Trigger-based Blocking Mechanism for Access to Email-derived Phishing URLs with User Alert

Yong Jin, M. Tomoishi, N. Yamai
{"title":"Trigger-based Blocking Mechanism for Access to Email-derived Phishing URLs with User Alert","authors":"Yong Jin, M. Tomoishi, N. Yamai","doi":"10.1109/ICEIC57457.2023.10049906","DOIUrl":null,"url":null,"abstract":"Email is one of the important and indispensable Internet services, but in the meanwhile, the spread of emailderived phishing URLs has been one of the critical cyber threats for a long time. The security facilities in organization networks are suffering from monitoring and analyzing all traffic besides emails which consumes much computing resource. In this paper, we propose a trigger-based blocking mechanism for accessing the email-derived phishing URLs with user alert to protect the end users from phishing attacks. The proposed system practically uses the Domain Name System (DNS) and the Response Policy Zone (RPZ) feature to direct the triggered HTTP(S) access for the email-derived phishing URLs to a particular proxy. Then the HTTP(S) communication can be detected and blocked based on the users’ decisions by alerting them. A prototype for the proposed mechanism has been implemented and the preliminary feature evaluations in a local experimental network have been conducted. The evaluation results confirmed that all the HTTP(S) access for the email-derived phishing URLs was successfully directed to the pre-constructed particular HTTP(S) proxy, then an alert page was showed up to the end users, and the access was passed through or blocked based on the end users’ decisions.","PeriodicalId":373752,"journal":{"name":"2023 International Conference on Electronics, Information, and Communication (ICEIC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Electronics, Information, and Communication (ICEIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEIC57457.2023.10049906","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Email is one of the important and indispensable Internet services, but in the meanwhile, the spread of emailderived phishing URLs has been one of the critical cyber threats for a long time. The security facilities in organization networks are suffering from monitoring and analyzing all traffic besides emails which consumes much computing resource. In this paper, we propose a trigger-based blocking mechanism for accessing the email-derived phishing URLs with user alert to protect the end users from phishing attacks. The proposed system practically uses the Domain Name System (DNS) and the Response Policy Zone (RPZ) feature to direct the triggered HTTP(S) access for the email-derived phishing URLs to a particular proxy. Then the HTTP(S) communication can be detected and blocked based on the users’ decisions by alerting them. A prototype for the proposed mechanism has been implemented and the preliminary feature evaluations in a local experimental network have been conducted. The evaluation results confirmed that all the HTTP(S) access for the email-derived phishing URLs was successfully directed to the pre-constructed particular HTTP(S) proxy, then an alert page was showed up to the end users, and the access was passed through or blocked based on the end users’ decisions.
基于触发器的用户警报访问电子邮件来源的网络钓鱼url的阻止机制
电子邮件是重要的、不可缺少的互联网服务之一,但与此同时,电子邮件衍生的网络钓鱼url的传播长期以来一直是重要的网络威胁之一。组织网络中的安全设施正面临着对除电子邮件外的所有流量进行监控和分析的问题,这消耗了大量的计算资源。在本文中,我们提出了一种基于触发的阻止机制,用于用户警报访问电子邮件衍生的网络钓鱼url,以保护最终用户免受网络钓鱼攻击。建议的系统实际上使用域名系统(DNS)和响应策略区域(RPZ)功能,将触发的针对电子邮件派生的网络钓鱼url的HTTP(S)访问定向到特定的代理。然后,可以根据用户的决定,通过提醒用户来检测和阻止HTTP(S)通信。已经实现了该机制的原型,并在局部实验网络中进行了初步的特征评估。评估结果证实,所有针对电子邮件派生的网络钓鱼url的HTTP(S)访问都成功定向到预构建的特定HTTP(S)代理,然后向最终用户显示一个警告页面,并根据最终用户的决定通过或阻止访问。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信