Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Cutting through the Confusion: A Measurement Study of Homograph Attacks

Summary: Cutting through the Confusion:
A Measurement Study of Homograph Attacks
Tobias Holgers, David E. Watson, and Steven D. Gribble
Department of Computer Science & Engineering
University of Washington
1 Introduction
Domain names are crucial to the usability of the Web, but
the same characteristics that make them useful to people
also make them vulnerable to attack. When a user fol-
lows a hyperlink, the domain name within the URL pro-
vides her with the first and most important indication of
the identity of the organization with which she will inter-
act. If the user is fooled into misreading a domain name,
she will believe she is interacting with one organization,
but she might actually be interacting with an attacker. By
spoofing the content of the user's intended destination,
the attacker might trick the user into revealing sensitive
information. In this scenario, SSL is no help to the vic-
tim, since the attacker could obtain a valid certificate for
the confused domain name.


Source: Anderson, Richard - Department of Computer Science and Engineering, University of Washington at Seattle


Collections: Computer Technologies and Information Sciences