Title :
Defeating pharming attacks at the client-side
Author :
Gastellier-Prevost, Sophie ; Laurent, Maryline
Author_Institution :
Inst. Telecom, Telecom SudParis, Evry, France
Abstract :
With the deployment of “always-connected” broadband Internet access, personal networks are a privileged target for attackers and DNS-based corruption. Pharming attacks - an enhanced version of phishing attacks - aim to steal users´ credentials by redirecting them to a fraudulent login website, using DNS-based techniques that make the attack imperceptible to the end-user. In this paper, we define an advanced approach to alert the end-user in case of pharming attacks at the client-side. With a success rate over 95%, we validate a solution that can help differentiating legitimate from fraudulent login websites, based on a dual-step analysis (IP address check and webpage content comparison) performed using multiple DNS servers information.
Keywords :
Internet; Web sites; broadband networks; computer network security; DNS based corruption; DNS servers information; IP address check; Webpage content comparison; always connected broadband Internet access; client side; dual step analysis; fraudulent login website; personal networks; pharming attacks; phishing attacks; Browsers; Computer crime; Credit cards; HTML; IP networks; Servers; Visualization;
Conference_Titel :
Network and System Security (NSS), 2011 5th International Conference on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-0458-1
DOI :
10.1109/ICNSS.2011.6059957
