期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络钓鱼的攻击方式与识别技术 被引量:1

Attack Mode of Phishing and Recognition Technology
下载PDF
导出
摘要 钓鱼网站是指攻击者利用各种手段仿冒正规的各类网站,目的是骗取用户的敏感信息,如用户的账号和密码,钓鱼网站已经严重威胁了用户的财产安全。本文通过分析网络钓鱼网站的攻击方式,阐述了网络钓鱼网站的识别方法,即根据钓鱼网站的网页的特征,构建钓鱼网站的特征向量,通过已有的钓鱼网站检测特征对识别钓鱼网站的贡献度,确定各个特征向量的权重,再根据这些特征向量比较检测网页的相似度,从而能够鉴别钓鱼网站。 Phishing website refers to those through which the attackers defraud users' sensitive information such as ID and password by counterfeiting regular websites with various means. The phishing websites have seriously threatened users' property safety. Through analyzing the attack mode of phishing website, the recognition methods are provided and that is: constructing feature vector according to the characteristics of the phishing website and determining the weight of each feature vector with the help of the contribution degree of the existing phishing website detecting feature. And then compare the similarity degree of the webpage to recognize phishing website.
作者 张国战
机构地区 广东省惠东县广播电视大学
出处 《价值工程》 2013年第34期164-165,共2页 Value Engineering
关键词 网络钓鱼 网页 特征值 识别 phishing webpage characteristic value recognition
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献4

  • 1Khonji M, Iraqi Y, Jones A. Lexieal url analysis for discriminating phishing and legitimate websites [C]//Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spare Conference. ACM,2011:109-115.
  • 2殷水军,刘嘉勇,刘亮.针对Web-mail邮箱的跨站网络钓鱼攻击的研究[J].通信技术,2010,43(8):164-166. 被引量:16
  • 3Afroz S, Greenstadt R. Phishzoo: Detecting phishing websites by looking at them[C]//Semantic Computing (ICSC), 2011 Fifth IEEE International Conference on. IEEE,2011:368-375.
  • 4mahmood Ali M, Rajamani L. APD:ARM Deceptive Phishing Detector System Phishing Detection in Instant Messengers Using Data Mining Approach [M]//Global Trends in Computing and Communication Systems. Springer Berlin Heidelberg,2012:490-502.

二级参考文献12

  • 1国家互联网应急中心.CNCERT/CC2008年上半年网络安全工作报告[EB/OL].[2009-05-04].http://www.cert.org.cn/UserFiles/File/CISR2008fh.pdf1.pdf.
  • 2HTTPOnly-OWASP. HTTPOnly[EB/OL]. (2009-08-15). [2009-08-15]. http://www. owasp. org/index. php/HTTPOnly#Browsers_ Supportin g_ HTTPOnly.
  • 3RSNAKE. XSS (Cross Site Scripting) Cheat Sheet Esp: for filter evasion [EB/OL]. (2009-08-15)[2009-08-15]. http://ha. ckers. org/xss. html.
  • 4NEXUS. Applying XSS to Phishing Attacks [EB/OL]. (2007-05-03) [2009-08-15]. http://www. xssed. com/article/5/Paper_ Applying _XSS _to _Phishing_Attacks/.
  • 5TIWARI S, BANSAL R, BANSAL D. Optimized Client Side Solution for Cross Site Scripting[J]. Networks, 2008(16):1.
  • 6HARTLEY D. Secure Ecommerce Web Application Design Principles Beyond PCI DSS[J].Computer Fraud & Security, 2009(06):13-17.
  • 7GOLLMANND. Securing Web Applications[J]. Information Security Technical Report, 2008(13):1-9.
  • 8Forte D. Anatomy of a Phishing Attack: A High-level Overview[J]. Network Security, 2009(04):17-19.
  • 9吴耀斌,王科,龙岳红.基于跨站脚本的网络漏洞攻击与防范[J].计算机系统应用,2008,17(1):38-40. 被引量:13
  • 10倪天华,朱程荣.网络钓鱼防御方法研究[J].计算机技术与发展,2008,18(9):115-118. 被引量:7

共引文献15

同被引文献4

引证文献1

二级引证文献2

价值工程
2013年 第34期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部