针对Web-mail邮箱的跨站网络钓鱼攻击的研究

客户端脚本植入攻击是近年来攻击者常用的一种攻击手段,给Web应用程序带来了相当大的安全隐患。介绍了跨站脚本攻击和网络钓鱼攻击的原理及防御。分析了两种攻击在获取用户信息时的不全面,从而提出了一种针对Web-mail邮箱的跨站网络钓鱼攻击方法。这种攻击方法结合了跨站脚本攻击和网络钓鱼攻击,不仅能够获取用户邮箱的cookie、账号及密码,而且还可以获取用户的个人相关信息。最后,针对提出的攻击方法给出了防御措施。     

无线网络的安全问题及应对措施研究

网络病毒和非法的攻击很容易就可以通过无线网络入侵各人计算机本地用户窃取网络信息。目前最常见的网络安全问题有无线钓鱼攻击、窃听无线用户信息、盗用无线网络。产生这些网络安全问题的原因有很多,其中最重要的原因就是用户安全问题十分的淡薄,直接经济价值遭到破解、无线网的工作方式特点。为了加强网络安全就要采取有利的策略。     

一种基于双向认证的网络钓鱼防范机制研究

随着互联网行业的迅速发展,日常生活方式在互联网上的真实投射,导致互联网诈骗已经成为一个越来越大的威胁。互联网诈骗存在多种方式,其中网络钓鱼就是互联网诈骗中威胁巨大且发展最快的一种。钓鱼攻击者最常用的一个薄弱环节就是:银行可以通过用户信息如用户名、密码等来确认用户的身份,但是用户无法通过关键信息确认银行的身份是否真实。对于防御网络钓鱼攻击,可靠的双向认证是至关重要的,服务商和用户双方应该建立起双向认证的关系。对此,文章提出了一个简单易用的双向认证模型。该双向认证模型将个体特征与智能卡相结合,利用用户的个体特征认证智能卡所有者的身份,同时将个体特征作为认证方案中随机数产生的种子以及密钥和口令生成的参数,解决服务器与用户的双向认证问题,从机理上对钓鱼攻击进行了防范。     

恶意网站

攻击者经常使用网站执行网络钓鱼攻击或分发恶意软件。恶意网站通常看上去完全合法,并且经常没有任何表露恶意性质的外部标志,甚至是经验丰富的计算机用户也看不出任何破绽。为了帮助用户避开恶意网页,Microsoft和其他浏览器供应商开发了一些筛选器来保持跟踪可托管恶意软件和网络钓鱼攻击的站点,并在用户尝试导航到这些站点时显示明显的警告。     

基于移动端虚假无线AP的钓鱼攻击及预防的软件研发

文章介绍了一种利用虚假无线AP的钓鱼攻击方法,攻击者可容易地架设伪接入点,诱骗用户连接进而窃取用户信息或对连接用户发动主动攻击。为了预防移动端也受到此类虚假无线AP钓鱼攻击,文章开发了一款用在移动端检测连接Wi Fi是否安全的软件,对连接的Wi Fi进行检测,可有效防止钓鱼攻击,保护个人信息安全。     

Web安全问答（8）

问：什么叫网络钓鱼 答：网络钓鱼（Phishing,？又名钓鱼法或钓鱼式攻击）是通过传播声称来自于银行或其他知名机构的欺骗信息,意图引诱受害者给出敏感信息（如用户名、口令、帐号ID、ATMPIN码或信用卡详细信息）的一种攻击方式。     

规避网络钓鱼给证券行业带来的安全风险

网上交易作为证券行业进行业务开展的主要手段之后,网上交易的安全性就成了人们日益关注的话题。在网上交易过程中,网络钓鱼攻击是一种重要的攻击方式。由于此方式的特殊性,导致被害用户损失严重。所以做好网络钓鱼的防范,对于证券行业具有很大的现实意义。这里从网络钓鱼的实施过程、社会危害及防范方法等几个角度,对网络钓鱼进行全面的阐述,详细描述了恶意分子如何引导用户去访问恶意网站,以及网络钓鱼的主要防范技术,如黑白名单检测技术、页面相似度检查技术,从技术角度和用户的上网行为角度,提出了相关的方法,尽量规避网络钓鱼技术给证券行业带来的安全风险。     

钓鱼防御技术的商业应用

目前网络钓鱼正逐渐取代蠕虫和木马。在业界的共同努力下,通过邮件过滤、电子邮件认证、PwdHash、SpoofGuard、SSL等技术,使得钓鱼攻击的增长趋势有所遏制。但钓鱼攻击又出现了一些新的变种,文章基于视觉相似性评估、信息转移控制系统等的数学模型,为防御和反击这些变种提出了新的解决路径。     

基于浏览器的钓鱼网站检测技术研究

目前,网络钓鱼攻击给互联网用户带来严重的威胁。为了应对这种威胁,许多软件厂商与组织提出了各种反钓鱼策略。论文针对基于浏览器的钓鱼网站检测技术进行了分析研究。     

电子邮件威胁

几乎所有互联网传送的电子邮件信息都是不必要的。如此大量不必要的电子邮件不仅要增加收信人的信箱和电子邮件服务提供商资源的负担,而且为电子邮件恶意软件攻击和网络钓鱼的扩散创造了环境。拦截垃圾邮件、网络钓鱼和其他电子邮件威胁已经成为电子邮件服务提供商、社交网络和其他网络社区的首要任务。     

A comprehensive survey of AI-enabled phishing attacks detection techniques

In recent times, a phishing attack has become one of the most prominent attacks faced by internet users, governments, and service-providing organizations. In a phishing attack, the attacker(s) collects the client’s sensitive data (i.e., user account login details, credit/debit card numbers, etc.) by using spoofed emails or fake websites. Phishing websites are common entry points of online social engineering attacks, including numerous frauds on the websites. In such types of attacks, the attacker(s) create website pages by copying the behavior of legitimate websites and sends URL(s) to the targeted victims through spam messages, texts, or social networking. To provide a thorough understanding of phishing attack(s), this paper provides a literature review of Artificial Intelligence (AI) techniques: Machine Learning, Deep Learning, Hybrid Learning, and Scenario-based techniques for phishing attack detection. This paper also presents the comparison of different studies detecting the phishing attack for each AI technique and examines the qualities and shortcomings of these methodologies. Furthermore, this paper provides a comprehensive set of current challenges of phishing attacks and future research direction in this domain.

     

Defending against phishing attacks: taxonomy of methods,current issues and future directions

Internet technology is so pervasive today, for example, from online social networking to online banking, it has made people’s lives more comfortable. Due the growth of Internet technology, security threats to systems and networks are relentlessly inventive. One such a serious threat is “phishing”, in which, attackers attempt to steal the user’s credentials using fake emails or websites or both. It is true that both industry and academia are working hard to develop solutions to combat against phishing threats. It is therefore very important that organisations to pay attention to end-user awareness in phishing threat prevention. Therefore, aim of our paper is twofold. First, we will discuss the history of phishing attacks and the attackers’ motivation in details. Then, we will provide taxonomy of various types of phishing attacks. Second, we will provide taxonomy of various solutions proposed in literature to protect users from phishing based on the attacks identified in our taxonomy. Moreover, we have also discussed impact of phishing attacks in Internet of Things (IoTs). We conclude our paper discussing various issues and challenges that still exist in the literature, which are important to fight against with phishing threats.     

恶意网址拦截技术的应用研究

在新技术、新应用的不断刺激下,各类网站应用服务如雨后春笋般不断涌现。伴随着互联网+产业的蓬勃发展,网络安全形势日益严峻。钓鱼电子邮件攻击持续高发、仿冒网站窃取用户个人隐私信息及诈骗用户钱财等时刻威胁着用户的合法权益。这种情况下,迫切需要建立一套全网恶意网址综合防范治理体系。因此,提出了一种针对多种应用场景下的恶意网址拦截方法,通过基于DNS Forward的恶意网址拦截、恶意短网址拦截、“拆链”技术在恶意网址拦截中的应用等技术手段,综合治理全网恶意网址访问行为。不仅提升了全网防护效果,而且有效减少了全网恶意访问流量。     

Defending the weakest link: phishing websites detection by analysing user behaviours

Phishing detection systems are principally based on the analysis of data moving from phishers to victims. In this paper we describe a novel approach for detecting phishing websites based on analysis of users’ online behaviours—i.e., the websites users have visited, and the data users have submitted to those websites. Such user behaviours can not be manipulated freely by attackers; detection based on those data can achieve high accuracy whilst being fundamentally resilient against changing deception methods.     

Circumventing security toolbars and phishing filters via rogue wireless access points

One of the solutions that has been widely used by naive users to protect against phishing attacks is security toolbars or phishing filters in web browsers. The present study proposes a new attack to bypass security toolbars and phishing filters via local DNS poisoning without the need of an infection vector. A rogue wireless access point (AP) is set up, poisoned DNS cache entries are used to forge the results provided to security toolbars, and thus misleading information is displayed to the victim. Although there are several studies that demonstrate DNS poisoning attacks, none to our best knowledge investigate whether such attacks can circumvent security toolbars or phishing filters. Five well‐known security toolbars and three reputable browser built‐in phishing filters are scrutinized, and none of them detect the attack. So ineptly, security toolbars provide the victim with false confirmative indicators that the phishing site is legitimate. Copyright © 2009 John Wiley & Sons, Ltd.     

You’ve got mail! Explaining individual differences in becoming a phishing target

Although phishing is a form of cybercrime that internet users get confronted with rather frequently, many people still get deceived by these practices. Since receiving phishing e-mails is an important prerequisite of victimization, this study focusses on becoming a phishing target. More precisely, we use an integrative lifestyle exposure model to study the effects of risky online routine activities that make a target more likely to come across a motivated offender. Insights of the lifestyle exposure model are combined with propensity theories in order to determine which role impulsivity plays in phishing targeting. To achieve these objectives, data collected in 2016 from a representative sample (n?=?723) were used. Support was found for a relationship between both online purchasing behavior and digital copying behavior, and phishing targeting. Moreover, a relationship was found between all online activities (except for online purchasing behavior) and impulsivity. The present study thus suggests that especially online shoppers and users who often share and use copied files online should be trained to deal with phishing attacks appropriately.