An Approach To Perceive Tabnabbing Attack

Abstract The growth of Internet has many pros and cons to mankind, which is easily visible in day to day activities. The growth of Internet has also manifested into the other domain of cyber crimes. Phishing, web defacement, money laundering, tax evasion, etc. are some of the examples of cyber crimes that have been reported in literature. It has become vital to make technology reliable, so that it can record and intelligently apprise the user of illegal activity. The objective of this work is twofold. Firstly, in this paper tabnabbing which is a type of phishing attack is explored by developing an attack scenario. Secondly, the signature based detection mechanism is proposed to handle tabnabbing attack.

REFERENCES

[1] Unlu, S.A.; Bicakci, K NoTabNab: Protection against the tabnabbing attack eCrime Researchers Summit (eCrime), 2010.

[2] Anti Phishing Group [ONLINE] Available : http://www.antiphishing.org/reports/apwg_trends_report_h2_2011.pdf

[3] Aza Raskin Tabnabbing: A New Type of Phishing Attack [ ONLINE] Available: http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/

[4]Salvatore Guarnieri and Benjamin Livshits GATEKEEPER: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code

[5] Trenton: Advanced Tabnabbing [ONLINE] Available:http://www.hackyeah.com/2010/06/advanced-tabnabbing-with-iframes/

[6] Jeremiah grossman : CSS History Attacks http://jeremiahgrossman.blogspot.in/2006/08/i-know-where-youve-been.html/

[7] Html tutorial [ ONLINE] Available: http://www.w3schools.com/default.asp

[8] Zhi Jian Zhu, Mohammad Zulkernine A model-based aspect-oriented framework for building intrusion-aware software systems Elsevier Information and Software Technology 51 2009 Pages 865�875

[9] Aviv Raff [ONLINE] Available : http://krebsonsecurity.com/2010/05/devious-new-phishing-tactic-targets-tabs/