A DNS Based Anti-phishing Approach

Author

Bin, Sun ; Qiaoyan, Wen ; Xiaoying, Liang

Author_Institution

State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China

Volume

2

fYear

2010

fDate

24-25 April 2010

Firstpage

262

Lastpage

265

Abstract

Most of the phishing and pharming attacks are directed at the payment and financial services, with the purpose to steal online bank users´ card number and password. This paper presents the design and implementation of a DNS based anti-phishing approach, which can be used to protect the card number and the password of the online bank users effectively, and prevent phishers and pharmers from stealing such information. First, the bank name, its DNS server´s IP address, and the card number range will be stored in the database. If the Phishing Detecting Device detects that a bank card number is being sent to a suspicious website, the device will send an inverse DNS query to the DNS server of the related bank. By verifying whether the suspicious website is with in the domain of the bank, it can determine whether the website is a phishing website.

Keywords

bank data processing; computer crime; query processing; DNS query; DNS server IP address; antiphishing approach; financial services; online bank user card number; payment services; pharming attacks; phishing detecting device; Computer networks; Counterfeiting; Electronic mail; Laboratories; Navigation; Protection; Sun; Telecommunication computing; Uniform resource locators; Wireless communication; DNS; anti-phishing; bank card number; inverse query; pharming;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference on

Conference_Location

Wuhan, Hubei

Print_ISBN

978-0-7695-4011-5

Electronic_ISBN

978-1-4244-6598-9

Type

conf

DOI

10.1109/NSWCTC.2010.196

Filename

5480624