System would help detect homograph attacks shortly after domains are registered.

Image from Verisign patent for homograph detection

Examples of domains that could be used in homograph attacks. Image from Verisign patent.

The U.S. Patent and Trademark Office has granted patent number 10,599,836 (pdf) to Verisign (NASDAQ: VRSN) for “Identification of visual international domain name collisions.”

The patent describes a way to detect a “homograph attack”. A homograph attack is when someone creates a mixed-script domain name that is visually similar to another domain name. Many top level domain names allow registrants to register domain names that include more than one script in an internationalized domain name. For example:

…a malicious entity could register the IDN “xn- -oogle-wmc .com” via a registration service. When a web browser displays this IDN, the punycode element “-wmc” would direct the web browser to place a Latin small capital letter “G” in front of the characters “oogle”—resulting in the domain name Googl e.com. Users accessing Google .com would then be directed to the IDN registered by the malicious user rather than to the expected home page of google.com.

To detect homograph attacks, the patent suggests turning the domain name into an image and then using optical character recognition to look for similarities.

The patent is similar to one that Morgan Stanley recently applied for.

Homographs are a big issue with IDNs. Donuts, which operates over 200 top level domains, includes homograph protection in its Domains Protected Marks List product and plans to expand its homograph protections in the future.

Source link