Abstract
Visual spoofing has become a serious web security problem. The dramatic growth of using Unicode characters on the web has introduced new types of visual attacks. The main source of these attacks is the existence of many similar glyphs (characters) in the Unicode space which can be utilized by attackers to confuse users. Therefore, detecting visually similar characters is a very important issue in web security. In this paper, we explore an approach to defining the visual similarity between Unicode glyphs. The results of the experiments show that the proposed method can effectively detect the “amount” of similarity between a pair of Unicode glyphs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The Unicode Consortium.: The Unicode Standard, Version 5.0.0. Addison-Wesley, Boston (2007)
Unicode Security Considerations, http://unicode.org/reports/tr36/
Liu, W., Deng, X., Huang, G., Fu, A.Y.: An Anti-Phishing Strategy Based on Visual Similarity Assessment. J. IEEE Internet Computing. 10, 58–65 (2006)
Fu, A.Y., Liu, W., Deng, X.: Detecting Phishing Web Pages with Visual Similarity Assessment based on Earth Mover’s Distance (EMD). J. IEEE Transactions on Dependable and Secure Computing 3, 301–311 (2006)
Costello, A.: RFC 3492 - Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA), IETF (2003)
Krammer, V.: Phishing defense against IDN address spoofing attacks. In: Proceedings of the 2006 International Conference on Privacy, Security and Trust (PST 2006), New York (2006)
Fu, A.Y., Deng, X., Wenyin, L.: REGAP: A tool sfor Unicode-based web identity fraud detection. J. Digital Forensic Practice 1, 83–97 (2006)
Cilibrasi, R., Vitanyi, P.: Clustering by compression. J. IEEE Transactions on Information Theory 51, 1523–1545 (2005)
Li, M., Vitányi, P.M.B.: An Introduction to Kolmogorov Complexity and its Applications. Springer, New York (1997)
Chen, T.C.: Detecting Visually Similar Web Pages: Application to Phishing Detection. Thesis (PhD). University of Alberta (2010)
Tran, N.: The Normalized compression distance and image distinguishability. In: The 19th IS&T/SPIE Symposium on Electronic Imaging Science and Technology, San Jose, vol. 6492, p. 64921D (2007)
Mortensen, J., Wu, J.J., Furst, J., Rogers, J., Raicu, D.: Effect of Image Linearization on Normalized Compression Distance. SIP (Signal Processing, Image Processing and Pattern Recognition) 61, 106–116 (2009)
The Unicode Standard Version 6.0.0, http://www.unicode.org/versions/Unicode6.0.0/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Roshanbin, N., Miller, J. (2011). Finding Homoglyphs - A Step towards Detecting Unicode-Based Visual Spoofing Attacks. In: Bouguettaya, A., Hauswirth, M., Liu, L. (eds) Web Information System Engineering – WISE 2011. WISE 2011. Lecture Notes in Computer Science, vol 6997. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24434-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-24434-6_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24433-9
Online ISBN: 978-3-642-24434-6
eBook Packages: Computer ScienceComputer Science (R0)