-
- Sawabe Yuta
- Waseda University
-
- Chiba Daiki
- NTT Secure Platform Laboratories
-
- Akiyama Mitsuaki
- NTT Secure Platform Laboratories
-
- Goto Shigeki
- Waseda University
抄録
<p>Currently, many attacks are targeting legitimate domain names. In homograph attacks, attackers exploit human visual misrecognition, thereby leading users to visit different (fake) sites. These attacks involve the generation of new domain names that appear similar to an existing legitimate domain name by replacing several characters in the legitimate name with others that are visually similar. Specifically, internationalized domain names (IDNs), which may contain non-ASCII characters, can be used to generate/register many similar IDNs (homograph IDNs) for their application as phishing sites. A conventional method of detecting such homograph IDNs uses a predefined mapping between ASCII and similar non-ASCII characters. However, this approach has two major limitations: (1) it cannot detect homograph IDNs comprising characters that are not defined in the mapping and (2) the mapping must be manually updated. Herein, we propose a new method for detecting homograph IDNs using optical character recognition (OCR). By focusing on the idea that homograph IDNs are visually similar to legitimate domain names, we leverage OCR techniques to recognize such similarities automatically. Further, we compare our approach with a conventional method in evaluations employing 3.19 million real (registered) and 10, 000 malicious IDNs. Results reveal that our method can automatically detect homograph IDNs that cannot be detected when using the conventional approach.</p>
収録刊行物
-
- Journal of Information Processing
-
Journal of Information Processing 27 (0), 536-544, 2019
一般社団法人 情報処理学会
- Tweet
キーワード
詳細情報 詳細情報について
-
- CRID
- 1390282752326308480
-
- NII論文ID
- 130007706943
-
- ISSN
- 18826652
-
- 本文言語コード
- ja
-
- データソース種別
-
- JaLC
- Crossref
- CiNii Articles
-
- 抄録ライセンスフラグ
- 使用不可