• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Conference on Security and Management(SAM'06); 20060626-29; Las Vegas,NV(US) >Custom Plugin - A Solution to Phishing and Pharming Attacks
【24h】

Custom Plugin - A Solution to Phishing and Pharming Attacks

机译:自定义插件-一种针对网络钓鱼和欺骗攻击的解决方案

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

This paper proposes a new method to detect, alert and protect the user from Internationalized Domain Names (IDN) and Uniform Resource Locator (URL) spoofing, phishing, pharming and man-in-the-middle attacks by validating the site before the user actually enters the personal details. The suggested method is based on the use of a browser plugin which enables the user to validate the website which provides visual feedback. In case of pharming, where Domain Name System (DNS) is hijacked, the plugin automatically notifies the user of possible attack, posts the attack information to the server and redirects the user to legitimate website. SSL/TLS certificates are also automatically checked, verified and validated by the plugin in order to check for man-in-the-middle and pharming attacks.
机译:本文提出了一种新方法,通过在用户实际使用之前验证站点,来检测,警告和保护用户免受国际化域名(IDN)和统一资源定位符(URL)的欺骗,网络钓鱼,欺骗和中间人攻击输入个人详细信息。建议的方法基于浏览器插件的使用,该插件使用户可以验证提供视觉反馈的网站。在进行域名欺骗的情况下,如果劫持了域名系统(DNS),该插件会自动通知用户可能的攻击,将攻击信息发布到服务器,然后将用户重定向到合法网站。插件还会自动检查,验证和确认SSL / TLS证书,以检查中间人攻击和Pharming攻击。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号