{"title":"防御常见的网络攻击:网络钓鱼和跨站点脚本","authors":"A. Pathan","doi":"10.1109/ISPS.2018.8378960","DOIUrl":null,"url":null,"abstract":"Social engineering is a very common method of deceiving people in the Cyberspace. Phishing is one of the most common attacks that the social engineers use to trick the users to reveal their confidential information. While various types of security schemes and Intrusion Detection Systems (IDSs) may be employed to mitigate other types of cyber-attacks, phishing cannot be thwarted only by using those, even if the techniques are sophisticated. This is because, often the human mistakes are involved in the process of leakage of confidential data and information. Hence, awareness of the issue and controlled cyber behavior would be key to defending against phishing type attack. Another cyber-attack, Cross-Site Scripting (XSS) could also be tackled efficiently by using some Content Security Policy (CSP) which would work alongside the traditionally used security and defense mechanisms. The purpose of this talk is to share some research findings in these and relevant areas. Also, some information would be shared for the general readers of the topic. We would like to explore how the major portion of these types of attacks could be thwarted or mitigated just by observing some precautions while interacting in the Cyberspace.","PeriodicalId":294761,"journal":{"name":"2018 International Symposium on Programming and Systems (ISPS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Defending against common cyber attacks: Phishing and cross-site scripting\",\"authors\":\"A. Pathan\",\"doi\":\"10.1109/ISPS.2018.8378960\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Social engineering is a very common method of deceiving people in the Cyberspace. Phishing is one of the most common attacks that the social engineers use to trick the users to reveal their confidential information. While various types of security schemes and Intrusion Detection Systems (IDSs) may be employed to mitigate other types of cyber-attacks, phishing cannot be thwarted only by using those, even if the techniques are sophisticated. This is because, often the human mistakes are involved in the process of leakage of confidential data and information. Hence, awareness of the issue and controlled cyber behavior would be key to defending against phishing type attack. Another cyber-attack, Cross-Site Scripting (XSS) could also be tackled efficiently by using some Content Security Policy (CSP) which would work alongside the traditionally used security and defense mechanisms. The purpose of this talk is to share some research findings in these and relevant areas. Also, some information would be shared for the general readers of the topic. We would like to explore how the major portion of these types of attacks could be thwarted or mitigated just by observing some precautions while interacting in the Cyberspace.\",\"PeriodicalId\":294761,\"journal\":{\"name\":\"2018 International Symposium on Programming and Systems (ISPS)\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Symposium on Programming and Systems (ISPS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISPS.2018.8378960\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Symposium on Programming and Systems (ISPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISPS.2018.8378960","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Defending against common cyber attacks: Phishing and cross-site scripting
Social engineering is a very common method of deceiving people in the Cyberspace. Phishing is one of the most common attacks that the social engineers use to trick the users to reveal their confidential information. While various types of security schemes and Intrusion Detection Systems (IDSs) may be employed to mitigate other types of cyber-attacks, phishing cannot be thwarted only by using those, even if the techniques are sophisticated. This is because, often the human mistakes are involved in the process of leakage of confidential data and information. Hence, awareness of the issue and controlled cyber behavior would be key to defending against phishing type attack. Another cyber-attack, Cross-Site Scripting (XSS) could also be tackled efficiently by using some Content Security Policy (CSP) which would work alongside the traditionally used security and defense mechanisms. The purpose of this talk is to share some research findings in these and relevant areas. Also, some information would be shared for the general readers of the topic. We would like to explore how the major portion of these types of attacks could be thwarted or mitigated just by observing some precautions while interacting in the Cyberspace.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
