phishing attacks that protects organisations from data breaches.

- Helps to mitigate human errors in the detection of malicious links.

- Not dependent on an up-to-date blacklist.

- Can facilitate automatic blocking of malicious links.

- Easy to integrate into existing antiphishing decision trees.

- Requires minimal processing/memory overhead.
Stage of Development:
Available for demonstration
IPs:
Patent(s) applied for but not yet granted

Partner sought

Type and Role of Partner Sought:
The company is looking to license out this technology to existing suppliers of cyber-security / phishing detection / anti-virus / firewall products to complement their existing product portfolio.

Client

Type and Size of Client:
Industry SME 11-49
Already Engaged in Trans-National Cooperation:
No
Languages Spoken:
English

Keywords

Technology Keywords:
01006005 Network Technology, Network Security