Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures

Adelsbach, André; Gajek, Sebastian; Schwenk, Jörg

doi:10.1007/978-3-540-31979-5_18

Cited by 29 publications

(47 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By using official-looking logos or address bars with the typical padlock icon demonstrating encrypted communication, users can be fooled into believing they are on a secure website and entering sensitive information which the user will steal [Adelsbach et al 2005]. …”

Section: Ap1 Es2mentioning

confidence: 99%

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

2015

View full text Add to dashboard Cite

Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that employ a variety of attack vectors and strategies to psychologically manipulate a user. Semantic attacks are the specific type of social engineering attacks that bypass technical defences by actively manipulating object characteristics, such as platform or system applications, to deceive rather than directly attack the user. Commonly observed examples include obfuscated URLs, phishing emails, drive-by downloads, spoofed websites and scareware to name a few. This paper presents a taxonomy of semantic attacks, as well as a survey of applicable defences. By contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix, we identify the areas where further research can be particularly beneficial.

show abstract

Section: Ap1 Es2mentioning

confidence: 99%

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

2015

View full text Add to dashboard Cite

show abstract

“…For example, SSLock [37] intelligently makes the final decision on behalf of users. Adelsbach et al [38] and Xia et al [39] improved the human interface to make users be clearly aware when suspicious certificates are detected by browsers.…”

Section: Related Workmentioning

confidence: 99%

On the Detection of Fake Certificates via Attribute Correlation

2015

Entropy

View full text Add to dashboard Cite

Transport Layer Security (TLS) and its predecessor, SSL, are important cryptographic protocol suites on the Internet. They both implement public key certificates and rely on a group of trusted certificate authorities (i.e., CAs) for peer authentication. Unfortunately, the most recent research reveals that, if any one of the pre-trusted CAs is compromised, fake certificates can be issued to intercept the corresponding SSL/TLS connections. This security vulnerability leads to catastrophic impacts on SSL/TLS-based HTTPS, which is the underlying protocol to provide secure web services for e-commerce, e-mails, etc. To address this problem, we design an attribute dependency-based detection mechanism, called SSLight. SSLight can expose fake certificates by checking whether the certificates contain some attribute dependencies rarely occurring in legitimate samples. We conduct extensive experiments to evaluate SSLight and successfully confirm that SSLight can detect the vast majority of fake certificates issued from any trusted CAs if they are compromised. As a real-world example, we also implement SSLight as a Firefox add-on and examine its capability of exposing existent fake certificates from DigiNotar and Comodo, both of which have made a giant impact around the world.

show abstract

“…However, a weird image may also alert the client that an attack is under way. Moreover, Horton et al [7] and Paoli et al [8] adopted the patch method.…”

Section: Related Workmentioning

confidence: 99%

“…Our solution has some following advantages compared with the previous countermeasures: (1) Relax user's burden: our solution aims to remove the burden of the users by automating the process of detection and recognition of the web-spoofing for SSL-enabled communication; (2) Ease of usage: this scheme has little intrusive on the browser while other countermeasures may disable Java Script, pop-up windows (e.g., [9])or change the color of the boundaries (e.g., [6]); (3) Machineindependent: This scheme can be implemented in trusted PC at Internet Cafe without requiring personal folders with individually chosen background bitmaps (e.g., [8]). …”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Preventing Web-Spoofing with Automatic Detecting Security Indicator

Bao

et al. 2006

Information Security Practice and Experience

View full text Add to dashboard Cite

Abstract. The anti-spoofing community has been intensively proposing new methods for defending against new spoofing techniques. It is still challenging for protecting naïve users from advanced spoofing attacks. In this paper, we analyze the problems within those anti-spoofing mechanisms and propose a new Automatic Detecting Security Indicator (ADSI) scheme. This paper describe the trust model in ADSI in detail firstly. In a secure transaction, ADSI may generate a random picture and embed it into the current web browser. This can be triggered by any security relevant event occurred on the browser, and then performs automatic checking on current active security status. When a mismatch of embedded images is detected, an alarm goes off to alert the users. Since an adversary is hard to replace or mimic the randomly generated picture, the web-spoofing attack can not be mounted. In comparison with existing proposals, our scheme has the weakest security assumption and places a very low burden on the computer by automating the process of detection and recognition of the web-spoofing for SSL-enabled communication. Moreover, this scheme has little intrusive on the browser. Finally, this scheme can be implemented in trusted PC at Internet Cafe requiring neither Logo Certification Authority, nor the scheme of personalization.

show abstract

Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures

Cited by 29 publications

References 3 publications

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

On the Detection of Fake Certificates via Attribute Correlation

Preventing Web-Spoofing with Automatic Detecting Security Indicator

Contact Info

Product

Resources

About