SYSTEM AND METHOD FOR DETECTING PHISHING-DOMAINS IN A SET OF DOMAIN NAME SYSTEM (DNS) RECORDS

SYSTEM AND METHOD FOR DETECTING PHISHING-DOMAINS IN A SET OF DOMAIN NAME SYSTEM (DNS) RECORDS

This document describes a system and method for detecting phishing-domains, which are used by cyber-attackers to carry out phishing attacks, in a set of Domain Name System (DNS) records, the system comprising a homoglyph phishing domain detection module, a typo-squatting phishing domain detection mo...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: HUANG, Yongcheng, CHAN, Jin Hao, CHEN, Xingru, LEE, Joon Sern, YAM, Gui Peng David
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
HANDLING RECORD CARRIERS
PHYSICS
PRESENTATION OF DATA
RECOGNITION OF DATA
RECORD CARRIERS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This document describes a system and method for detecting phishing-domains, which are used by cyber-attackers to carry out phishing attacks, in a set of Domain Name System (DNS) records, the system comprising a homoglyph phishing domain detection module, a typo-squatting phishing domain detection module, a general phishing domain detection module and an alert module. These modules are configured to collaboratively detect and identify phishing-domains from the set of DNS records using a combination of homoglyph, typo-squatting and general phishing domain techniques. Subsequently, an alert module may be used to correlate the alerts from the various phishing detection modules to discover phishing campaigns occurring in DNS network data.