The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Nama domain antarabangsa (IDN) disalahgunakan untuk mencipta nama domain yang secara visual serupa dengan jenama yang sah/popular. Dalam kerja ini, kami mensistemkan nama domain sedemikian, yang kami panggil sebagai IDN yang menipu, dan menganalisis risiko yang berkaitan dengannya. Khususnya, kami mencadangkan sistem baharu yang dipanggil DomainScouter untuk mengesan pelbagai IDN yang mengelirukan dan mengira skor IDN yang mengelirukan, metrik baharu yang menunjukkan bilangan pengguna yang berkemungkinan diperdaya oleh IDN yang mengelirukan. Kami melakukan kajian pengukuran komprehensif ke atas IDN menipu yang dikenal pasti menggunakan lebih 4.4 juta IDN berdaftar di bawah 570 domain peringkat atas (TLD). Hasil pengukuran menunjukkan bahawa terdapat banyak IDN menipu yang belum diterokai sebelum ini yang menyasarkan jenama bukan bahasa Inggeris atau menggabungkan kaedah menncangkung domain lain. Tambahan pula, kami menjalankan tinjauan dalam talian untuk meneliti dan menyerlahkan kelemahan dalam persepsi pengguna apabila menghadapi IDN tersebut. Akhir sekali, kami membincangkan langkah balas praktikal yang boleh diambil oleh pihak berkepentingan terhadap IDN yang menipu.
Daiki CHIBA
NTT Secure Platform Laboratories
Ayako AKIYAMA HASEGAWA
NTT Secure Platform Laboratories
Takashi KOIDE
NTT Secure Platform Laboratories
Yuta SAWABE
Waseda University
Shigeki GOTO
Waseda University
Mitsuaki AKIYAMA
NTT Secure Platform Laboratories
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Daiki CHIBA, Ayako AKIYAMA HASEGAWA, Takashi KOIDE, Yuta SAWABE, Shigeki GOTO, Mitsuaki AKIYAMA, "DomainScouter: Analyzing the Risks of Deceptive Internationalized Domain Names" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 7, pp. 1493-1511, July 2020, doi: 10.1587/transinf.2019ICP0002.
Abstract: Internationalized domain names (IDNs) are abused to create domain names that are visually similar to those of legitimate/popular brands. In this work, we systematize such domain names, which we call deceptive IDNs, and analyze the risks associated with them. In particular, we propose a new system called DomainScouter to detect various deceptive IDNs and calculate a deceptive IDN score, a new metric indicating the number of users that are likely to be misled by a deceptive IDN. We perform a comprehensive measurement study on the identified deceptive IDNs using over 4.4 million registered IDNs under 570 top-level domains (TLDs). The measurement results demonstrate that there are many previously unexplored deceptive IDNs targeting non-English brands or combining other domain squatting methods. Furthermore, we conduct online surveys to examine and highlight vulnerabilities in user perceptions when encountering such IDNs. Finally, we discuss the practical countermeasures that stakeholders can take against deceptive IDNs.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019ICP0002/_p
Salinan
@ARTICLE{e103-d_7_1493,
author={Daiki CHIBA, Ayako AKIYAMA HASEGAWA, Takashi KOIDE, Yuta SAWABE, Shigeki GOTO, Mitsuaki AKIYAMA, },
journal={IEICE TRANSACTIONS on Information},
title={DomainScouter: Analyzing the Risks of Deceptive Internationalized Domain Names},
year={2020},
volume={E103-D},
number={7},
pages={1493-1511},
abstract={Internationalized domain names (IDNs) are abused to create domain names that are visually similar to those of legitimate/popular brands. In this work, we systematize such domain names, which we call deceptive IDNs, and analyze the risks associated with them. In particular, we propose a new system called DomainScouter to detect various deceptive IDNs and calculate a deceptive IDN score, a new metric indicating the number of users that are likely to be misled by a deceptive IDN. We perform a comprehensive measurement study on the identified deceptive IDNs using over 4.4 million registered IDNs under 570 top-level domains (TLDs). The measurement results demonstrate that there are many previously unexplored deceptive IDNs targeting non-English brands or combining other domain squatting methods. Furthermore, we conduct online surveys to examine and highlight vulnerabilities in user perceptions when encountering such IDNs. Finally, we discuss the practical countermeasures that stakeholders can take against deceptive IDNs.},
keywords={},
doi={10.1587/transinf.2019ICP0002},
ISSN={1745-1361},
month={July},}
Salinan
TY - JOUR
TI - DomainScouter: Analyzing the Risks of Deceptive Internationalized Domain Names
T2 - IEICE TRANSACTIONS on Information
SP - 1493
EP - 1511
AU - Daiki CHIBA
AU - Ayako AKIYAMA HASEGAWA
AU - Takashi KOIDE
AU - Yuta SAWABE
AU - Shigeki GOTO
AU - Mitsuaki AKIYAMA
PY - 2020
DO - 10.1587/transinf.2019ICP0002
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 7
JA - IEICE TRANSACTIONS on Information
Y1 - July 2020
AB - Internationalized domain names (IDNs) are abused to create domain names that are visually similar to those of legitimate/popular brands. In this work, we systematize such domain names, which we call deceptive IDNs, and analyze the risks associated with them. In particular, we propose a new system called DomainScouter to detect various deceptive IDNs and calculate a deceptive IDN score, a new metric indicating the number of users that are likely to be misled by a deceptive IDN. We perform a comprehensive measurement study on the identified deceptive IDNs using over 4.4 million registered IDNs under 570 top-level domains (TLDs). The measurement results demonstrate that there are many previously unexplored deceptive IDNs targeting non-English brands or combining other domain squatting methods. Furthermore, we conduct online surveys to examine and highlight vulnerabilities in user perceptions when encountering such IDNs. Finally, we discuss the practical countermeasures that stakeholders can take against deceptive IDNs.
ER -