Client-Side Defense Against Web-Based Identity Theft
نویسندگان
چکیده
Web spoofing is a significant problem involving fraudulent email and web sites that trick unsuspecting users into revealing private information. We discuss some aspects of common attacks and propose a framework for client-side defense: a browser plug-in that examines web pages and warns the user when requests for data may be part of a spoof attack. While the plugin, SpoofGuard, has been tested using actual sites obtained through government agencies concerned about the problem, we expect that web spoofing and other forms of identity theft will be continuing problems in
منابع مشابه
Token Based Security for Prevention of Phishing Attack at Client Side
Phishing is an electronic identity theft in which the attacker uses a combination of social engineering techniques and web spoofing techniques to decept a user into revealing sensitive information. The literature addresses this issue extensively and presents a number of solutions, which are either client based or server based. Generally client based solutions have an upper hand over the server ...
متن کاملA Two Factor Based Anti-Phishing Method in Open ID
With the exponential growth in web based applications, a typical user has to create a lot of usernames and passwords in order to use these services, while using these services user have to keep track of her credentials which in turns results in high probability of identity theft. A secure and reliable identity management system is required in this scenario. OpenID is a good solution to interact...
متن کاملFingerprinting Defenses at the Application Layer
Website Fingerprinting (WF) allows a passive network adversary to learn the websites that a client visits by analyzing traffic patterns that are unique to each website. It has been recently shown that these attacks are particularly effective against .onion sites, anonymous web servers hosted within the Tor network. Given the sensitive nature of the content of these services, the implications of...
متن کاملProtection of Web Applications from Cross-Site Scripting Attacks in Browser Side
Cross Site Scripting (XSS) Flaws are currently the most popular security problems in modern web applications. These Flaws make use of vulnerabilities in the code of web-applications, resulting in serious consequences, such as theft of cookies, passwords and other personal credentials.Cross-Site scripting Flaws occur when accessing information in intermediate trusted sites. Client side solution ...
متن کاملSocial Security: Combating Device Theft With Community-Based Video Notarization
People increasingly rely on mobile devices for storing sensitive information and credentials for access to services. Because these devices are vulnerable to theft, security of this data is put at higher risk — once the attacker is in physical possession of the device, recovering these credentials and impersonating the owner of the phone is usually straightforward and hard to defend by purely lo...
متن کامل