Paper Info
Title
Circumventing security toolbars and phishing filters via rogue wireless access points
Abstract
One of the solutions that has been widely used by naive users to protect against phishing attacks is security toolbars or phishing filters in web browsers. The present study proposes a new attack to bypass security toolbars and phishing filters via local DNS poisoning without the need of an infection vector. A rogue wireless access point (AP) is set up, poisoned DNS cache entries are used to forge the results provided to security toolbars, and thus misleading information is displayed to the victim. Although there are several studies that demonstrate DNS poisoning attacks, none to our best knowledge investigate whether such attacks can circumvent security toolbars or phishing filters. Five well-known security toolbars and three reputable browser built-in phishing filters are scrutinized, and none of them detect the attack. So ineptly, security toolbars provide the victim with false confirmative indicators that the phishing site is legitimate. Copyright © 2009 John Wiley & Sons, Ltd. A rogue wireless access point is set up and poisoned DNS cache entries are used in a local DNS poisoning attack to bypass five well-known security toolbars and three reputable browser built-in phishing filters.
Year
DOI
Venue
2010
10.1002/wcm.v10:8
Wireless Communications and Mobile Computing
Keywords
Field
DocType
DNS poisoning,evil twin,pharming,phishing,security toolbars
World Wide Web,Wireless,Phishing,Pharming,Computer science,Cache,Computer security,Computer network,Wireless access point,Evil twin,Spamming,DNS spoofing
Journal
Volume
Issue
Citations 
10
8
0
PageRank 
References 
Authors
0.34
5
2
Name
Order
Citations
PageRank
Saeed Abu-Nimeh130316.70
Suku Nair214012.00