The homograph attack

@article{Gabrilovich2002TheHA,
  title={The homograph attack},
  author={Evgeniy Gabrilovich and Alex Gontmakher},
  journal={Commun. ACM},
  year={2002},
  volume={45},
  pages={128}
}
Computing veterans remember an old habit of crossing zeros (O) in program listings to avoid confusing them with the letter O, in order to make sure the operator would type the program correctly into the computer. This habit, once necessary, has long been rendered obsolete by the increased availability of editing tools. However, the underlying problem of character resemblance is still there. Today it seems we may have to acquire a similar habit, this time to address an issue much more… 
View on ACM
cs.technion.ac.il
117 Citations
Highly Influential Citations
5
Background Citations
64
Methods Citations
7
Results Citations
2

117 Citations

Computer and Intrusion Forensics

From the Publisher: A comprehensive and broad introduction to computer and intrusion forensics, this practical book helps you master the tools, techniques and underlying concepts you need to know,

Bad Characters: Imperceptible NLP Attacks

It is concluded that text-based NLP systems require careful input sanitization, just like conventional applications, and that given such systems are now being deployed rapidly at scale, the urgent attention of architects and operators is required.

Enhanced Classification Method for Homograph Attack Detection

This paper proposes an enhanced classification method for IDN homograph detection by utilizing the Structural Similarity Index (SSIM), and applies a multi-group-of-classifier method to the model, which can further increase the accuracy.

ShamFinder: An Automated Framework for Detecting IDN Homographs

This work developed a framework named "ShamFinder," which is an automated scheme to detect IDN homographs, and develops an automatic construction of a homoglyph database, which can be used for direct countermeasures against the attack and to inform users about the context of an IDNhomograph.

Safeguard against unicode attacks: generation and applications of UC-simlist

A solution based on the renowned Kernel Density Estimation (KDE) method to establish such a Unicode Similarity List (UC-SimList) based on evaluating the similarity of characters in UCS is developed.

A User-Friendly Two-Factor Authentication Method against Real-Time Phishing Attacks

This work proposes a novel 2FA system to counter RTP attacks, and shows that compared to other 2FA systems, PhotoAuth has several advantages, especially no special hardware or software support is needed on the client side except a phone, making it readily deployable.

An Empirical Analysis of SMS Scam Detection Systems

This study presents a new SMS scam dataset consisting of 153,551 SMSes, and evaluates and compares the performance achieved by several established machine learning methods on the new dataset, ranging from shallow machine learning approaches to deep neural networks to syntactic and semantic feature models.

The Biased Artist: Exploiting Cultural Biases via Homoglyphs in Text-Guided Image Generation Models

It is demonstrated that common multimodal models implicitly learned cultural biases that can be triggered and injected into the generated images by simply replacing single characters in the textual description with visually similar non-Latin characters.

ICSA: Intelligent chatbot security assistant using Text-CNN and multi-phase real-time defense against SNS phishing attacks

Information Integrity

Through formal information flow models, the data modification view, and the relationship to data quality, information integrity will be surveyed and illustrated for databases and information trustworthiness.
...