Modeling and Preventing Phishing Attacks
نویسنده
چکیده
We introduce tools to model and describe phishing attacks, allowing a visualization and quantification of the threat on a given complex system of web services. We use our new model to describe some new phishing attacks, some of which belong to a new class of abuse introduced herein: the context aware phishing attacks. We describe ways of using the model we introduce to quantify the risks of an attack by means of economic analysis, and methods for defending against the attacks described.
منابع مشابه
Three-factor Authentication for Preventing Phishing Attacks in Banking
Today, everything has been digitized and Banking is one of the sectors which faces online threats and Phishing is one of the threat. Phishing is an online uniqueness fraud, which intends to seize classified data mainly alias name, keys and online trading aspects from its sufferers. Primarily, an intruder cheats people to disclose sensible data by emailing a fraudulent broadcast to huge number o...
متن کاملThe Role of Authentication Tokens in Preventing Man-in-the-Middle Attacks
Security threats and potential breaches can stem from a wide variety of vulnerabilities, ranging from simple password theft or spyware to Trojan horses, keyword sniffers and more. But the tactic that combines high levels of deception, great potential risk of loss and broad distribution is a new form of “man-in-themiddle” attack—real-time phishing. Man-in-the-middle attacks are not new—they’ve b...
متن کاملDetecting Fake Websites Using Swarm Intelligence Mechanism in Human Learning
The internet and its various services have made users to easily communicate with each other. Internet benefits including online business and e-commerce. E-commerce has boosted online sales and online auction types. Despite their many uses and benefits, the internet and their services have various challenges, such as information theft, which challenges the use of these services. Information thef...
متن کاملPhishing: How an Organization can Protect Itself
The objective of this paper is to report on research to construct a model, which should provide guidance to an organization on how to address all dimensions associated with phishing and assist in solving the problem holistically. The emphasis will be placed on the human and organizational dimensions. Most research in this area has shown that only certain dimensions used to combat phishing attac...
متن کاملPreventing Phishing Attacks Using Trusted Computing Technology
Most secure web sites use the SSL/TLS protocol for server authentication. SSL/TLS supports mutual authentication, i.e. both server and client authentication. However, this optional feature of SSL/TLS is not used by most web sites because not every client has a certified public key. Instead user authentication is typically achieved by sending a password to the server after the establishment of a...
متن کامل