Research Article

Client - Side Pharming Attacks Detection using Authoritative Domain Name Servers

by  Ibrahim S. Alfayoumi, Tawfiq S. Barhoom
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 113 - Issue 10
Published: March 2015
Authors: Ibrahim S. Alfayoumi, Tawfiq S. Barhoom
10.5120/19862-1820
PDF

Ibrahim S. Alfayoumi, Tawfiq S. Barhoom . Client - Side Pharming Attacks Detection using Authoritative Domain Name Servers. International Journal of Computer Applications. 113, 10 (March 2015), 26-31. DOI=10.5120/19862-1820 

                        @article{ 10.5120/19862-1820,
                        author  = { Ibrahim S. Alfayoumi,Tawfiq S. Barhoom },
                        title   = { Client - Side Pharming Attacks Detection using Authoritative Domain Name Servers },
                        journal = { International Journal of Computer Applications },
                        year    = { 2015 },
                        volume  = { 113 },
                        number  = { 10 },
                        pages   = { 26-31 },
                        doi     = { 10.5120/19862-1820 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2015
                        %A Ibrahim S. Alfayoumi
                        %A Tawfiq S. Barhoom
                        %T Client - Side Pharming Attacks Detection using Authoritative Domain Name Servers%T 
                        %J International Journal of Computer Applications
                        %V 113
                        %N 10
                        %P 26-31
                        %R 10.5120/19862-1820
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

Pharming attacks can be performed at the client-side or into the internet. In pharming attack, attackers need not targeting individual user. If pharming is performed by modifying the DNS entries, than it will be affecting to all users who is accessing the web page through that DNS. We propose an approach to protect user at client-side from pharming attacks by comparing IP addresses, using information provided by local DNS server and a list of IP's provided by the domain's Authenticated Name Servers which are the most trusted DNS servers for a domain.

References
  • Name server, Wikipedia the free encyclopedia, Dec. 2014, [online]; available: http://en. wikipedia. org/wiki/Name_server
  • G. Ollman,"The Pharming Guide," Oct. 2014, [online]; available: http://www. technicalinfo. net/papers/Pharming. html
  • Jayshree Patel, Prof. S. D. Panchal, A survey on Pharming attack Detection and prevention methodology, IOSR Journal of Computer Engineering (IOSR-JCE), e-ISSN: 2278-0661, p-ISSN:2278-8727Volume 9, Issue 1 (Jan. -Feb. 2013), PP66-72
  • C. Jackson, A. Barth, A. Botz, W. Shao, et D. Boneh, "Protecting browsers from DNS rebinding attacks," ACM,vol. 3, Issue 1, Jan. 2009.
  • S. Stamm, Z. Ramzan, et Jakobsson Markus,"Drive-By Pharming", Proceedings of the 9th international conference onInformation and communications security, Zhengzhou, China: ACM, 2007, p. 495-506.
  • Gastellier-Prevost, S. ; Granadillo, G. G. ; Laurent, M. , A dual approach to detect pharming attacks at the client-side, IEEE 2011, p. 1- 5.
  • Chih Sheng Chen, Shr-An-Su,Yi-Chan Hung,Jun. 7,2011, Protecting computer users from online fraud, US patent number US7,85,555 B1
  • Chao-Yu Chen,Tse-Min hen,Aug. 14, 2012, Autonomous system based Phishing and Pharming Detection,US patent number US 8,245,304 B1
  • Jung Min KANG,Do Hoon LEE,Eng Ki PARK,Choon Sik PARK,FEB. 26,2009 Method and apparatus for providing phishing and pharming Allerts,US patent number US 2009/0055928 A1
  • M. Hara, A. Yamada, et Y. Miyake, Visual similarity-based phishing detection without victim site information,"Nashville, Tennessee, USA: IEEE, 2009, p. 30-36.
  • Gastellier-Prevost, S. ; Laurent, M. , Defeating pharming attacks at client side, IEEE, 2011, p. 33-40.
  • G. Pavithra, D. S. John Deva Prasanna, Countering Phishing Threats using Visual Cryptography, International Journal of Science and Research (IJSR), India Online ISSN: 2319?7064, Volume 2 Issue 3, March 2013
  • Areej N. El-Buhaisi, Detection Model for Pharming attack based on Ip-Address Check and Website Predictability, Thesis for the degree of master of science in information technology, the Islamic university of Gaza, 2013.
  • Dig(1) - Linux Manual page, Dec. 2014,[online]; available: http://linux. die. net/man/1/dig
  • Moz top 500,Dec. 2014, [online]; available: http://moz. com/top500
  • DYN, The Case Against Free ISP DNS, Feb 2015,[online]; available: http://dyn. com/wp-content/uploads/2013/06/CaseAgainstFreeISPDNS. pdf
  • Excedo DNS, DYNECT, The Case Against Free ISP DNS, Jan 2015,[online]; available: http://www. excedodns. eu/images/excedodns/files/Case_Against_Free_ISP_DNS-EN-V1. pdf
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

DNS Pharming Client-Side Authoritative Name Server Detecting pharming attack

Powered by PhDFocusTM