本文已被:浏览 1743次 下载 3092次
Received:February 02, 2010 Revised:March 04, 2010
Received:February 02, 2010 Revised:March 04, 2010
中文摘要: 反钓鱼技术是近年的研究热点。讨论了域名、域名系统与网络钓鱼攻击的联系,提出了一个基于可信域名的网络钓鱼治理框架。从三个不同区域采取措施保证域名及其应用的可信要素。介绍了框架内的关键技术、核心子系统,并与基于邮件的反钓鱼框架进行了比较。分析表明从基础资源着手解决网络钓鱼问题有着检测信息来源广泛、响应速度快、管理审计便捷的优势,对当前的互联网不良应用治理有着启发和借鉴意义。
Abstract:Anti-phishing technology has been a research hotspot in recent years. In this paper, the relationship of domain names, domain name system and phishing is discussed. A novel anti-phishing framework based on trustworthy domain names is put forward with methods to secure the trustworthy factors of domain name from three domains. Key technologies and subsystems are described subsequently, and a comparison is done with an email-based phishing webpage detection system. Analysis shows that address phishing issues from basic resources have the advantage of a wider range of information resources, a faster response time, a more convenient management system and an audit, which is also instructive for bad Internent governance.
文章编号: 中图分类号: 文献标志码:
基金项目:国家发展改革委员会CNGI项目(CNGI-09-03-04)
引用文本:
李海灵,王伟,毛伟.基于可信域名的网络钓鱼治理机制研究.计算机系统应用,2010,19(10):102-107
LI Hai-Ling,WANG Wei,MAO Wei.Anti-Phishing Method Based on Trustworthy Domain Names.COMPUTER SYSTEMS APPLICATIONS,2010,19(10):102-107
李海灵,王伟,毛伟.基于可信域名的网络钓鱼治理机制研究.计算机系统应用,2010,19(10):102-107
LI Hai-Ling,WANG Wei,MAO Wei.Anti-Phishing Method Based on Trustworthy Domain Names.COMPUTER SYSTEMS APPLICATIONS,2010,19(10):102-107