中国科技期刊研究 ›› 2018, Vol. 29 ›› Issue (10): 987-992. doi: 10.11946/cjstp.201805180447

• 质量建设 • 上一篇    下一篇

科技期刊钓鱼网站常用技术手段分析及防范措施

胡国强1),杨彦荣1),马秋明2)()   

  1. 1)西北农林科技大学网络与教育技术中心,陕西省咸阳市杨凌区邰城路3号 712100
    2)《西北农林科技大学学报(自然科学版)》编辑部,陕西省咸阳市杨凌区邰城路3号 712100
  • 收稿日期:2018-05-18 修回日期:2018-08-02 出版日期:2018-10-15 发布日期:2018-10-15
  • 通讯作者: 马秋明 E-mail:maqm87092511@163.com
  • 作者简介:胡国强(ORCID:0000-0002-9638-2466),硕士,高级工程师,E-mail: hgq@nwsuaf.edu.cn;|杨彦荣,硕士,工程师。

Analysis on technological means frequently used by phishing websites of scientific journals and the corresponding preventive measures

HU Guoqiang1),YANG Yanrong1),MA Qiuming2)()   

  1. 1) Network & Education Technology Center, Northwest A&F University, 3 Taicheng Road, Yangling District, Xianyang 712100, China;
    2) Editorial Office of Journal of Northwest A&F University (Natural Science Edition), 3 Taicheng Road, Yangling District, Xianyang 712100, China;;
  • Received:2018-05-18 Revised:2018-08-02 Online:2018-10-15 Published:2018-10-15
  • Contact: MA Qiuming E-mail:maqm87092511@163.com

摘要:

【目的】 分析科技期刊钓鱼网站常用技术手段,并提出防范措施。【方法】 总结科技期刊钓鱼网站屡禁不止的原因,分析钓鱼网站常用的技术手段,从科技期刊、作者、政府相关部门、互联网企业等方面提出防范科技期刊钓鱼网站的具体措施。【结果】 假冒科技期刊官方网站网址和利用漏洞攻击科技期刊官方网站是科技期刊钓鱼网站常用技术手段。为了遏制钓鱼网站的不法行为,科技期刊编辑部需重视网络安全建设,并努力提升官方网站的可见度;作者应提高防范意识;政府相关部门需提高监管水平;互联网企业应加大防范力度。【结论】 只要科技期刊、作者、政府相关部门、互联网企业等多方共同采取切实有效的防范措施,定会让钓鱼网站再无可乘之机。

关键词: 科技期刊, 钓鱼网站, 技术手段, 防范措施

Abstract:

[Purposes] This paper aims to analyze the technological means frequently used by phishing websites of scientific journals, and propose the preventive measures for the phishing websites. [Methods] We summarized the reasons for the repeated emergence of phishing websites of scientific journals, analyzed the frequently-used technical means of phishing websites, and proposed the specific measures to prevent phishing websites from scientific journals, authors, relevant government departments, and internet companies. [Finding] Passing off the official websites of scientific journals and attacking the official websites of scientific journals by use of loophole are two technological means frequently used by phishing websites of scientific journals. Therefore, in order to curb the illegal behaviors of phishing websites, the editorial office of scientific journals should attach great importance to the construction of network security, and strive to improve the visibility of websites. Besides, the authors should raise awareness of prevention, and relevant government departments should uplift the level of supervision. Furthermore, internet companies should increase their prevention efforts as well. [Conclusions] As long as effective preventive measures are taken jointly by scientific journals, authors, relevant government departments, and internet companies, there will be no chance left for phishing websites.

Key words: Scientific journal, Phishing website, Technological means, Preventive measure