, 38 3.3.4 Phase d'identification des heuristiques déterminants, p.39
, 45 3.4.2.1 Catégorie Code source, p.49
, 56 3.6.1 Heuristiques prédominants pour, p.57
, 71 4.1.3.1 DNSSEC : une solution côté réseau FAI/serveur web, p.75
, Implémentation : points spécifiques, p.124
, FAI Orange diffuse un email de sensibilisation aux attaques de phishing, à ses clients 27
, Exemple de recherche de sous-chaîne, établi avec l'implémentation, p.80
, Estimation des seuils de détection des modifications apportées au code source, d'après l'exemple, p.142
, Efficient string matching: an aid to bibliographic search, Communications of the ACM, vol.18, issue.6, pp.333-340, 1975.
DOI : 10.1145/360825.360855
, Exploiting web search engines to search structured databases, Proceedings of the 18th international conference on World wide web, WWW '09, pp.501-510, 2009.
DOI : 10.1145/1526709.1526777
, http://www.afnic.fr/noncvs/formations/dnssec_court/ dnssec-afnic-v1.7.2.2.pdf. [AFN09] AFNIC: DNS : types d'attaques et techniques de sécurisation, juin, 2009.
, Predicting Phishing Websites Using Classification Mining Techniques with Experimental Case Studies, 2010 Seventh International Conference on Information Technology: New Generations, pp.176-181, 2010.
DOI : 10.1109/ITNG.2010.117
, Alexa Top 500 Global Sites
, Comparing DNS resolvers in the wild, Proceedings of the 10th annual conference on Internet measurement, IMC '10, 2010.
DOI : 10.1145/1879141.1879144
, Bypassing Security Toolbars and Phishing Filters via DNS Poisoning, IEEE GLOBECOM 2008, 2008 IEEE Global Telecommunications Conference, pp.1-6, 2008.
DOI : 10.1109/GLOCOM.2008.ECP.386
, Tagged and Cleaned Wikipedia (TC Wikipedia) and its Ngram/wikipedia-data/. [atUoCfI10] ICANN, NORC at the University of Chicago for: Draft Report for the Study of the Accuracy of WHOIS Registrant Contact Information. Rapport technique 6558, 2010.
, Protecting Browsers from Extension Vulnerabilities, Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS)
, A survey of longest common subsequence algorithms, Proceedings Seventh International Symposium on String Processing and Information Retrieval. SPIRE 2000, 2000.
DOI : 10.1109/SPIRE.2000.878178
, A survey on tree edit distance and related problems, Theoretical Computer Science, vol.337, issue.1-3, pp.217-239, 2005.
DOI : 10.1016/j.tcs.2004.12.030
, Exposure, Proceedings of the 18th Annual Network & Distributed System Security Symposium (NDSS)
DOI : 10.1145/2584679
, A fast string searching algorithm, Communications of the ACM, vol.20, issue.10, pp.762-772, 1977.
DOI : 10.1145/359842.359859
, A Security Evaluation of DNSSEC with NSEC3, Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS)
, http://www. khiops.com/. [Bou08] Boullé, Marc: Khiops : outil de préparation et modélisation des données pour la fouille des grandes bases de données, 8ème journées francophones Extraction et Gestion des Connaissances (EGC), pp.229-230, 2008.
, A DNS Based Anti-phishing Approach, 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, pp.262-265, 2010.
DOI : 10.1109/NSWCTC.2010.196
, Detecting visually similar Web pages, ACM Transactions on Internet Technology, vol.10, issue.2, pp.1-5, 2010.
DOI : 10.1145/1754393.1754394
, Online Detection and Prevention of Phishing Attacks, 2006 First International Conference on Communications and Networking in China, 2006.
DOI : 10.1109/CHINACOM.2006.344718
, Anti-phishing based on automated individual white-list, Proceedings of the 4th ACM workshop on Digital identity management, DIM '08
DOI : 10.1145/1456424.1456434
, ESMAJ -Exact String Matching Algorithms http://www-igm.univ-mlv.fr/~lecroq/string/index.html Mitchell: Client-side defense against web-based identity theft, Dans Proceedings of the 4th ACM workshop on Digital Identity Management (DIM) Proceedings of 11th Annual Network and Distributed System Security Symposium (NDSS)pdf. [CT94] Cavnar, William B. et John M. Trenkle: N-Gram-Based Text Categorization. Dans Proceedings of SDAIR, pp.51-60, 1994.
, A technique for computer detection and correction of spelling errors, Communications of the ACM, vol.7, issue.3, pp.171-176, 1964.
, Analyzing Information Flow in JavaScript-Based Browser Extensions, 2009 Annual Computer Security Applications Conference, pp.382-391, 2009.
DOI : 10.1109/ACSAC.2009.43
, Learning Fast Classifiers for Image Spam, Proceedings of the Conference on Email and Anti-Spam (CEAS), Moutain View (California), 2007.
, Corrupted DNS Resolution Paths : The Rise of a Malicious Resolution Authority tome Session 1 :Large Scale Systems http:// www.citi.umich Analysis of tree edit distance algorithms, Proceedings of the 16th Annual Network & Distributed System Security Symposium (NDSS)ndss08_dns.pdf. [DT03] Dulucq, Serge et Hélène Touzet Proceedings of the 14th annual symposium of combinatorial pattern matching (CPM), pp.83-95, 2003.
, The battle against phishing, Proceedings of the 2005 symposium on Usable privacy and security , SOUPS '05, pp.77-88, 2005.
DOI : 10.1145/1073001.1073009
, You've been warned, Proceeding of the twenty-sixth annual CHI conference on Human factors in computing systems , CHI '08, pp.1065-1074, 2008.
DOI : 10.1145/1357054.1357219
, Online Identity Theft : Phishing Technology, Chokepoints and Countermeasures , octobre, 2005.
, Anti-Phishing : Page Encoding -Whitepaper, HTTPSLock : Enforcing HTTPS in Unmodified Browsers with Cached Javascript. Dans Proceedings of the 4th International Conference on Network and System Security (NSS), pp.269-274, 2005.
, The methodology and an application to fight against Unicode attacks, Proceedings of the second symposium on Usable privacy and security , SOUPS '06, pp.91-101, 2006.
DOI : 10.1145/1143120.1143132
, Users' conceptions of web security, CHI '02 extended abstracts on Human factors in computing systems , CHI '02, pp.746-747, 2002.
DOI : 10.1145/506443.506577
, Implementation of Web Crawler, 2009 Second International Conference on Emerging Trends in Engineering & Technology, pp.838-843, 2009.
DOI : 10.1109/ICETET.2009.124
, XML stream processing using tree-edit distance embeddings, ACM Transactions on Database Systems, vol.30, issue.1, pp.279-332, 2005.
DOI : 10.1145/1061318.1061326
, Google Whitelist. http://sb.google.com/safebrowsing/update? version=goog-white-domain:1:1
, Top 1000 sites -DoubleClick Ad Planner, 1000.
, Rubin: A Framework for Detection and Measurement of Phishing Attacks, pp.1-8, 2007.
, Better Bayesian Filtering, Proceedings of 2003 MIT Spam Conference, 2003.
, Extensions de sécurité DNS (DNSSEC) Editions Techniques de l'Ingénieur, pp.1-14, 2006.
, Error Detecting and Error Correcting Codes. The Bell System Technical Journal, pp.147-161, 1950.
, A linear space algorithm for computing maximal common subsequences, Communications of the ACM, vol.18, issue.6, pp.341-343, 1975.
DOI : 10.1145/360825.360861
, Visual similarity-based phishing detection without victim site information, 2009 IEEE Symposium on Computational Intelligence in Cyber Security, pp.30-36, 2009.
DOI : 10.1109/CICYBS.2009.4925087
, Protecting browsers from DNS rebinding attacks, 2009.
DOI : 10.1145/1315245.1315298
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.154.8059
, Alignment of trees ? An alternative to tree edit, Combinatorial Pattern Matching, tome 807 de Lecture Notes in Computer Science, pp.75-86, 1994.
, School of phish, Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS '09, pp.1011-1012, 2009.
DOI : 10.1145/1572532.1572536
, Protecting Users against Phishing Attacks, The Computer Journal, vol.49, issue.5, 2005.
DOI : 10.1093/comjnl/bxh169
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.60.1209
, Peter: Levenshtein Demo
, Computing the Edit-Distance Between Unrooted Ordered Trees, Proceedings of the 6th Annual European Symposium on Algorithms (ESA), pp.91-102, 1998.
DOI : 10.1007/3-540-68530-8_8
, Fast Pattern Matching in Strings, SIAM Journal on Computing, vol.6, issue.2, pp.323-350, 1977.
DOI : 10.1137/0206024
, Web Information Extraction by HTML Tree Edit Distance Matching, 2007 International Conference on Convergence Information Technology (ICCIT 2007), pp.2455-2460, 2007.
DOI : 10.1109/ICCIT.2007.19
, Rabin: Efficient randomized pattern-matching algorithms, IBM Journal of Research and Development, pp.249-260, 1987.
DOI : 10.1147/rd.312.0249
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.86.9502
, Dynamic pharming attacks and locked same-origin policies for web browsers, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, pp.58-71, 2007.
DOI : 10.1145/1315245.1315254
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.9247
, New Tools for Web-Scale N-grams lrec-conf.org/proceedings/lrec2010/pdf/233_Paper.pdf. [lev] Levoyageur -Banks in the world Binary codes capable of correcting deletions, insertions, and reversals . Soviet Physics Doklady: The Needleman-Wunsch algorithm for sequence alignment, Proceedings of the 7th International Conference on Language Resources and Evaluation (LREC), Malta Librairie Java DNSJavaLik05] Likic, pp.707-710, 1966.
, Computing structural similarity of source XML schemas against domain XML schema, Proceedings of the 19th Conference on Australasian Database (ADC), tome 75, pp.155-164, 2007.
, ISBN 978-3-540-73613-4. [MAA11] MAAWG: Email Metrics Program : The Network Operators' Perspective -Report #14 - Third and Fourth Quarter 2010, mars 2011 Behind Phishing : An Examination of Phisher Modi OperandiMic] Microsoft: Phishing Filter and Resulting Internet Communication in Windows Vista, On the Effectiveness of Techniques to Detect Phishing Sites. Dans Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment, tome Lecture NotesMAAWG_2010_Q3Q4_Metrics_Report_14.pdf. [Mai03] Maigron, Patrick: Sécurité des e-mails : PGP et S/MIME, octobre 2003. [MG08] Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent ThreatsEntry.aspx? Name=Program%3aWin32%2fWareOut. [Mic09] Microsoft: Microsoft Security Bulletin MS08-037 ? Important : Vulnerabilities in DNS Could Allow Spoofing (953230)?DisplayLang=en& id=15204. [MKK08] Medvet, Eric, Engin Kirda et Christopher Kruegel: Visual-Similarity-Based Phishing Detection . Dans Proceedings of the 4th international conference on Security and privacy in communication networksphishing-technical. pdf. [Moz] Mozilla: Phishing Protection : Design Documentation -MozillaWiki. https://wiki. mozilla.org/Phishing_Protection:_Design_Documentation. [MS05] Mikhaiel, Rimon et Eleni Stroulia: Accurate and Efficient HTML Differencing. Dans Proceedings of the 13th IEEE International Workshop on Software Technology and Engineering Practice (STEP), pp.20-39, 2005.
, Beyond blacklists, Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, KDD '09, pp.1245-1254, 1986.
DOI : 10.1145/1557019.1557153
, A General Method Applicable to the Search for Similarities in the Amino Acid Sequence of Two Proteins, Molecular Biology Journal, pp.443-553, 1970.
, The Pharming Guide, juillet, 2005.
, DNS Cache Poisoning : Definition and Prevention, mars, 2006.
, Anomaly Based Web Phishing Page Detection, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06), pp.381-392, 2006.
DOI : 10.1109/ACSAC.2006.13
, org affiliate: Default Password List
, PhishNet: Predictive Blacklisting to Detect Phishing Attacks, 2010 Proceedings IEEE INFOCOM, pp.1-5, 2010.
DOI : 10.1109/INFCOM.2010.5462216
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.156.970
, Stronger password authentication using browser extensions, Proceedings of the 14th Conference on USENIX Security Symposium USA, juillet 2005. USENIX Association
, A layoutsimilarity-based approach for detecting phishing pages, pp.454-463, 2007.
, Client Side protection from Phishing attack, International Journal of Advanced Engineering Sciences and Technologies (IJAEST), pp.39-45, 2011.
, One Sinowal Trojan + One Gang = Hundreds of Thousands of Compromised Accounts, octobre http://blogs.rsa.com/rsafarl/ one-sinowal-trojan-one-gang-hundreds-of-thousands-of-compromised-accounts, 2008.
, Developer: Domain Typo Generator -SEO Tools -Search Engine Optimization, Google Optimization
, ViPER, Proceedings of the 14th ACM international conference on Information and knowledge management , CIKM '05, pp.381-388, 2005.
DOI : 10.1145/1099554.1099672
, A -Basic Algorithms of Bioinformatics Applet
, Drive-By Pharming, Proceedings of the 9th international conference on Information and communications security, tome Network Security, pp.495-506, 2007.
DOI : 10.1007/978-3-540-77048-0_38
, Identification of common molecular subsequences, Journal of Molecular Biology, vol.147, issue.1, pp.195-197, 1981.
DOI : 10.1016/0022-2836(81)90087-5
, An Empirical Analysis of Phishing Blacklists, 2009.
, Coding Theory -Part2 : Hamming Distance, 2010.
, Hélène: A linear-time algorithm for comparing similar ordered trees, juillet, 2005.
, Perspectives : Improving SSH-style Host Authentication with Multi-Path Probing, Proceedings of the 2008 USENIX Annual Conference USA, juillet 2008. [web] Web Browser Market Share
, The String-to-String Correction Problem, Journal of the ACM, vol.21, issue.1, pp.168-173, 1974.
DOI : 10.1145/321796.321811
, Detection of phishing webpages based on visual similarity, Special interest tracks and posters of the 14th international conference on World Wide Web , WWW '05, pp.1060-1061, 2005.
DOI : 10.1145/1062745.1062868
, Overview of Record Linkage and Current Research Directions Rapport technique 2006-2, Statistical Research Division, U.S. Census Bureau, 2006.
, Do security toolbars actually prevent phishing attacks?, Proceedings of the SIGCHI conference on Human Factors in computing systems , CHI '06, pp.601-610, 2006.
DOI : 10.1145/1124772.1124863
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.136.7624
, Web wallet, Proceedings of the second symposium on Usable privacy and security , SOUPS '06, pp.102-113, 2006.
DOI : 10.1145/1143120.1143133
, An O(NP) sequence comparison algorithm, Information Processing Letters, vol.35, issue.6, pp.317-323, 1990.
DOI : 10.1016/0020-0190(90)90035-V
, Hsu: An overview of Microsoft web N-gram corpus and applications, Proceedings of the 11th Annual Conference of the North American Chapter of the Association for Computational Linguistics (NAACL HLT), Demonstration Session, pp.45-48, 2010.
, Passpet, Proceedings of the second symposium on Usable privacy and security , SOUPS '06, pp.32-43, 2006.
DOI : 10.1145/1143120.1143126
, Anti-Phishing in Offense and Defense, 2008 Annual Computer Security Applications Conference (ACSAC), pp.345-354, 2008.
DOI : 10.1109/ACSAC.2008.32
, Phinding Phish : Evaluating Anti-Phishing Tools, Proceedings of the 14th Annual Network & Distributed System Security Symposium, 2007.
, Cantina, Proceedings of the 16th international conference on World Wide Web , WWW '07, pp.639-648, 2007.
DOI : 10.1145/1242572.1242659
, Simple Fast Algorithms for the Editing Distance between Trees and Related Problems, SIAM Journal on Computing, vol.18, issue.6, pp.1245-1262, 1989.
DOI : 10.1137/0218082
, Decisive Heuristics to Differentiate Legitimate from Phishing Sites, 2011 Conference on Network and Information Systems Security, pp.1-9, 2011.
DOI : 10.1109/SAR-SSI.2011.5931389
URL : https://hal.archives-ouvertes.fr/hal-01304087
, A dual approach to detect pharming sites at the client-side, Proceedings of the 4th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp.1-5, 2011.
, Defeating pharming attacks at the client-side, 2011 5th International Conference on Network and System Security, pp.33-40, 2011.
DOI : 10.1109/ICNSS.2011.6059957
URL : https://hal.archives-ouvertes.fr/hal-01303641