Presentation is loading. Please wait.

Presentation is loading. Please wait.

Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University.

Similar presentations


Presentation on theme: "Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University."— Presentation transcript:

1 Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University

2 A Recent … Images from Anti-Phishing Working Group’s Phishing Archive

3

4 The next page requests: Name Address Telephone Credit Card Number, Expiration Date, Security Code PIN Account Number Personal ID Password

5 Images from Anti-Phishing Working Group’s Phishing Archive

6 But wait… WHOIS : Location: Korea, Republic Of Even bigger problem: I don’t have an account with US Bank! Images from Anti-Phishing Working Group’s Phishing Archive

7

8 Phishing: A Growing Problem Over 16,000 unique phishing attacks reported in Nov. 2005, about double the number from 2004 Estimates suggest phishing affected 1.2 million US citizens and cost businesses billions of dollars in 2004 Additional losses due to consumer fears [Anti-Phishing Working Group, Phishing Activity Trends Report, Dec. 2005]

9 Outline Introduction Phishing Techniques Current Antiphishing Approaches Goals & Design Principles Phoolproof Phishing Prevention Security Analysis Implementation

10 Basic Phishing Attack Victim receives seemingly from an institution –Often reports a problem with victim’s account – demands immediate action Victim led to a website that mimics that of the institution –Prompted to enter account information, passwords, personal information, etc. Two variations: –Passive: Attacker collects victim’s information for later exploitation –Active: Attacker relays victim’s information to the real institution and plunders the account in real time

11 Current Phishing Techniques Employ visual elements from target site DNS Tricks: –www.ebay.com.kr –www.gooogle.com –Unicode attacks JavaScript Attacks –Spoofed SSL lock Certificates –Phishers can acquire certificates for domains they own –Certificate authorities make mistakes

12 Advanced Phishing Attacks Spear-phishing: Improved target selection Socially aware attacks [Jakobsson 2005] –Mine social relationships from public data –Phishing appears to arrive from someone known to the victim Context-aware attacks [ibid] –“Your bid on eBay has won!” –“The books on your Amazon wishlist are on sale!”

13 User Issues Security is a secondary objective Users choose bad passwords and readily disclose them Users cannot parse URLs, domain names or PKI certificates Users are inundated with warnings and pop-ups

14 Outline Introduction Phishing Techniques Current Antiphishing Approaches –Heuristics –Modified Passwords –Origin Authentication Goals & Design Principles Phoolproof Phishing Prevention Security Analysis Implementation

15 Current Approaches Heuristics –Spoofguard [Chou et al. 2004], TrustBar [HerzGbar 2004], eBay toolbar, SpoofStick –Recent studies indicate users ignore toolbar warnings [Wu et al. 2005]

16 Current Approaches Modified Passwords –Single Sign-On Requires users to trust one institution with all of their passwords Still faces an authentication problem –PwdHash [Ross et al. 2005] Promising approach, but vulnerable to pharming, DNS spoofing, and dictionary attacks –One-time passwords (e.g., scratch cards, RSA SecurID) Vulnerable to active MitM attacks (already seen in the wild) username, one-time password Withdraw $$$$$

17 Current Approaches Origin Authentication –Dynamic Security Skins [DhamTyga 2004], Passmark, and the Petname project –All rely on user diligence – a single mistake will result in a compromised account

18 Key Insight Security must not depend entirely on fallible users System must be secure by default Design must be robust to user error

19 Outline Introduction Phishing Techniques Current Antiphishing Approaches Goals & Design Principles Phoolproof Phishing Prevention Security Analysis Implementation

20 Phishing Prevention Goals Ideal: User’s data only reaches intended recipient Practical: Prevent a phisher from viewing or modifying a user’s accounts –Reduce the power of attacks to that of pre- Internet scams E.g., an attacker can still subvert a company insider

21 Contributions Plan for human errors by guarding users’ accounts even when they make mistakes Use a mobile device to establish an authenticator the user cannot readily disclose Protect against active Man-in-the-Middle attacks Defend against keyloggers Develop a prototype implementation

22 Design Principles Sidestep the arms race –Incremental solutions provoke adaptations Provide mutual authentication –Phishing exploits two authentication failures: Server to User and User to Server Reduce reliance on users –Users are unsuited to authenticating others or themselves to others –We cannot rely on perfect user behavior Avoid dependence on browser interface –Readily spoofed and distrusted by users

23 Outline Introduction Phishing Techniques Current Antiphishing Approaches Goals & Design Principles Phoolproof Phishing Prevention Security Analysis Implementation

24 Phoolproof Prevention Overview Mobile device creates a public key pair for each site –Transmits public key to the server To access the site, the mobile device uses the private key to authenticate to the server –Assists browser in establishing SSL/TLS session Server refuses access unless client can provide user’s password and the mobile device authenticates properly

25 User Experience Setup –Login to the institution’s website –Select Phoolproof Phishing Setup –Confirm installation on device Use –Select secure bookmark on device –Login to the website

26 Basic Phoolproof Setup Establish SSL Connection User Information PubK S Domain, Site Name PubK j

27 Advanced Phoolproof Setup For additional security, establish a shared secret via a trusted side-channel –Mail a nonce (or barcode) to address on file –Display a barcode at an ATM –Setup in person Trusted financial institutions could provide setup for companies without a storefront The problem of properly identifying new customers predates the Internet Existing research can help secure setup

28 URL Phoolproof Connection Establishment Hello Messages h = H(MS || prev msgs) Sig PrivKj (h) PubK S DH s, Sig S (DH s ) PubK S DH c, Sig PrivKj (h) PubK j STANDARD SSLSTANDARD SSL

29 Outline Introduction Phishing Techniques Current Antiphishing Approaches Goals & Design Principles Phoolproof Phishing Prevention Security Analysis Implementation

30 Security Analysis Hijacking account setup –Users must authenticate site and vice versa (only once/site) –Users are at their most alert –Advanced setup precludes most attacks Theft (or loss) of the mobile device –Thief still needs the user’s password –Device may require pin or biometric verification –Users can call companies to revoke their keys (like credit cards) Malware on the mobile device –Standard security solutions (e.g., antivirus, firewalls) –Trusted hardware (e.g., TPMs) –Mutual software attestation

31 Security Analysis Malware on the computer –Standard keylogger fails, since it only obtains password –Compromise of the browser or the operating system is still a problem Attacks on the network –Our system is immune to Man-in-the-Middle attacks, pharming attacks, and domain hijacking Local attacks on Bluetooth –Phishing relies on large-scale attacks, not local attacks –Attacker still lacks user’s password, so account is secure –Existing research [McCune et al. 2005] demonstrates how to establish a secure channel

32 Outline Introduction Phishing Techniques Current Antiphishing Approaches Goals & Design Principles Phoolproof Phishing Prevention Security Analysis Implementation

33 optional_no_ca Implementation: Minimal infrastructure Mobile device: Nokia Smartphone –Coded in Java for portability to other cellphones, PDAs, etc. Small patch to Firefox –Detects account setup tag –Modifies SSL establishment Server changes are minimal for IIS, Apache and Apache-SSL –Plus two short perl scripts SSLVerifyClientnone SSLOptions+ExportCertData –For Apache 2.0:

34 Implementation: Performance Average Time (s) [Min, Max] (s) Key Creation (offline) 75.0[29, 168] Account Creation 0.4[0.3,0.5] Site Navigation0.2[0.1,0.2] SSL/TLS Establishment 1.7[1.6,1.9] 20 Trials

35 Conclusions Phishing is a growing problem, and attacks will only become more sophisticated We should avoid relying on perfect user behavior Instead, we use cryptographic techniques to protect even fallible users Our implementation demonstrates the feasibility of phoolproof phishing prevention

36 Thank you!

37 Future Work Expand prototype into a fully robust application Perform a user study to assess ease of use Integrate with our university’s web login Collaborate with other institutions

38 Man-in-the-Middle Attack Immune to this attack for the same reason SSL/TLS is immune: Attacker does not have access to the private key material for the user or the server

39 URL Preventing a MitM Attack Hello Messages DH s, Sig S (DH s ) S h Sig PKi (h) PK i S DH c, Sig PKi (h) PK i Attacker cannot produce Attacker cannot modify

40 Advanced ATM Setup camera… vision… Phone transfers trust in ATM to trust in online account setup


Download ppt "Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University."

Similar presentations


Ads by Google