ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
The methodology and an application to fight against Unicode attacks
Full text PdfPdf (454 KB)
Source ACM International Conference Proceeding Series; Vol. 149 archive
Proceedings of the second symposium on Usable privacy and security table of contents
Pittsburgh, Pennsylvania
SESSION: Catching phish table of contents
Pages: 91 - 101  
Year of Publication: 2006
ISBN:1-59593-448-0
Authors
Anthony Y. Fu  City University of Hong Kong, Hong Kong SAR and Massachusetts Institute of Technology, MA
Xiaotie Deng  City University of Hong Kong, Hong Kong SAR
Liu Wenyin  City University of Hong Kong, Hong Kong SAR
Greg Little  Massachusetts Institute of Technology, MA
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 79,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1143120.1143132
What is a DOI?

ABSTRACT

Unicode is becoming a dominant character representation format for information processing. This presents a very dangerous usability and security problem for many applications. The problem arises because many characters in the UCS (Universal Character Set) are visually and/or semantically similar to each other. This presents a mechanism for malicious people to carry out Unicode Attacks, which include spam attacks, phishing attacks, and web identity attacks. In this paper, we address the potential attacks, and propose a methodology for countering them. To evaluate the feasibility of our methodology, we construct a Unicode Character Similarity List (UC-SimList). We then implement a visual and semantic based edit distance (VSED), as well as a visual and semantic based Knuth-Morris-Pratt algorithm (VSKMP), to detect Unicode attacks. We develop a prototype Unicode attack detection tool, IDN-SecuChecker, which detects phishing weblinks and fake user name (account) attacks. We also introduce the possible practical use of Unicode attack detectors.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
ANSI, American Standard Code for Information Interchange, www.ansi.org.
 
2
Anti-Phishing Group of City University of Hong Kong, http://antiphishing.cs.cityu.edu.hk
 
3
Anti-Phishing Working Group, http://www.antiphishing.org.
 
4
Berners-Lee T., Fielding R., Masinter L., RFC 3986: Uniform Resource Identifier (URI): Generic Syntax, The Internet Society (2005), Jan. 2005.
5
Abdur Chowdhury , Ophir Frieder , David Grossman , Mary Catherine McCabe, Collection statistics for fast duplicate document detection, ACM Transactions on Information Systems (TOIS), v.20 n.2, p.171-191, April 2002  [doi>10.1145/506309.506311]
6
Rachna Dhamija , J. D. Tygar , Marti Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada  [doi>10.1145/1124772.1124861]
7
Rachna Dhamija , J. D. Tygar, The battle against phishing: Dynamic Security Skins, Proceedings of the 2005 symposium on Usable privacy and security, p.77-88, July 06-08, 2005, Pittsburgh, Pennsylvania  [doi>10.1145/1073001.1073009]
 
8
Duerst M., Suignard M., RFC 3987: Internationalized Resource Identifiers (IRIs), The Internet Society (2005), Jan. 2005.
 
9
Fu A. Y., Web Link Illustrator Demo for Microsoft IE, www.mit.edu/~ayf
 
10
Fu A. Y., Deng X., Liu W., A Potential IRI based Phishing Strategy, in the Proceedings of 6th International Conference on Web Information Systems Engineering, LNCS Volume 3806, pages 618--619, 2005
 
11
Fu A. Y., Liu W., Deng X., EMD based Visual Similarity for Detection of Phishing Webpages, in Proceedings of International Workshop on Web Document Analysis 2005, 2005.
12
Evgeniy Gabrilovich , Alex Gontmakher, The homograph attack, Communications of the ACM, v.45 n.2, February 2002  [doi>10.1145/503124.503156]
13
Simson L. Garfinkel , Robert C. Miller, Johnny 2: a user test of key continuity management with S/MIME and Outlook Express, Proceedings of the 2005 symposium on Usable privacy and security, p.13-24, July 06-08, 2005, Pittsburgh, Pennsylvania  [doi>10.1145/1073001.1073003]
 
14
Timothy C. Hoad , Justin Zobel, Methods for identifying versioned and plagiarized documents, Journal of the American Society for Information Science and Technology, v.54 n.3, p.203-215, February 1, 2003  [doi>10.1002/asi.10170]
 
15
ICANN, http://www.icann.org/topics/idn/implementation-guidelines.htm
 
16
ICANN. http://www.icann.org/
 
17
Jakobsson M., Modeling and Preventing Phishing Attacks, Phishing Panel of Financial Cryptography, 2005.
 
18
Paul B. Kantor , Ellen M. Voorhees, The TREC-5 Confusion Track: Comparing Retrieval Methods for Scanned Text, Information Retrieval, v.2 n.2-3, p.165-176, May 2000
 
19
Knuth D., Morris J. H., and Pratt V., Fast pattern matching in strings. SIAM Journal on Computing, 6(2):323--C350. 1977. Citations. Original publication.
 
20
Levenshtein V. I., Binary codes capable of correcting deletions, insertions, and reversals, Cybernetics and Control Theory, Volume 10, pages 707--710, 1966.
 
21
Wenyin Liu , Xiaotie Deng , Guanglin Huang , Anthony Y. Fu, An Antiphishing Strategy Based on Visual Similarity Assessment, IEEE Internet Computing, v.10 n.2, p.58-65, March 2006  [doi>10.1109/MIC.2006.23]
 
22
Microsoft, Arial Unicode MS, Version 1.01, 2000.
 
23
Microsoft, Description of the Arial Unicode MS font in Word 2002, http://support.microsoft.com/kb/q287247.
 
24
Nanno T., Saito S., and Okumura M., Structuring Webpages based on repetition of elements, in Proceedings of the 7th International Conference on Document Analysis and Recognition, 2003.
 
25
Needleman S. and Wunsch C., A general method applicable to the search for similarities in the amino acid sequence of two proteins, Journal of Molecular Biology, 48(3):443--453, 1970.
 
26
Netscape, http://wp.netscape.com/eng/ssl3.
 
27
The Unicode Consortium, http://www.unicode.org.
 
28
Wood L., Document Object Model (DOM) Level 1 Specification, http://www.w3.org/TR/REC-DOM-Level-1.
29
Min Wu , Robert C. Miller , Simson L. Garfinkel, Do security toolbars actually prevent phishing attacks?, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada  [doi>10.1145/1124772.1124863]

CITED BY
Changwei Liu , Sid Stamm, Fighting unicode-obfuscated spam, Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit, p.45-59, October 04-05, 2007, Pittsburgh, Pennsylvania

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)


General Terms:
Legal Aspects, Security, Verification


Keywords:
Unicode, phishing, secure web identity, spam

Collaborative Colleagues:
Anthony Y. Fu: colleagues
Xiaotie Deng: colleagues
Liu Wenyin: colleagues
Greg Little: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2008 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player