Paper Info
Title
Bypassing Security Toolbars and Phishing Filters via DNS Poisoning
Abstract
Security toolbars are used to protect naive users against phishing attacks by displaying warnings on suspicious sites. Recently, Web browsers have added built-in phishing filters mimicking the same functionality to detect phishing sites. The present study proposes a new attack to bypass security toolbars and phishing filters via DNS poisoning. Spoofed DNS cache entries are used to forge the results provided to security toolbars and thus misleading information is displayed to the victim. Although there are several studies that demonstrate DNS poisoning attacks, none to our best knowledge, investigate whether such attacks can circumvent security toolbars or phishing filters. Four well-known security toolbars and three reputable browser built- in phishing filters are scrutinized. None of the seven tools detect the attack. Worse still, security toolbars provide the victim with false confirmative indicators that the phishing site is legitimate.
Year
DOI
Venue
2008
10.1109/GLOCOM.2008.ECP.386
New Orleans, LO
Keywords
Field
DocType
Internet,computer crime,information filters,online front-ends,DNS poisoning,Web browsers,phishing filters,security toolbars,spoofed DNS cache
World Wide Web,Spoofing attack,Web browser,Phishing,Cache,Computer security,Computer science,Cryptography,Server,DNS spoofing,The Internet
Conference
ISSN
ISBN
Citations 
1930-529X
978-1-4244-2324-8
4
PageRank 
References 
Authors
0.57
4
3
Name
Order
Citations
PageRank
Saeed Abu-Nimeh130316.70
Suku Nair214012.00
Abu-Nimeh, S.340.57