Study on Protection Against Password Phishing
نویسندگان
چکیده
Phishing attack is new type of network attach and become a major nuisance on the internet. The rapidly progressof phishing attacksthe present secure socket layer is not able to provide and protect users from fraudulent websites. The attacks have been targeted the non-cryptographic security protocols likeTransport layer security and secure socket layerprotocols. These protocols are not sufficient to tackle phishing attacks and need additional mechanisms. In this paper, we discussed phishing attacks and related weaknesses of Secure socket layer (SSL) protocol.Further we discuss and evaluate some proposed solutions against phishing and web spoofing attacks.
منابع مشابه
Intelligent Approach toward Anti-Phishing using Two Factor Authentication
Phishing is an attempt to commit fraud via social engineering. The impact is the breach of information security through the compromise of confidential data. Customers can access their banking accounts from anywhere in the world using their login ID and password. However, the use of password does not provide adequate protection against Internet fraud such as phishing. Phishing exploits this vuln...
متن کاملA Two Factor Based Anti-Phishing Method in Open ID
With the exponential growth in web based applications, a typical user has to create a lot of usernames and passwords in order to use these services, while using these services user have to keep track of her credentials which in turns results in high probability of identity theft. A secure and reliable identity management system is required in this scenario. OpenID is a good solution to interact...
متن کاملSome Recommended Protection Technologies for Cyber Crime Based on Social Engineering Techniques -- Phishing
Phishing (password + fishing) is a form of cyber crime based on social engineering and site spoofing techniques. The name of ‘phishing’ is a conscious misspelling of the word 'fishing' and involves stealing confidential data from a user’s computer and subsequently using the data to steal the user’s money. In this paper, we study, discuss and propose the phishing attack stages and types, technol...
متن کاملSpyware Resistant Web Authentication Using Virtual Machines
Password collection by keyloggers and related malware is increasing at an alarming rate. We investigate client-only defenses and methods that require server-side assistance. Password hashing and password injection, in which passwords are isolated from spyware, provide protection against phishing, commonpassword attacks, and spyware on the client platform. To protect against network sniffing and...
متن کاملA Zero Knowledge Password Proof Mutual Authentication Technique Against Real-Time Phishing Attacks
Phishing attack is a kind of identity theft trying to steal confidential data. Existing approaches against phishing attacks cannot prevent real-time phishing attacks. This paper proposes an Anti-Phishing Authentication (APA) technique to detect and prevent real-time phishing attacks. It uses 2-way authentication and zero-knowledge password proof. Users are recommended to customize their user in...
متن کامل