Laurens, Roy, Rezaeighale, Hossein, Zou, Cliff C. and Jusak, Jusak ORCID: https://orcid.org/0000-0001-5646-4865 (2019) Using Disposable Domain Names to Detect Online Card Transaction Fraud. In: 2019 IEEE International Conference on Communications (ICC), 20 – 24 May 2019, Shanghai.
|
Text
2. Peer Review ICC2019.pdf - Accepted Version Download (520kB) | Preview |
|
|
Text
3. Turnitin ICC2019.pdf - Accepted Version Download (2MB) | Preview |
|
|
Text
1. Dokumen ICC2019.pdf - Accepted Version Download (1MB) | Preview |
Search this title on : |
Abstract
Online card transaction fraud is one of the major threats to the bottom line of E-commerce merchants. In this paper, we propose a novel method for online merchants to utilize disposable (“one-time use”) domain names to detect client IP spoofing by collecting client’s DNS information during an Ecommerce transaction, which in turn can help with transaction fraud detection. By inserting a dynamically generated unique hostname on the E-commerce transaction webpage, a client will issue an identifiable DNS query to the customized authoritative DNS server maintained by the online Merchant. In this way, the online Merchant is able to collect DNS configuration of the client and match it with the client’s corresponding transaction in order to verify the consistency of the client’s IP address. Any discrepancy can reveal proxy usage, which fraudsters commonly use to spoof their true origins. We have deployed our preliminary prototype system on a real online merchant and successfully collected clients DNS queries correlated with their web transactions; then we show some real instances of successful fraud detection using this method. We also address some concerns regarding the use of disposable domains.
Export Record
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Additional Information: | Roy Laurens, Hossein Rezaeighaleh, Cliff C. Zou, Jusak |
Uncontrolled Keywords: | Electronic Commerce; fraud detection; Disposable Domain Name; DNS; Authoritative Name Server; Proxy Detection; Security |
Dewey Decimal Classification: | 000 – Computer science, information & general works > 000 Computer science, knowledge & systems > 005 Computer programming, programs & data |
Divisions: | Perpustakaan > Prosiding/Call for Papers |
Depositing User: | Annuh Liwan Nahar |
Date Deposited: | 07 May 2021 14:42 |
Last Modified: | 02 Nov 2021 15:07 |
URI: | http://repository.dinamika.ac.id/id/eprint/5602 |
Download Statistics
Downloads over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
Actions (login required)
View Item |