Anti Phishing Tools

IRI - Image Recognition Identification - (updated 2007-07-29)

 
 
Protection against... Detection... Ease to install
User usage
(green=easy)
  funds transfert simple phishing MITM phishing ISP pharming trojan keylogger advanced trojan before-fraud after-fraud
 
 
 
 
 
 
By user
N/A
 
 

Goal : protecting user from phishing sites
Installed by : business lines

I believe that this will remind something to those that closely monitor the ID theft solution market. The purpose of this tool is to create an association beetween a user and an image chosen by this user in a big database.
This way, the user will be suspicious if he connects to a phishing site where the image he has chosen is missing.
This solution is very easy to understand for the customer but phishers can build authentication pages with a banner explaining that the image protection security system has been temporarily disabled for security maintenance.



Image table creation

In this case, we create a table in the database to store the images that will be used later on. The following SQL statement is for MySQL. One should adapt it to his own environment.


CREATE TABLE 'images ' (
'id' INT NOT NULL AUTO_INCREMENT,
'size' VARCHAR(20) NOT NULL,
'name' VARCHAR(100) NOT NULL,
'type' VARCHAR(20) NOT NULL ,
'content' BLOB NOT NULL,
PRIMARY KEY ('id')
)


PHP Page for registering an image associated with a user

<html>
<body>
....
<!-- We have to inform user on what we want him to do //-->
We have updated our security system, you now have to chose an image which will be associated with your profile.
<BR>
This will protect you from phishing sites.
<BR>
<B>
Remember, this mecanism will be essential to prevent fraud on your account. Keep in mind that your image will ALWAYS be associated with your profile.
<BR>
If one day, you visit our site and it is said that the image cannot be rendreed for whatever reason, leave immediately, you'll probably be on a fraudster site.
</B>

You can chose your image from one of the following or upload yours.
<?

$mysql_link=mysql_connect("server_location","user1", "password");
mysql_select_db("mydatabase",$mysql_link);

$query = "SELECT id, name".
"FROM images ORDER BY name ";
$ret = mysql_query ($query) or die (mysql_error ());
while ( $tuple = mysql_fetch_row ($ret) ){
  echo "<IMG SRC=\"display.php?id=".$tuple[0]."\"> <a href=\"associate.php?id=".$tuple[0]."\">".$tupple[1]."</a><br />";
}
mysql_close($mysql_link);
?>

<form enctype="multipart/form-data" action="upload.php" method="post">
  <input type="file" name="file" size=100 />
  <input type="submit" value="Upload" />
</form>


</body>
</html>


display.php

<?

// This PHP file is used to display the image stored in the database to the user browser

$mysql_link=mysql_connect("server_location","user1", "password");
mysql_select_db("mydatabase",$mysql_link);

if (is_numeric($id)){
  $query = "SELECT id, type, content FROM images WHERE id=".$id;
}
$ret = mysql_query ($query) or die (mysql_error ());
$tuple = mysql_fetch_row ($ret)
if ($tuple[0]){
  header("Content-type: ".$tuple[1]);
  echo $tuple[2];
}
mysql_close($mysql_link);
?>

upload.php

<?

// This file is used to store a file chosen from the user into the database
$max_size = 300000;
$ret = is_uploaded_file ($_FILES['file']['file_name']);
if ( !$ret )
{
  echo "Upload failed. Please retry";
  return false;
}
else
{
  $size = $_FILES['file']['size'];
  if ( $size> $max_size )
  {
    echo "Your file is too huge to be inserted. Please chose another one!";
    return false;
  }
  $type = $_FILES['fic']['type'];
  $name = $_FILES['fic']['name'];
  $img_blob = file_get_contents ($_FILES['fic']['tmp_name']);
  
  $mysql_link=mysql_connect("server_location","user1", "password");
  $mysql_select_db("mydatabase",$mysql_link);

  $query = "INSERT INTO images (name, size, type, content) VALUES (."'".$name."', "."'".$size."', "."'".$type."', "."'".$content."') ";
  $ret = mysql_query ($query) or die (mysql_error ());
  mysql_close($mysql_link);

}

?>

associate.php

<?
// Here we have to suppose that a table is already present where it's possible to link the user ID with an image ID
$mysql_link=mysql_connect("server_location","user1", "password");
mysql_select_db("mydatabase",$mysql_link);

$id=intval($id);
if (is_numeric($id)){
  $query="UPDATE users SET image_id=".$id;
}
$ret = mysql_query ($query) or die (mysql_error ());
mysql_close($mysql_link);
?>

authentication.php

<?
// And now, there is only the identification page where we ask the user if the image is the real one
//Of course, we have to receive a real user_id value first
$mysql_link=mysql_connect("server_location","user1", "password");
mysql_select_db("mydatabase",$mysql_link);
$query="SELECT image_id from users WHERE user_id=".mysql_real_escape_string($user_id);
$ret = mysql_query ($query) or die (mysql_error ());
echo "This is supposed your chosen image : <IMG SRC=\"display.php?id=".$tuple[0]."\">";
mysql_close($mysql_link);
?>