Breaking and fixing content-based filtering
暂无分享,去创建一个
We demonstrate a vulnerability in existing content-based message filtering methods, showing how an attacker can use a simple obfuscator to modify any message to a homograph version of the same message, thereby avoiding digest and signature based detection methods. We measure the success of this potential attack against Hotmail, Gmail and Yahoo mail. While the attack is bothersome both in terms of its simplicity and its success, it is also easily countered. We describe some computationally practical countermeasures.
[1] Evgeniy Gabrilovich,et al. The homograph attack , 2002, CACM.
[2] Steven D. Gribble,et al. Cutting through the Confusion: A Measurement Study of Homograph Attacks , 2006, USENIX Annual Technical Conference, General Track.
[3] Yang Woo Ko,et al. Overview and Framework for Internationalized Email , 2012, RFC.
[4] Sid Stamm,et al. Fighting unicode-obfuscated spam , 2007, eCrime '07.