题名 | Preventing web-spoofing with automatic detecting security indicator |
作者 | |
发表日期 | 2006 |
会议名称 | 2nd International Conference on Information Security Practice and Experience, ISPEC 2006 |
会议录名称 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
![]() |
ISBN | 3540330526; 9783540330523 |
ISSN | 0302-9743; 1611-3349 |
卷号 | 3903 |
页码 | 112-122 |
会议日期 | APR 11-14, 2006 |
会议地点 | Hangzhou, China |
摘要 | The anti-spoofing community has been intensively proposing new methods for defending against new spoofing techniques. It is still challenging for protecting naïve users from advanced spoofing attacks. In this paper, we analyze the problems within those anti-spoofing mechanisms and propose a new Automatic Detecting Security Indicator (ADSI) scheme. This paper describe the trust model in ADSI in detail firstly. In a secure transaction, ADSI may generate a random picture and embed it into the current web browser. This can be triggered by any security relevant event occurred on the browser, and then performs automatic checking on current active security status. When a mismatch of embedded images is detected, an alarm goes off to alert the users. Since an adversary is hard to replace or mimic the randomly generated picture, the web-spoofing attack can not be mounted. In comparison with existing proposals, our scheme has the weakest security assumption and places a very low burden on the computer by automating the process of detection and recognition of the web-spoofing for SSL-enabled communication. Moreover, this scheme has little intrusive on the browser. Finally, this scheme can be implemented in trusted PC at Internet Cafe requiring neither Logo Certification Authority, nor the scheme of personalization. © Springer-Verlag Berlin Heidelberg 2006. |
关键词 | Automatic Detecting Security Indicator SSL Web Spoofing |
DOI | 10.1007/11689522_11 |
URL | 查看来源 |
收录类别 | SCIE ; CPCI-S |
语种 | 英语English |
WOS研究方向 | Computer Science |
WOS类目 | Computer Science, Information Systems ; Computer Science, Theory & Methods |
WOS记录号 | WOS:000237227700011 |
引用统计 | |
文献类型 | 会议论文 |
条目标识符 | https://repository.uic.edu.cn/handle/39GCC9TT/4594 |
专题 | 个人在本单位外知识产出 |
作者单位 | 1.School of Information Science and Engineering, Central South University, Changsha 410083, China 2.Institute for Infocomm Research, 21, Heng Mui Keng Terrace, 119613, Singapore, Singapore |
推荐引用方式 GB/T 7714 | Qi, Fang,Bao, Feng,Li, Tieyanet al. Preventing web-spoofing with automatic detecting security indicator[C], 2006: 112-122. |
条目包含的文件 | 条目无相关文件。 |
个性服务 |
查看访问统计 |
谷歌学术 |
谷歌学术中相似的文章 |
[Qi, Fang]的文章 |
[Bao, Feng]的文章 |
[Li, Tieyan]的文章 |
百度学术 |
百度学术中相似的文章 |
[Qi, Fang]的文章 |
[Bao, Feng]的文章 |
[Li, Tieyan]的文章 |
必应学术 |
必应学术中相似的文章 |
[Qi, Fang]的文章 |
[Bao, Feng]的文章 |
[Li, Tieyan]的文章 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论