Abstract
The Internet has become one of the most important technologies in the world, and hackers use various methods to launch cyber attacks to profit from it. Phishing is one of famous social engineering attacks, it is often used to steal user data, including login credentials and credit card numbers. Although the Transport Layer Security certificate is used to verify the trust of websites, there are still a series of vulnerabilities. The demand for trusted IP addresses has led a lot of research, including IP whitelisting, DNS filtering and so on. However, these technologies still have many shortcomings. In view of this, we proposed a novel mechanism for verifying websites using blockchain technology. The URL and IP address of a permissioned website are recorded in blockchain through a specific smart contract. A DNS query is executed through a smart contract designed to avoid URL redirection attacks. With the help of immutable nature of blockchian, phishing websites can be detected. The mechanism will not add any load to users and provides tamper-proof functions based on the characteristics of blockchain. The comparison of related works shows that the proposed mechanism is more secure. We also provided a reference implementation of the proposed mechanism on Ethereum Quorum simulation platform, which proves the effectiveness and practicability of the mechanism.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
