Herzberg et al., 2008 - Google Patents
Security and identification indicators for browsers against spoofing and phishing attacksHerzberg et al., 2008
View PDF- Document ID
- 13755398354010341281
- Author
- Herzberg A
- Jbara A
- Publication year
- Publication venue
- ACM Transactions on Internet Technology (TOIT)
External Links
Snippet
In spite of the use of standard Web security measures (SSL/TLS), users enter sensitive information such as passwords into fake Web sites. Such fake sites cause substantial damages to individuals and corporations. In this work, we identify several vulnerabilities of …
- 238000002474 experimental method 0 abstract description 25
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Herzberg et al. | Security and identification indicators for browsers against spoofing and phishing attacks | |
| Herzberg et al. | Trustbar: Protecting (even naive) web users from spoofing and phishing attacks | |
| Dhamija et al. | The battle against phishing: Dynamic security skins | |
| Karlof et al. | Dynamic pharming attacks and locked same-origin policies for web browsers | |
| Barth et al. | Robust defenses for cross-site request forgery | |
| Jackson et al. | Forcehttps: protecting high-security web sites from network attacks | |
| Bellamy-McIntyre et al. | OpenID and the enterprise: A model-based analysis of single sign-on authentication | |
| Bugliesi et al. | CookiExt: Patching the browser against session hijacking attacks | |
| Sengupta et al. | e-Commerce security—A life cycle approach | |
| Herzberg et al. | Protecting (even) Naive Web Users, or: preventing spoofing and establishing credentials of web sites | |
| Purkait | Examining the effectiveness of phishing filters against DNS based phishing attacks | |
| Falk et al. | Analyzing websites for user-visible security design flaws | |
| Bose et al. | Unveiling the mask of phishing: Threats, preventive measures, and responsibilities | |
| Yue | Preventing the Revealing of Online Passwords to Inappropriate Websites with {LoginInspector} | |
| Jagannath et al. | Browser‐in‐the‐middle attacks: A comprehensive analysis and countermeasures | |
| Herzberg et al. | Security and identification indicators for browsers against spoofing and phishing attacks | |
| Awad et al. | Phishing for legitimacy: The use of ssl certificates to ensnare internet users | |
| Li | A contingency framework to assure the user-centered quality and to support the design of anti-phishing software | |
| Pac | Phishing threats, attack vectors, and mitigation | |
| Jackson | Improving browser security policies | |
| Karlof | Human factors in web authentication | |
| Mihai | Overview on phishing attacks | |
| Utakrit | Security awareness by online banking users in Western Australian of phishing attacks | |
| Hallam-Baker | Prevention strategies for the next wave of cyber crime | |
| Mannan | Authentication and securing personal information in an untrusted internet |