Defeating pharming attacks at the client-side

With the deployment of "always-connected" broadband Internet access, personal networks are a privileged target for attackers and DNS-based corruption. Pharming attacks - an enhanced version of phishing attacks - aim to steal users' credentials by redirecting them to a fraudulent login website, using DNS-based techniques that make the attack imperceptible to the end-user. In this paper, we define an advanced approach to alert the end-user in case of pharming attacks at the client-side. With a success rate over 95%, we validate a solution that can help differentiating legitimate from fraudulent login websites, based on a dual-step analysis (IP address check and webpage content comparison) performed using multiple DNS servers information

Mots clés

Pharming Webpage content DNS

Domaines

Réseaux et télécommunications [cs.NI]

Fichier principal

NSS2011-SophieGastellier-Pharming.pdf (379.75 Ko)

Origine : Fichiers produits par l'(les) auteur(s)

Médiathèque Télécom SudParis & Institut Mines-Télécom Business School : Connectez-vous pour contacter le contributeur

https://hal.science/hal-01303641

Soumis le : lundi 18 avril 2016-14:33:03

Dernière modification le : mercredi 21 juin 2023-11:46:03

Archivage à long terme le : mardi 19 juillet 2016-13:30:41

Dates et versions

hal-01303641 , version 1 (18-04-2016)

Identifiants

HAL Id : hal-01303641 , version 1
DOI : 10.1109/ICNSS.2011.6059957

Citer

Sophie Gastellier-Prevost, Maryline Laurent. Defeating pharming attacks at the client-side. NSS 2011 : 5th International Conference on Network and System Security, Sep 2011, Milan, Italy. pp.33 - 40, ⟨10.1109/ICNSS.2011.6059957⟩. ⟨hal-01303641⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

INSTITUT-TELECOM CNRS TELECOM-SUDPARIS

43 Consultations

298 Téléchargements