Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020139603 - SYSTEM AND METHOD AGAINST UNICODE HOMOGRAPH ATTACKS USING OPTICAL CHARACTER RECOGNITION

Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

[ EN ]

CLAIMS

What is claimed is:

1. A method for Optical Character Recognition (“OCR”) based anti-spoofing for Unicode homograph, comprising:

performing operations by a computing device to make an OCR identification on an original electronic address so as to obtain an OCR electronic address;

encoding (a) the original electronic address to obtain an encoded access address and (b) the OCR electronic address to obtain an encoded OCR electronic address;

comparing the encoded access address to the encoded OCR electronic address; and determining if a Unicode homograph spoofing situation exists based on results of the comparing.

2. The method according to claim 1, wherein the original electronic address comprises an address that is allowed to contain at least one Unicode letter.

3. The method according to claim 2, wherein the address comprises a Uniform Resource Locator (“URL”).

4. The method according to claim 2, wherein the address comprises an email address.

5. The method according to claim 1, wherein the OCR identification is made by:

capturing a screenshot including an image of data displayed on a display screen of the computing device; and

processing the image to identify characters defining the original electronic address.

6. The method according to claim 1, wherein the encoding is performed in accordance with an encoding technique that generates a string in pure ASCII form.

7. The method according to claim 6, wherein the encoding technique comprises Unicode encoding.

8. The method according to claim 6, wherein the encoding technique comprises Punycode encoding.

9. The method according to claim 1, wherein a determination is made that a Unicode homograph spoofing situation exist when the encoded access address is not equal to or does not match the encoded OCR electronic address.

10. The method according to claim 1, further comprising providing a warning or notification to the user of the computing device when a determination is made that the Unicode homograph spoofing situation exists.

11. A system, comprising:

a processor;

a non-transitory computer-readable storage medium comprising programming instructions that are configured to cause the processor to implement a method for Optical Character Recognition (“OCR”) based anti-spoofing for Unicode homograph, wherein the programming instructions comprise instructions to:

make an OCR identification on an original electronic address so as to obtain an OCR electronic address;

encode (a) the original electronic address to obtain an encoded access address and (b) the OCR electronic address to obtain an encoded OCR electronic address;

compare the encoded access address to the encoded OCR electronic address; and determine if a Unicode homograph spoofing situation exists based on results of the comparing.

12. The system according to claim 11, wherein the original electronic address comprises an address that is allowed to contain at least one Unicode letter.

13. The system according to claim 12, wherein the address comprises a Uniform Resource Locator (“URL”).

14. The system according to claim 12, wherein the address comprises an email address.

15. The system according to claim 11, wherein the OCR identification is made by:

capturing a screenshot including an image of data displayed on a display screen of the computing device; and

processing the image to identify characters defining the original electronic address.

16. The system according to claim 11, wherein the encoding is performed in accordance with an encoding technique that generates a string in pure ASCII form.

17. The system according to claim 16, wherein the encoding technique comprises Unicode encoding.

18. The system according to claim 16, wherein the encoding technique comprises Punycode encoding.

19. The system according to claim 11, wherein a determination is made that a Unicode homograph spoofing situation exist when the encoded access address is not equal to or does not match the encoded OCR electronic address.

20. The system according to claim 11, wherein the programming instructions further comprise instructions to provide a warning or notification to the user of the computing device when a determination is made that the Unicode homograph spoofing situation exists.