{"title":"基于触发器的用户警报访问电子邮件来源的网络钓鱼url的阻止机制","authors":"Yong Jin, M. Tomoishi, N. Yamai","doi":"10.1109/ICEIC57457.2023.10049906","DOIUrl":null,"url":null,"abstract":"Email is one of the important and indispensable Internet services, but in the meanwhile, the spread of emailderived phishing URLs has been one of the critical cyber threats for a long time. The security facilities in organization networks are suffering from monitoring and analyzing all traffic besides emails which consumes much computing resource. In this paper, we propose a trigger-based blocking mechanism for accessing the email-derived phishing URLs with user alert to protect the end users from phishing attacks. The proposed system practically uses the Domain Name System (DNS) and the Response Policy Zone (RPZ) feature to direct the triggered HTTP(S) access for the email-derived phishing URLs to a particular proxy. Then the HTTP(S) communication can be detected and blocked based on the users’ decisions by alerting them. A prototype for the proposed mechanism has been implemented and the preliminary feature evaluations in a local experimental network have been conducted. The evaluation results confirmed that all the HTTP(S) access for the email-derived phishing URLs was successfully directed to the pre-constructed particular HTTP(S) proxy, then an alert page was showed up to the end users, and the access was passed through or blocked based on the end users’ decisions.","PeriodicalId":373752,"journal":{"name":"2023 International Conference on Electronics, Information, and Communication (ICEIC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Trigger-based Blocking Mechanism for Access to Email-derived Phishing URLs with User Alert\",\"authors\":\"Yong Jin, M. Tomoishi, N. Yamai\",\"doi\":\"10.1109/ICEIC57457.2023.10049906\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Email is one of the important and indispensable Internet services, but in the meanwhile, the spread of emailderived phishing URLs has been one of the critical cyber threats for a long time. The security facilities in organization networks are suffering from monitoring and analyzing all traffic besides emails which consumes much computing resource. In this paper, we propose a trigger-based blocking mechanism for accessing the email-derived phishing URLs with user alert to protect the end users from phishing attacks. The proposed system practically uses the Domain Name System (DNS) and the Response Policy Zone (RPZ) feature to direct the triggered HTTP(S) access for the email-derived phishing URLs to a particular proxy. Then the HTTP(S) communication can be detected and blocked based on the users’ decisions by alerting them. A prototype for the proposed mechanism has been implemented and the preliminary feature evaluations in a local experimental network have been conducted. The evaluation results confirmed that all the HTTP(S) access for the email-derived phishing URLs was successfully directed to the pre-constructed particular HTTP(S) proxy, then an alert page was showed up to the end users, and the access was passed through or blocked based on the end users’ decisions.\",\"PeriodicalId\":373752,\"journal\":{\"name\":\"2023 International Conference on Electronics, Information, and Communication (ICEIC)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-02-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 International Conference on Electronics, Information, and Communication (ICEIC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICEIC57457.2023.10049906\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Electronics, Information, and Communication (ICEIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEIC57457.2023.10049906","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Trigger-based Blocking Mechanism for Access to Email-derived Phishing URLs with User Alert
Email is one of the important and indispensable Internet services, but in the meanwhile, the spread of emailderived phishing URLs has been one of the critical cyber threats for a long time. The security facilities in organization networks are suffering from monitoring and analyzing all traffic besides emails which consumes much computing resource. In this paper, we propose a trigger-based blocking mechanism for accessing the email-derived phishing URLs with user alert to protect the end users from phishing attacks. The proposed system practically uses the Domain Name System (DNS) and the Response Policy Zone (RPZ) feature to direct the triggered HTTP(S) access for the email-derived phishing URLs to a particular proxy. Then the HTTP(S) communication can be detected and blocked based on the users’ decisions by alerting them. A prototype for the proposed mechanism has been implemented and the preliminary feature evaluations in a local experimental network have been conducted. The evaluation results confirmed that all the HTTP(S) access for the email-derived phishing URLs was successfully directed to the pre-constructed particular HTTP(S) proxy, then an alert page was showed up to the end users, and the access was passed through or blocked based on the end users’ decisions.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
