Web Security


We've developed a Chrome extension for detecting if a visited website is phish or not by comparing its content to the original, known good website.

The code is also available on git:


A paper about what we’re doing, AuntieTuna: Personalized Content-based Phishing Detection [1], to be presented at the 2016 NDSS Usable Security Workshop.

An early version of this work was presented at the 2015 IEEE Security and Privacy poster session (2015-05-18) [2]: abstract and poster.



We’d greatly appreciate it if you could alpha test our plugin!

Currently (0.0.2) the plugin compares and detects PayPal phish by default. Users personalize and add their own “known-good” sites as they browse.

In your testing, we’d like to know your experience with:

Please send email to calvin@isi.edu with questions, bugs, feature requests, patches, and any notes on your usage!


  1. Go to Extensions (Window → Extensions) or enter URL “chrome://extensions/”
  2. Click on “Load unpacked extensions…”
  3. Select the directory containing this extension and click on “Select”
  4. To view debugging information for the extension on a visited webpage, go to View → Developer → JavaScript Console


Copyright (C) 2016. University of Southern California.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.