Domain name Homograph attack

Came across this via Security.nl

http://www.cs.technion.ac.il/~gabr/papers/homograph.html

Excerpt:

This page presents an example of The Homograph Attack described by Evgeniy Gabrilovich and Alex Gontmakher. (See "The Homograph Attack", Communications of the ACM, 45(2):128, February 2002. Click here for the full-length paper in PDF, or here for the HTML archive of the CACM Inside Risks column at SRI).

To prove the feasibility of this kind of attack, we legally registered (at Register.com) a homographic variant of the domain name "Microsoft.com" which incorporates Russian language characters.

Here is the forged name http://www.mi?r?s?ft.com and here is the real thing http://www.microsoft.com.
Can you tell the difference ?

Here is another example and the accompanying IDN advisory.

The most logical application of this would be in fishing attempts I suppose, and of course any web-code attack.

Posted on Thursday, February 10, 2005 6:23 PM | Back to top

Comments on this post: Domain name Homograph attack

# re: Domain name Homograph attack

Robert, I'm not getting any name resolution for www.cs.technion.ac.il. Can you help out? I would love to read this paper.

Left by Dave on Feb 10, 2005 5:45 PM

That would be Phishing..
http://www.webopedia.com/TERM/p/phishing.html
unless youre actual going for Bass ;-)

Left by Reaper on Feb 11, 2005 11:50 AM

its good

Left by yenbads on Jun 02, 2006 10:23 AM