NDLI: Enhanced Security for Preventing Man-in-the Middle Attacks in Authentication, Data Entry and Transaction Verification

Please wait, while we are loading the content...

Enhanced Security for Preventing Man-in-the Middle Attacks in Authentication, Data Entry and Transaction Verification

Content Provider	Semantic Scholar
Author	Wells, Jason Hutchinson, Damien Pierce, Justin D.
Copyright Year	2008
Abstract	There is increasing coverage in the literature highlighting threats to online financial systems. Attacks range from the prevalent reverse social engineering technique known as phishing; where spam emails are sent to customers with links to fake websites, to Trojans that monitor a customer's account log on process that captures authentication details that are later replayed for financial gain. This ultimately results in loss of monetary funds for affected victims. As technological advances continue to influence the way society makes payment for goods and services, the requirement for more advanced security approaches for transaction verification in the online environment increases. This paper has three main purposes. The first is to detail the current threats and vulnerabilities to online financial systems and in particular online banking, from the selected literature. The second is to present the known prevention techniques for protecting against these attacks. The third is to present a conceptual model for authentication, data entry and transaction verification. It is suggested that the design adds another layer of security to existing methods to either prevent a MitM attack or to make the procedure of capturing and reassembling customer log on and transaction details more computationally and time intensive than what it is worth to an attacker. The model is based on a graphical authentication application previously developed called Authentigraph.
Starting Page	1
Ending Page	14
Page Count	14
File Format	PDF HTM / HTML
DOI	10.4225/75/57b56646b8774
Alternate Webpage(s)	http://igneous.scis.ecu.edu.au/proceedings/2008/aism/Hutchinson%20Enhanced%20Security.pdf
Alternate Webpage(s)	http://scissec.scis.ecu.edu.au/conference_proceedings/2008/aism/Hutchinson%20Enhanced%20Security.pdf
Alternate Webpage(s)	https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1057&context=ism
Alternate Webpage(s)	https://doi.org/10.4225/75%2F57b56646b8774
Language	English
Access Restriction	Open
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in