2006 2 nd Joint Workshop between Security Research Labs in JAPAN and KOREA Anti-Phishing Scheme: Preventing Confidential Data from Posted to Spoofed Site.

Slides:



Advertisements
Similar presentations
Online Privacy A Module of the CYC Course – Personal Security
Advertisements

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.
Reporter: Jing Chiu Advisor: Yuh-Jye Lee /7/181Data Mining & Machine Learning Lab.
Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Breaking Trust On The Internet
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Users Are Not Dependable How to make security indicators that protect them better Min Wu, Simson Garfinkel, Robert Miller MIT Computer Science and Artificial.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Internet Phishing Not the kind of Fishing you are used to.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
10/20/2009 Loomi Liao.  The problems  Some anti-phishing solutions  The Web Wallet solutions  The Web Wallet User Interface  User study  Discussion.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
June 19, 2006TIPPI21 Web Wallet Preventing Phishing Attacks by Revealing User Intentions Rob Miller & Min Wu User Interface Design Group MIT CSAIL Joint.
CMU Usable Privacy and Security Laboratory A Brief History of Semantic Attacks or How Not to Get Screwed Online Serge Egelman.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
How It Applies In A Virtual World
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Presented By Jay Dani.  Web Spoofing is a security attack that allows an adversary to observe and modify all web pages sent to the victim's machine,
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Cyber Crimes.
March 2007 | Prague 1 Technical University of Vienna Politecnico di Milano Engin Kirda Christopher Kruegel Angelo P.E. Rosiello AntiPhish: An Anti-Phishing.
By: Daniel Krueger ITC 525: Computers for Educators Summer II 2010 Click Here to Begin.
KAIST Web Wallet: Preventing Phishing Attacks by Revealing User Intentions Min Wu, Robert C. Miller and Greg Little Symposium On Usable Privacy and Security.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
nd Joint Workshop between Security Research Labs in JAPAN and KOREA Profile-based Web Application Security System Kyungtae Kim High Performance.
Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.
The Battle Against Phishing: Dynamic Security Skins Rachna Dhamija and J.D. Tygar U.C. Berkeley.
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
VENKAT DEEP RAJAN SUMALATHA REDDY KARTHIK INJARAPU CPSC 620 CLEMSON UNIVERSITY.
Phishing: Trends and Countermeasures Blaine Wilson.
CIS 450 – Network Security Chapter 4 - Spoofing. Definition - To fool. In networking, the term is used to describe a variety of ways in which hardware.
McLean HIGHER COMPUTER NETWORKING Lesson 8 E-Commerce Explanation of ISP Description of E-commerce Description of E-sales.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
BeamAuth : Two-Factor Web Authentication with a Bookmark 14 th ACM Conference on Computer and Communications Security Ben Adida Presenter : SJ Park.
Detecting Phishing in s Srikanth Palla Ram Dantu University of North Texas, Denton.
Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.
C MU U sable P rivacy and S ecurity Laboratory Protecting People from Phishing: The Design and Evaluation of an Embedded Training.
Cybercrime What is it, what does it cost, & how is it regulated?
nd Joint Workshop between Security Research Labs in JAPAN and KOREA Polymorphic Worm Detection by Instruction Distribution Kihun Lee HPC Lab., Postech.
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
Changes in Computer Security Will You Be Better Off?
1 Utkarsha MishraCOMPSCI 725 David Silver, Suman Jana, Eric Chen, Collin Jackson, and Dan Boneh. “Password Managers: Attacks and Defenses.” In Proceedings.
A Framework for Detection and Measurement of Phishing Attacks Reporter: Li, Fong Ruei National Taiwan University of Science and Technology 2/25/2016 Slide.
Phishing & Pharming Methods and Safeguards Baber Aslam and Lei Wu.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
E-Commerce & Bank Security By: Mark Reed COSC 480.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Kamdhenu Website is used to Add agent in Kamdhenu offer under Group head Pfiger Software Technologies Pvt. Ltd.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Understand Protection LESSON Security Fundamentals.
Why Does The Site Need an SSL Certification?. Security should always be a high concern for your website, but do you need an SSL certificate? A secure.
Done by… Hanoof Al-Khaldi Information Assurance
presented by: Lingzi Hong
IT Security  .
Phishing, what you should know
Protect Your Computer Against Harmful Attacks!
ISMS Information Security Management System
Presentation transcript:

nd Joint Workshop between Security Research Labs in JAPAN and KOREA Anti-Phishing Scheme: Preventing Confidential Data from Posted to Spoofed Site Researcher: Hunsuk Choi Presenter: Yuna Kim High Performance Computing Laboratory, POSTECH, Republic of KOREA

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 2/13 Contents  Phishing Attack  Problem Definition  Proposed Scheme  Experiments  Conclusion & Future Works

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 3/13 Introduction  Phishing is a form of social engineering trying to fraudulently acquire confidential information by masquerading as a trustworthy business.  Phishing attacks are becoming more popular because unsuspecting people are divulging personal information to attackers.  So, anti-phishing schemes are required neither to trust nor to qualify users.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 4/13 Phishing Attack Model Public trust site T User A User A’s Computer Phisher P 1. Register ID = aaa PASSWORD = bbb Victim of phiser P This is Trusted Site T 4. Send Mail Please verify your account User-expected identity = T 5. Post ID = aaa PASSWORD = bbb 2. Target Target site of phisher P = T 3. Build Spoofed site X of T

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 5/13 Related Works  Fraud prevention (-) easily evaded by the sophisticated phishers.  Browser-based Web-spoofing prevention (-) web site is easily spoofed by drawing logos. (-) most users have no knowledge of certificate authorities.  Authenticator prevention (-) disable to defend against man-in-the-middle attack. (-) not scalable.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 6/13 Problem Definition  To prevent a user from posting his confidential information to a spoofed website, while the user does not have explicit knowledge about details of the function of the Web service. Design Requirements  Systematic decision  Infrequent user work  Infrequent interruption

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 7/13 Basic Idea Prevent a user from posting confidential data to a spoofed website.  Predict a user-expected identity of the current site based on data typed by user.  Compare a user-expected identity with the real identity of the current site.  Determine whether the posted data is confidential data or not.  Distinguish spoofed site from trusted site.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 8/13 Phase 1: Initialization  User registers the domain of trusted sites into the client system as the following record: Type 1 record : Phase 2: Training  When the user posts data to the trusted sites, the client system stores data as the following record:  To prevent type 2 records from increasing up to a great volume, delete older and smaller-counter records. Type 2 record:

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 9/13 Phase 3: Prediction  When a user posts data to non-trusted site, the client system predicts the user-expected identity.  The user-expected identity infers one of the trusted site whose stored field value is same as the current posted data. Phase 4: Collaboration  If user-expected identity and real-identity are different, the current site may be a spoofed site or a sister-site of the trusted site. In order to distinguish them, the client agent queries to the server-agent whether the current site can be authenticated.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 10/13 Phase 5: Prevention  The client system judges the current site is a spoofed if Current site is not registered as a trusted site. None of server agents can authenticate the current site. → User posts the same confidential data as one of the trusted sites, but current site is not sister-site.  The client system rejects the posting user tries, and registers in black list, which the site is spoofed one.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 11/13 2. Fill out ID = aaa P/W = bbb Applied Scenario trusted site T1 Domain = D1 User This is Trusted Site T1 7. Predict User-expected identity = T1 Spoofed site X of T1 1. Register 4. Post ID = aaa P/W = bbb 3. Store 6. Fill out 5. Connect the spoofed site X ID = aaa P/W = bbb 10. Prevent Serve r agent of T1 8. Query Is X sister-site ? 9. No User’s com

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 12/13 Experiment accumulated # of interruptions # of Type 2 records # of confidential information Counts Accumulated # of Transactions  We want to show that type 2 records are not increasing up to a great volume.  Real world data of 2 users for 5 days  No phishing attack  Interruptions 2 times  # of type 2 records stayed in a steady state in spite of internet searching → We can apply this scheme to real web browser.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 13/13 Conclusion & Future Works  We proposed a mechanism that defends against phishing attacks by preventing a user from posting data to a probably spoofed website.  We expect that a proper human-computer interaction which helps a system understands the meaning of a user’s activity will provide a useful defense against not only phishing attacks but also other kinds of attacks targeting users.  As a future work, we are required to implement the proposed mechanism.

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 14/13 Thank You!

nd Joint Workshop between Security Research Labs in JAPAN and KOREA 15/13 Reference  [1] Merja Ranta-aho. WWW and the surng metaphor: harmful for the novice user? In Proceedings of the 16th international symposium on Human Factors in telecommunications,  [2] Christine E. Drake, Jonathan J. Oliver, and Eugene J Koontz. Anotomy of a phishing . In Proceedings of the 1st Conference on and Anti-Spam,  [3] Aaron Emigh. Online identity theft: Phishing technology, chokepoints and countermeasures.  [4] Amir Herzberg and Ahmad Gbara. Trustbar: Protecting (even naive) web users from spoong and phishing attacks. Technical Report DIMACS TR: ,  [5] Tie-Yan Li and Yongdong Wu. Trust on web browser: Attack vs. defense. In Proceedings of the 1st ACNS,  [6] Zishuang Ye, Sean Smith, and Denise Anthony. Trusted paths for browsers. ACM Transactions on Information and System Security, 8(2): ,  [7] Microsoft. Microsoft security bulletin ms  [8] Rachna Dhamija and J. D. Tygar. The battle against phishing: Dynamic security skins. In Proceedings of the Symposium On Usable Privacy and Security,  [9] Alma Whitten and J. D. Tygar. Anotomy of a phishing . In Proceedings of the 8th Usenix Security Symposium, pp ,  [10] Amir Herzberg. Web spoong and phishing attacks and their prevention, MICCS  [11] Robert Lemos. Study: Spammers use id to gain legitimacy.  [12] CoreStreet. Spoofstick.  [13] Louise Sheeran, M. Angela Sasse, Jon Rimmer, and Ian Wakeman. How web browsers shape users' understanding of networks. The Electronic Library, 20(1): ,  [14] Anti-Phishing Working Group. Phishing activity trends report

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.