2 research outputs found
Defeating pharming attacks at the client-side
International audienceWith the deployment of "always-connected" broadband Internet access, personal networks are a privileged target for attackers and DNS-based corruption. Pharming attacks - an enhanced version of phishing attacks - aim to steal users' credentials by redirecting them to a fraudulent login website, using DNS-based techniques that make the attack imperceptible to the end-user. In this paper, we define an advanced approach to alert the end-user in case of pharming attacks at the client-side. With a success rate over 95%, we validate a solution that can help differentiating legitimate from fraudulent login websites, based on a dual-step analysis (IP address check and webpage content comparison) performed using multiple DNS servers informatio
Pharming: análise dogmático-penal, em especial enquanto forma de lesão do património
Dissertação de mestrado em Direito e InformáticaA par dos constantes avanços tecnológico, que destroem barreiras antes
entendidas por inultrapassáveis, surgem novas e sofisticadas possibilidades de
perpetrar crimes através da Internet e por acesso a sistemas informáticos: a
chamada Criminalidade Informática.
De facto, sĂŁo inĂşmeros os ataques que podem ser cometidos por esta via
sem que o homem-médio possa estar a par de todos eles a fim de os conseguir
combater efetivamente.
Um desses ataques, cada vez com maior ocorrência, é o pharming, avanço
em relação ao já mais conhecido phishing e que surgiu como forma a ultrapassar
certos entraves inerentes a este Ăşltimo, trazendo assim uma maior perigosidade
e dificuldade em apurar a correspondente responsabilidade.
Porém, a principal lacuna está ainda em perceber com certeza os limites
jurĂdico-penais de enquadramento, o que pode gerar nos nossos tribunais
injustiças e dificuldades de tratamento, dados os contornos demasiado técnicoinformáticos
que as mais ponderadas conclusões pressupõem.
Por isso, visa este trabalho delimitar com rigor o enquadramento jurĂdicopenal
a que se deve reconduzir tal fenĂłmeno, pela previsibilidade de que a sua
ocorrência seja cada vez mais frequente e também porque os nosso tribunais se
pronunciaram atĂ© entĂŁo apenas numa perspetiva civilĂstica, imperando a
necessidade de uma visĂŁo de natureza penal.Being aware of constant technological advances which destroy barriers
before faced as unbreakable, nowadays we are faced with new and sophisticated
possibilities of perpetrating crimes through the Internet by accessing computer
systems: commonly called as Cybercrime.
In fact, the atacks that can be commited through this way are so many
that common-men can not be aware and defeat all of them effectively.
Pharming is one of those atacks that have occurred more often – in order
to overtake some obstacles well-knowned from phishing – and so it means a
bigger threat that brings further challeges to find out legal responsability.
Although, the main gap is to fully understand the criminal boundaries of
frameworking due to pharming’s profile has such technical and informatical
peculiarities that must be understood to take the most balanced conclusions. We
have it in mind because these doubts could guide our courts to injustices and
treatment difficulties.
As such, the main goal of this work is to define precisely the legal
framework: in first place because it is predictable the frequent occurence of this
phenomenon in our society, and secondly due to the urgency of a correct
criminal vision by our courts that has only pronounced themselves in a civilian
perspective until now