• DocumentCode
    2027367
  • Title

    Defeating pharming attacks at the client-side

  • Author

    Gastellier-Prevost, Sophie ; Laurent, Maryline

  • Author_Institution
    Inst. Telecom, Telecom SudParis, Evry, France
  • fYear
    2011
  • fDate
    6-8 Sept. 2011
  • Firstpage
    33
  • Lastpage
    40
  • Abstract
    With the deployment of “always-connected” broadband Internet access, personal networks are a privileged target for attackers and DNS-based corruption. Pharming attacks - an enhanced version of phishing attacks - aim to steal users´ credentials by redirecting them to a fraudulent login website, using DNS-based techniques that make the attack imperceptible to the end-user. In this paper, we define an advanced approach to alert the end-user in case of pharming attacks at the client-side. With a success rate over 95%, we validate a solution that can help differentiating legitimate from fraudulent login websites, based on a dual-step analysis (IP address check and webpage content comparison) performed using multiple DNS servers information.
  • Keywords
    Internet; Web sites; broadband networks; computer network security; DNS based corruption; DNS servers information; IP address check; Webpage content comparison; always connected broadband Internet access; client side; dual step analysis; fraudulent login website; personal networks; pharming attacks; phishing attacks; Browsers; Computer crime; Credit cards; HTML; IP networks; Servers; Visualization;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and System Security (NSS), 2011 5th International Conference on
  • Conference_Location
    Milan
  • Print_ISBN
    978-1-4577-0458-1
  • Type

    conf

  • DOI
    10.1109/ICNSS.2011.6059957
  • Filename
    6059957
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2027367