A Dual Approach to Detect Pharming Attacks at the Client-Side

Author

Gastellier-Prevost, Sophie ; Granadillo, Gustavo Gonzalez ; Laurent, Maryline

Author_Institution

Inst. Telecom, Telecom SudParis, Evry, France

fYear

2011

fDate

7-10 Feb. 2011

Firstpage

1

Lastpage

5

Abstract

Pharming attacks - a sophisticated version of phishing attacks - aim to steal users´ credentials by redirecting them to a fraudulent website using DNS-based techniques. Pharming attacks can be performed at the client-side or into the Internet, using complex and well designed techniques that make the attack often imperceptible to the user. With the deployment of broadband connections for Internet access, personal networks are a privileged target for attackers. In this paper, we propose a dual approach to provide an anti-pharming protection integrated into the client´s browser. Our approach combines both an IP address check as well as a webpage content analysis, using the information provided by multiple DNS servers. We present first experimental results and we discuss about future works and limitations of our approach.

Keywords

IP networks; Internet; Web sites; broadband networks; computer crime; computer network security; information retrieval; unsolicited e-mail; DNS server; IP address check; Internet access; Web page content analysis; antipharming protection; broadband connection; client browser; client-side; fraudulent Web site; personal network; pharming attack detection; phishing attack; Browsers; Computer crime; Databases; HTML; IP networks; Internet; Servers;

fLanguage

English

Publisher

ieee

Conference_Titel

New Technologies, Mobility and Security (NTMS), 2011 4th IFIP International Conference on

Conference_Location

Paris

ISSN

2157-4952

Print_ISBN

978-1-4244-8705-9

Electronic_ISBN

2157-4952

Type

conf

DOI

10.1109/NTMS.2011.5721063

Filename

5721063