Sistema de detecção de phishing com base em query DNS

Authors

DOI:

https://doi.org/10.5902/2448190485266

Keywords:

Phishing, Phishing Detection, DNS, cyber security

Abstract

The phenomenon of phishing attacks is an issue that has persisted in society for more than two decades, affecting an increasing number of victims over the years. In light of this enduring challenge, researchers have been dedicated to creating efficient solutions for the detection and mitigation of this type of attack. In this context, the present work proposes the development and demonstration of a phishing detection system designed for ARM systems, offering an easily deployable implementation through Docker technology. Furthermore, the system utilizes the log service of a DNS server as an integral part of its detection strategy. This initiative aims to contribute to cyber protection by providing a robust and practical approach to the identification and prevention of phishing attempts, thereby seeking to reduce this growing problem.

Downloads

Download data is not yet available.

Author Biographies

Antonio S Montagner, Universidade Federal de Santa Catarina

Graduation student at the Federal University of Santa Catarina (UFSC) and fellow at PET Computação - UFSC.

Carla Merkle Westphall, Universidade Federal de Santa Catarina

.

Rômulo Augusto Oliveira Cruz Bittencourt de Almeida, Universidade Federal de Santa Catarina

.

Guilherme Eliseu Rhoden, Rede Nacional de Ensino e Pesquisa

.

References

Aleroud, A. and Zhou, L. (2017). Phishing environments, techniques, and countermeasu- DOI: https://doi.org/10.1016/j.cose.2017.04.006

res: A survey. Computers & Security, 68:160–196.

ARM, L. (2014). Arm architecture reference manual, armv7-a and armv7-r edition. Dis-

pon´ıvel em: https://developer.arm.com/documentation/ddi0406/

latest/. Acessado em Setembro de 2023.

Chiew, K. L., Yong, K. S. C., and Tan, C. L. (2018). A survey of phishing attacks: Their

types, vectors and technical approaches. Expert Systems with Applications, 106:1–20.

da Silva, C. M. R., Feitosa, E. L., and Garcia, V. C. (2020). Heuristic-based strategy for

phishing prediction: A survey of url-based approach. Computers & Security, 88.

de Almeida, R. A. O. C. B. (2022). Heuristic phishing detection based on web crawling

and user behaviour monitoring with a deterministic approach for cybersecurity.

Docker, I. (2023). Docker overview. Dispon´ıvel em: https://docs.docker.com/

get-started/overview/. Acessado em Setembro de 2023.

Internet Systems Consortium, I. (2023). Bind 9 administrator reference ma-

nual. Dispon´ıvel em: https://bind9.readthedocs.io/en/v9.18.14/

chapter1.html. Acessado em Setembro de 2023.

James, L. (2006). Chapter 1 - banking on phishing. In James, L., editor, Phishing Exposed, DOI: https://doi.org/10.1016/B978-159749030-6/50006-4

pages 1–35. Syngress, Burlington.

Montagner, A. S. and Westphall, C. M. (2022). Uma breve an´alise sobre phishing. Revista DOI: https://doi.org/10.5902/2448190471731

ComInG-Communications and Innovations Gazette, 6(1):46–56.

Network Working Group, I. (1987). Domain names - concepts and facilities. Dispon´ıvel

em: https://www.ietf.org/rfc/rfc1034.txt. Acessado em Setembro de

Python Software Foundation, I. (2022). What is python? executive summary. Dis-

pon´ıvel em: https://www.python.org/doc/essays/blurb/. Acessado

em Setembro de 2023.

SolidRun (2017). Cubox-i – the little computer that can. Dispon´ıvel em: https:

//www.solid-run.com/wiki/lib/exe/fetch.php?media=imx6:

cubox-i:brochure_imx6_cubox_2017-09-05.pdf. Acessado em

Setembro de 2023.

Systems, C. (2022). Phishtank. Dispon´ıvel em: https://phishtank.org/. Aces-

sado em Setembro de 2023.

Downloads

Published

2023-12-02

How to Cite

Montagner, A. S., Westphall, C. M., Almeida, R. A. O. C. B. de, & Rhoden, G. E. (2023). Sistema de detecção de phishing com base em query DNS. Revista ComInG - Communications and Innovations Gazette, 7(1), 19–30. https://doi.org/10.5902/2448190485266

Issue

Vol. 7 No. 1 (2023): III CONPET Computação

Section

Artigos PET

License

Copyright (c) 2023 Revista ComInG - Communications and Innovations Gazette

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Os manuscritos aceitos e publicados são de propriedade da revista ComInG.

Os originais deverão ser acompanhados de documentos de transferência de direitos autorais contendo assinatura dos autores.

A carta de direitos autorais deve ser enviada para o e-mail coming@inf.ufsm.br

É vedada a submissão integral ou parcial do manuscrito a qualquer outro periódico. A responsabilidade do conteúdo dos artigos é exclusiva dos autores.

É vedada a tradução para outro idioma sem a autorização escrita do Editor ouvida a Comissão Editorial.


ENGLISH
Manuscripts accepted and published are the property of the journal ComInG.

The originals must be accompanied by documentation of copyright transfer containing the signature of the authors.

You may not submit full or partial manuscript to another journal. The responsibility of the article's content is exclusive of the authors.

You may not translating into another language without the written permission of the Editor after consultation with the Editorial Board.


Most read articles by the same author(s)