乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,10,8]],"date-time":"2023-10-08T08:43:01Z","timestamp":1696754581783},"reference-count":19,"publisher":"Wiley","issue":"4","license":[{"start":{"date-parts":[[2011,3,24]],"date-time":"2011-03-24T00:00:00Z","timestamp":1300924800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["90718034","60773013"],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100004735","name":"Hunan Provincial Natural Science Foundation of China","doi-asserted-by":"crossref","award":["09JJ4031"],"id":[{"id":"10.13039\/501100004735","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security Comm Networks"],"published-print":{"date-parts":[[2011,4]]},"abstract":"Abstract<\/jats:title>The anti\u2010spoofing community has been intensively proposing new methods for defending against new web\u2010spoofing techniques. In this paper, we analyze the problems within current anti\u2010spoofing mechanisms, and propose a new SSL protected trust model. Then, we describe the attacks on SSL protected trusted communication. In this paper, we also propose the new Automatic Detecting Security Indicator scheme (ADSI) to defend against spoofing attacks on SSL protected web servers. In a secure transaction, ADSI will randomly choose a picture and embed it into the current web browser at a random place. This can be triggered by any security relevant event that has occurred on the browser, and then automatic checking will be performed on the current active security status. When a mismatch of embedded pictures is detected, an alarm goes off to alert the users. Since an adversary is hard to replace or mimic the randomly embedded picture, the web\u2010spoofing attack cannot be mounted easily. In comparison with existing schemes, (1) the proposed scheme has the weakest security assumption, and places a very low burden on the user by automating the process of detection and recognition of web\u2010spoofing for SSL\u2010enabled trusted communication; (2) it has little intrusiveness on the browser; and (3) it can be implemented in a trusted PC at an Internet Cafe. Copyright \u00a9 2009 John Wiley & Sons, Ltd.<\/jats:p>","DOI":"10.1002\/sec.159","type":"journal-article","created":{"date-parts":[[2009,12,4]],"date-time":"2009-12-04T12:02:10Z","timestamp":1259928130000},"page":"372-383","source":"Crossref","is-referenced-by-count":0,"title":["SSL\u2010enabled trusted communication: Spoofing and protecting the non\u2010cautious users"],"prefix":"10.1002","volume":"4","author":[{"given":"Fang","family":"Qi","sequence":"first","affiliation":[]},{"given":"Zhe","family":"Tang","sequence":"additional","affiliation":[]},{"given":"Guojun","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Jie","family":"Wu","sequence":"additional","affiliation":[]}],"member":"311","published-online":{"date-parts":[[2011,3,24]]},"reference":[{"key":"e_1_2_10_2_2","unstructured":"FreierAO KaritonP KocherPC.The SSL Protocol: Version 3.0. Internet draft. Netscape Communications 1996."},{"key":"e_1_2_10_3_2","unstructured":"FeltenEW BalfanzD DeanD WallachDS.Web spoofing: an internet con game.Proceedings of the 20th National Information Systems Security Conference Baltimore USA 1997."},{"issue":"10","key":"e_1_2_10_4_2","first-page":"77","article-title":"Why spoofing is serious: internet fraud","volume":"49","author":"Tamara D","year":"2006","journal-title":"Communications of the ACM (The Association for Computing Machinery)"},{"key":"e_1_2_10_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143133"},{"key":"e_1_2_10_6_2","unstructured":"EmighA.Online Identity Theft: Phishing Technology Chokepoints and Countermeasure. ITTC Report on Online Identity Theft Technology and Countermeasures. 3 October2005."},{"key":"e_1_2_10_7_2","unstructured":"ChouN LedesmaR TeraguchiY BonehD MitchellJ.Client\u2010side defense against web\u2010based identity theft. InProceedings of 11th Annual Network and Distributed System Security Symposium. San Diego CA 5\u20136 February2005; pp.119\u2013128."},{"key":"e_1_2_10_8_2","doi-asserted-by":"crossref","unstructured":"JagaticTN JohnsonNA JakobssonM MenczerF.Social phishing.Communications of the ACM 2007","DOI":"10.1145\/1290958.1290968"},{"key":"e_1_2_10_9_2","doi-asserted-by":"crossref","unstructured":"FlorencioD HerleyC.Evaluating a trial deployment of password re\u2010use for phishing prevention.Proceedings of the Anti\u2010Phishing Working Groups 2nd Annual eCrime Researchers Summit. Pittsburgh Pennsylvania ACM 2007.","DOI":"10.1145\/1299015.1299018"},{"key":"e_1_2_10_10_2","doi-asserted-by":"publisher","DOI":"10.1145\/1065545.1065546"},{"key":"e_1_2_10_11_2","unstructured":"HerzbergA GbaraA.TrustBar: Protecting (evenNaive) Web Users from Spoofing and Phishing Attacks. Cryptology ePrint Archive: Report 2004\/155 2004."},{"key":"e_1_2_10_12_2","doi-asserted-by":"crossref","unstructured":"AdelsbachA GajekS SchwenkJ.Visual spoofing of SSL protected web sites and effective countermeasures.Proceedings of Information Security Practice and Experience '2005 LNCS 3469 pp.204\u2013216 2005.","DOI":"10.1007\/978-3-540-31979-5_18"},{"key":"e_1_2_10_13_2","doi-asserted-by":"crossref","unstructured":"LiTY WuYD.Trust on web browser: attack vs. defense.Proceedings of the International Conference on Applied Cryptography and Network Security LNCS 2846 2003; pp.241\u2013253.","DOI":"10.1007\/978-3-540-45203-4_19"},{"key":"e_1_2_10_14_2","article-title":"WWW Electronic commerce and java trojan horses","author":"Tygar JD","year":"1996","journal-title":"Proceedings of the Second USENIX Workshop on Electronic Commerce"},{"key":"e_1_2_10_15_2","doi-asserted-by":"crossref","unstructured":"WangY AgrawalR ChoiBY.Light Weight Anti\u2010Phishing with User Whitelisting in a Web Browser. 2008 IEEE Region 5 Conference 2008","DOI":"10.1109\/TPSD.2008.4562720"},{"key":"e_1_2_10_16_2","doi-asserted-by":"crossref","unstructured":"DhamijaR TygarJD.The battle against phishing dynamic security skins.Proceedings of the ACM Symposium on Usable Security and Privacy July2005.","DOI":"10.1145\/1073001.1073009"},{"key":"e_1_2_10_17_2","doi-asserted-by":"crossref","unstructured":"LefrancS NaccacheD.Cut and paste attacks with java.Proceedings of the 5th International Conference on Information Security and Cryptology LNCS 2587 2003: pp.1\u201315.","DOI":"10.1007\/3-540-36552-4_1"},{"key":"e_1_2_10_18_2","unstructured":"BauerA Random Art http:\/\/www.random\u2010art.org\/en\/how.html"},{"key":"e_1_2_10_19_2","unstructured":"Mozilla Chromehttp:\/\/www.mozilla.org\/xpfe\/ ConfigChromeSpec.html"},{"key":"e_1_2_10_20_2","doi-asserted-by":"crossref","unstructured":"FriedmanB HurleyD HoweD FeltenE NissenbaumH.Users' Conceptions of Web Security: A Comparative Study. CHI 2002 Extended Abstracts of the Conference on Human Factors in Computing Systems 2002; pp.746\u2013747.","DOI":"10.1145\/506443.506577"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.159","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.159","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/sec.159","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,7]],"date-time":"2023-10-07T07:17:59Z","timestamp":1696663079000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/sec.159"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,3,24]]},"references-count":19,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2011,4]]}},"alternative-id":["10.1002\/sec.159"],"URL":"https:\/\/doi.org\/10.1002\/sec.159","archive":["Portico"],"relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011,3,24]]}}}