PHISHPIN: AN INTEGRATED, IDENTITY-BASED ANTI-PHISHING APPROACH

被引:0
|
作者
Tout, Hicham [1 ]
机构
[1] Nova SE Univ, Sch Comp & Informat Sci, Ft Lauderdale, FL 33314 USA
来源
SECRYPT 2009: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY | 2009年
关键词
Phishing; Spam; Information security; Identity theft; Social engineering; Encryption; Hash algorithms; One time password; Digital certificates; Online scams; Web; Pharming;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Phishing is a social engineering technique used to fraudulently acquire sensitive information from users by masquerading as a legitimate entity. One of the primary goals of phishing is to illegally carry fraudulent financial transactions on behalf of users. The two primary vulnerabilities exploited by phishers are: Inability of non-technical/unsophisticated users to always identify spoofed emails or Web sites; and the relative ease with which phishers masquerade as legitimate Web sites. This paper presents Phishpin, an approach that leverages the concepts of mutual authentication to require online entities to prove their identities. To this end, Phishpin builds on One-Time-Password, DNS, partial credentials sharing, & client filtering to prevent phishers from masquerading as legitimate online entities.
引用
收藏
页码:369 / 374
页数:6
相关论文
共 50 条
  • [41] Emergent Challenges and IPDS for Anti-Phishing Attack
    Li Bing
    Sun Ruifeng
    Fang Xin
    Luo Xue
    Chang Wei-hao
    2014 INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND SECURITY (ICITCS), 2014,
  • [42] Identifying an OpenID anti-phishing scheme for cyberspace
    Abbas, Haider
    Mahmoodzadeh, Moeen Qaemi
    Khan, Farrukh Aslam
    Pasha, Maruf
    SECURITY AND COMMUNICATION NETWORKS, 2016, 9 (06) : 481 - 491
  • [43] Anti-Phishing Using Hadoop-Framework
    Gavahane, Mayura
    Sequeira, Derick
    Pandey, Abhishek
    Shetty, Anush
    2015 INTERNATIONAL CONFERENCE ON TECHNOLOGY FOR SUSTAINABLE DEVELOPMENT (ICTSD-2015), 2015,
  • [44] PhishTackle—a web services architecture for anti-phishing
    R. Gowtham
    Ilango Krishnamurthi
    Cluster Computing, 2014, 17 : 1051 - 1068
  • [45] Visual Similarity based Anti-Phishing with the Combination of Local and Global Features
    Zhou, Yu
    Zhang, Yongzheng
    Xiao, Jun
    Wang, Yipeng
    Lin, Weiyao
    2014 IEEE 13TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM), 2014, : 189 - 196
  • [46] How Effective is Anti-Phishing Training for Children?
    Lastdrager, Elmer
    Gallardo, Ines Carvajal
    Hartel, Pieter
    Junger, Marianne
    PROCEEDINGS OF THIRTEENTH SYMPOSIUM ON USABLE PRIVACY AND SECURITY (SOUPS 2017), 2017, : 229 - 239
  • [47] An Anti-Phishing System Employing Diffused Information
    Chen, Teh-Chung
    Stepan, Torin
    Dick, Scott
    Miller, James
    ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2014, 16 (04)
  • [48] An active anti-phishing solution based on semi-fragile watermark
    Huang, H., 1600, Asian Network for Scientific Information (12):
  • [49] ECC-based anti-phishing protocol for cloud computing services
    Kalra, Sheetal
    Sood, Sandeep
    International Journal of Security and Networks, 2013, 8 (03) : 130 - 138
  • [50] Towards Personalized Game-Based Learning in Anti-Phishing Education
    Roepke, Rene
    Schroeder, Ulrik
    Drury, Vincent
    Meyer, Ulrike
    2020 IEEE 20TH INTERNATIONAL CONFERENCE ON ADVANCED LEARNING TECHNOLOGIES (ICALT 2020), 2020, : 65 - 66
12345