Cited By
View all- Xu ZMiller J(2016)Identifying semantic blocks in Web pages using Gestalt laws of groupingWorld Wide Web10.1007/s11280-015-0370-019:5(957-978)Online publication date: 1-Sep-2016
Finding homoglyphs: a step towards detecting unicode-based visual spoofing attacks
Pages 1 - 14
Abstract
Visual spoofing has become a serious web security problem. The dramatic growth of using Unicode characters on the web has introduced new types of visual attacks. The main source of these attacks is the existence of many similar glyphs (characters) in the Unicode space which can be utilized by attackers to confuse users. Therefore, detecting visually similar characters is a very important issue in web security. In this paper, we explore an approach to defining the visual similarity between Unicode glyphs. The results of the experiments show that the proposed method can effectively detect the "amount" of similarity between a pair of Unicode glyphs.
References
[1]
The Unicode Consortium.: The Unicode Standard, Version 5.0.0. Addison-Wesley, Boston (2007).
[2]
Unicode Security Considerations, http://unicode.org/reports/tr36/
[3]
Liu, W., Deng, X., Huang, G., Fu, A.Y.: An Anti-Phishing Strategy Based on Visual Similarity Assessment. J. IEEE Internet Computing. 10, 58-65 (2006).
[4]
Fu, A.Y., Liu, W., Deng, X.: Detecting Phishing Web Pages with Visual Similarity Assessment based on Earth Mover's Distance (EMD). J. IEEE Transactions on Dependable and Secure Computing 3, 301-311 (2006).
[5]
Costello, A.: RFC 3492 - Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA), IETF (2003).
[6]
Krammer, V.: Phishing defense against IDN address spoofing attacks. In: Proceedings of the 2006 International Conference on Privacy, Security and Trust (PST 2006), New York (2006).
[7]
Fu, A.Y., Deng, X., Wenyin, L.: REGAP: A tool sfor Unicode-based web identity fraud detection. J. Digital Forensic Practice 1, 83-97 (2006).
[8]
Cilibrasi, R., Vitanyi, P.: Clustering by compression. J. IEEE Transactions on Information Theory 51, 1523-1545 (2005).
[9]
Li, M., Vitányi, P.M.B.: An Introduction to Kolmogorov Complexity and its Applications. Springer, New York (1997).
[10]
Chen, T.C.: Detecting Visually Similar Web Pages: Application to Phishing Detection. Thesis (PhD). University of Alberta (2010).
[11]
Tran, N.: The Normalized compression distance and image distinguishability. In: The 19th IS&T/SPIE Symposium on Electronic Imaging Science and Technology, San Jose, vol. 6492, p. 64921D (2007).
[12]
Mortensen, J., Wu, J.J., Furst, J., Rogers, J., Raicu, D.: Effect of Image Linearization on Normalized Compression Distance. SIP (Signal Processing, Image Processing and Pattern Recognition) 61, 106-116 (2009).
[13]
The Unicode Standard Version 6.0.0, http://www.unicode.org/versions/Unicode6.0.0/
Recommendations
PwdIP-Hash: A Lightweight Solution to Phishing and Pharming Attacks
NCA '10: Proceedings of the 2010 Ninth IEEE International Symposium on Network Computing and ApplicationsWe present a novel lightweight password-based solution that safeguards users from Phishing and Pharming attacks. The proposed authentication relies on a hashed password, which is the hash value of the user-typed password and the authentication server’s ...
A phishing analysis of web based systems
ICCCS '11: Proceedings of the 2011 International Conference on Communication, Computing & SecurityPhishing is form of identity theft that uses the social engineering techniques and sophisticated attack vectors to harvest financial information from unsuspecting consumers. It is a kind of attack in which phishers use spoofed emails and fraudulent web ...
Security vulnerabilities and mitigation techniques of web applications
SIN '13: Proceedings of the 6th International Conference on Security of Information and NetworksWeb applications contain vulnerabilities, which may lead to serious security breaches such as stealing of confidential information. To protect against security breaches, it is necessary to understand the detailed steps of attacks and the pros and cons ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 13 October 2011
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 10 Nov 2024
Other Metrics
Citations
Cited By
View all- Xu ZMiller J(2016)Identifying semantic blocks in Web pages using Gestalt laws of groupingWorld Wide Web10.1007/s11280-015-0370-019:5(957-978)Online publication date: 1-Sep-2016