Token-based Graphical Password Authentication

Gyorffy, John

11 1900

Given that phishing is an ever increasing problem, a better authentication system than the current alphanumeric system is needed. Because of the large number of current authentication systems that use alphanumeric passwords, a new solution should be compatible with these systems. We propose a system that uses a graphical password deployed from a Trojan and virus resistant embedded device as a possible solution. The graphical password would require the user to choose a family photo sized to 441x331 pixels. Using this image, a novel, image hash provides an input into a cryptosystem on the embedded device that subsequently returns an encryption key or text password. The graphical password requires the user to click five to eight points on the image. From these click-points, the embedded device stretches the graphical password input to a 32- character, random, unique alphanumeric password or a 256-bit AES key. Each embedded device and image are unique components in the graphical password system. Additionally, one graphical password can generate many 32-character unique, alphanumeric passwords using its embedded device which eliminates the need for the user to memorize many passwords. / Computer Engineering

Graphical Password

Phishing

USB token

Internet security

Trojan

A social approach to security : using social networks to help detect malicious web content /

Robertson, Michael J.

January 2010

Typescript. Includes bibliographical references (leaves 108-111).

Challenging policies that do not play fair : a credential relevancy framework using trust negotiation ontologies /

Leithead, Travis S.,

January 2005

Thesis (M.S.)--Brigham Young University. Dept. of Computer Science, 2005. / Includes bibliographical references (p. 77-83).

Phishing attacks targeting hospitals : A study over phishing knowledge at Blekingesjukhuset

Nordgren, Daniella

January 2018

Context. Phishing emails is a type of computer attack targeting users and tries to trick them into giving out personal information, follow shady links or download malicious attachments. Phishing is often closely linked to ransomware, which is a type of attack that locks a users computer and asks for a ransom in order to give access back. Ransomware viruses often contaminate a computer through a phishing email. Hospitals are a growing target for these types of attacks because of their need of being able to access their system at all times. Objectives. This study intends to research the phishing knowledge among employees at Blekingesjukhuset and whether Blekingesjukhuset is at a risk of falling victim to a ransomware attack through a phishing email opened by an employee. Methods. This is researched by reading relevant literature and a survey sent out to employees at Blekingesjukhuset regarding their phishing knowledge. Results. The results show that the participants of the survey where overall unsure on how to detect phishing emails and thought that knowledge about the subject is necessary. Conclusions. The conclusion was made that the employees did not know what to look for in order to determine whether an email is a phishing email or not. Based on this information the conclusion can be made that it does exist a risk of Blekingesjukhuset falling victim to a ransomware attack through a phishing email unintentionally opened by an employee.

Phishing

Ransomware

Social engineering

Hospital

Computer Sciences

Datavetenskap (datalogi)

System för att upptäcka Phishing : Klassificering av mejl

Karlsson, Nicklas

January 2008

Denna rapport tar en titt på phishing-problemet, något som många har råkat ut för med bland annat de falska Nordea eller eBay mejl som på senaste tiden har dykt upp i våra inkorgar, och ett eventuellt sätt att minska phishingens effekt. Fokus i rapporten ligger på klassificering av mejl och den huvudsakliga frågeställningen är: ”Är det, med hög träffsäkerhet, möjligt att med hjälp av ett klassificeringsverktyg sortera ut mejl som har med phishing att göra från övrig skräppost.” Det visade sig svårare än väntat att hitta phishing mejl att använda i klassificeringen. I de klassificeringar som genomfördes visade det sig att både metoden Naive Bayes och med Support Vector Machine kan hitta upp till 100 % av phishing mejlen. Rapporten pressenterar arbetsgången, teori om phishing och resultaten efter genomförda klassificeringstest. / This report takes a look at the phishing problem, something that many have come across with for example the fake Nordea or eBay e-mails that lately have shown up in our e-mail inboxes, and a possible way to reduce the effect of phishing. The focus in the report lies on classification of e-mails and the main question is: “Is it, with high accuracy, possible with a classification tool to sort phishing e-mails from other spam e-mails.” It was more difficult than expected to find phishing e-mails to use in the classification. The classifications that were made showed that it was possible to find up to 100 % of the phishing e-mails with both Naive Bayes and with Support Vector Machine. The report presents the work done, facts about phishing and the results of the classification tests made.

Phishing

spam

classification

Naive Bayes

Support Vector Machine

RainBow

Cygwin

Anti-Phishing Working Group

spam filer

Phishing

nätfiske

spam

skräppost

klassificering

Naive Bayes

Support Vector Machine

RainBow

Cygwin

Anti-Phishing Working Group

spamfiler

Computer Sciences

Datavetenskap (datalogi)

A citizen perspective of phishing in Hong Kong

Karlsson, Jesper

January 2016

In the world of today, Internet is a part of everything we do. Almost all appliances, from the cell phone to in some cases even freezers, are getting options to connect up to the Internet. But in this great, new world lurks dangers, as new threats are developed and sent out on the Internet at the same rate with which they are resolved. The people in charge of managing their networks, be it a parent in a household or an employee at a corporation, needs knowledge of how to tackle these threats in a productive manner. Where do these people gain their knowledge and what does the public –who are joining the connected world at a rapid rate – think about having to gain this knowledge by themselves? Perhaps only a few need the knowledge of cybersecurity, or perhaps it should be covered as part of the school curriculum? This work strives to find the general opinion on this problem in one of the world’s most technologically advanced cities: Hong Kong. Data of the citizens’ opinion on the subject was collected using a questionnaire handed out to citizens in multiple public places in Hong Kong. This research could greatly benefit governments or corporations who are in the pipeline of starting up courses for cybersecurity education or businesses in need of people with that knowledge. The result was then compiled and analysed at which point the results then showed that the citizens of Hong Kong feel exposed to the threats that phishing poses. However, the majority also believed themselves capable of defending against phishing attempts. The result also showed the citizens claimed to have an understanding of phishing and a general awareness about most of the threats. The majority of the participants also thought that the responsibility to educate the populace about phishing should lie with the school system. Future work based on this study could, for example, broaden the perspective of the survey and include different types of cybersecurity threats or use the same concept, only changing the focused threat to another.

Phishing

Hong Kong

Other Computer and Information Science

Annan data- och informationsvetenskap

Phishing a ľudský faktor / Phishing and the human factor

Kalinová, Diana

January 2013

The main aim of the diploma thesis is to underline the importance of human factor for the success of phishing attacks and to identify the reasons, why the Czech and Slovak users are vulnerable to phishing. The thesis focuses on the user as the weakest part in the system which phishers exploit. Social and technical tricks that are cheating users are in the second chapter. The third chapter focuses on social engineering and sociological methods of attack. The fourth chapter is devoted to the delivery of phishing and fifth chapter explores the various types of phishing attacks. The sixth chapter presents the reasons for the operation of phishing, the aspects of credibility and authenticity of e-mails and web sites, that users follow and the implications of using the context in phishing. The victims of phishing have specific reactions which are mentioned in the seventh chapter. The eighth chapter explores the various measures against phishing, not just technology. Mentioned eight chapters present a theoretical basis for the following chapters of the diploma thesis. In the ninth chapter is performed analysis of the global situation of phishing. Through analysis are identified current and historical trends in phishing. Finally, the chapter shows the implications for the user. The tenth chapter is devoted to the phishing attacks in the Czech and Slovak Republic which are interesting in terms of the importance of human factor. We determine whether users are able to defend attacks only with their carefulness, mindfulness and awareness of phishing. Within the last chapter is taken empirical research through the questionnaire survey. The research verifies the awareness of the Czech and Slovak users about phishing, their personal experiences with phishing, their security habits and the aspects of credibility and authenticity that they consider in emails and websites. Based on all findings are drawn conclusions and recommendations.

New Approaches for Ensuring User Online Privacy

Bian, Kaigui

03 January 2008

With the increase of requesting personal information online, unauthorized disclosure of user privacy is a significant problem faced by today's Internet. As a typical identity theft, phishing usually employs fraudulent emails and spoofed web sites to trick unsuspecting users into divulging their private information. Even legitimate web sites may collect private information from unsophisticated users such as children for commercial purposes without their parents' consent. The Children's Online Privacy Protection Act (COPPA) of 1998 was enacted in reaction to the widespread collection of information from children and subsequent abuses identified by the Federal Trade Commission (FTC). COPPA is aimed at protecting child's privacy by requiring parental consent before collecting information from children under thirteen. In this thesis, we propose two solutions for ensuring user online privacy. By analyzing common characteristics of phishing pages, we propose a client-side tool, Trident, which works as a browser plug-in for filtering phishes. The experiment results show that Trident can identify 98-99% online and valid phishing pages, as well as automatically validate legitimate pages. To protect child's privacy, we introduce the POCKET (parental online consent on kids' electronic privacy) framework, which is a technically feasible and legally sound solution to enforce COPPA. Parents answer a questionnaire on their privacy requirements and the POCKET user agent generates a privacy preferences file. Meantime, the merchants are required to possess a privacy policy that is authenticated by a trusted third party. Only web sites that possess and adhere to their privacy policies are allowed to collect child's information; web sites whose policies do not match the client's preferences are blocked. POCKET framework incorporates a transaction protocol to secure the data exchange between an authenticated client and a POCKET-compliant merchant. / Master of Science

phishing attack

child's online privacy

COPPA

online privacy disclosure

Detecção de Phishing no Twitter Baseada em Algoritmos de Aprendizagem Online

Barbosa, Haline Pereira de Oliveira, 5592991791259

03 April 2018

Submitted by Haline Barbosa (halinebarbosa@icomp.ufam.edu.br) on 2018-11-23T12:40:23Z No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) HalinePereiradeOliveiraBarbosa.pdf: 2143170 bytes, checksum: ff7bf1fb1f0781cd5558c12bc7cba05a (MD5) / Approved for entry into archive by Secretaria PPGI (secretariappgi@icomp.ufam.edu.br) on 2018-11-23T14:34:32Z (GMT) No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) HalinePereiradeOliveiraBarbosa.pdf: 2143170 bytes, checksum: ff7bf1fb1f0781cd5558c12bc7cba05a (MD5) / Approved for entry into archive by Divisão de Documentação/BC Biblioteca Central (ddbc@ufam.edu.br) on 2018-11-23T18:24:02Z (GMT) No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) HalinePereiradeOliveiraBarbosa.pdf: 2143170 bytes, checksum: ff7bf1fb1f0781cd5558c12bc7cba05a (MD5) / Made available in DSpace on 2018-11-23T18:24:02Z (GMT). No. of bitstreams: 2 license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) HalinePereiradeOliveiraBarbosa.pdf: 2143170 bytes, checksum: ff7bf1fb1f0781cd5558c12bc7cba05a (MD5) Previous issue date: 2018-04-03 / Twitter is one of the most used social networks in the world with about 328 million users sharing images, videos, texts and links. Due to the restrictions on message size it is common for tweets to share shortened links to websites, making it impossible to visually identify the URL before knowing what will be displayed. Faced with this scenario, Twitter becomes a means of spreading phishing attacks through malicious links. Phishing is an attack that seeks to obtain personal information like name, CPF, passwords, number of bank accounts and numbers of credit cards. Twitter phishing attack detection systems are usually built using off-line supervised machine learning, where a large amount of data is examined once to induce a single static prediction model. In these systems, the incorporation of new data requires the reconstruction of the prediction model from the processing of the entire database, making this process slow and inefficient. In this work we propose a framework to detect phishing in Twitter. The framework uses supervised online learning, that is, the classifier is updated with each processed tweet and, if it makes a wrong prediction, the model is updated by adapting quickly to the changes with low computational cost, time and maintaining its efficiency in the task of ranking. For this study we evaluated the performance of the online learning algorithms Adaptive Random Forest, Hoeffding Tree, Naive Bayes, Perceptron and Stochastic Gradient Descent. The online Adaptive Random Forest classifier presented 99.8% prequential accuracy in the classification of phishing tweets. / O Twitter é uma das redes sociais mais utilizadas no mundo com cerca de centenas de milhões de usuários compartilhando imagens, vídeos, textos e links. Devido às restrições impostas no tamanho das mensagens é comum que os tweets compartilhem links encurtados para websites impossibilitando a identificação visual prévia da URL antes de saber o que será exibido. Tal problema tornou o Twitter um dos principais meios de disseminação de ataques de phishing através de links maliciosos. Phishing é um ataque que visa obter informações pessoais como nomes, senhas, números de contas bancárias e de cartões de crédito. Em geral, os sistemas de detecção de ataques de phishing projetados para o Twitter são construídos com base em modelos de classificação off-line. Em tais sistemas, um grande volume de dados é examinado uma única vez para induzir em um único modelo de predição estático. Nesses sistemas, a incorporação de novos dados requer a reconstrução do modelo de previsão a partir do processamento de toda a base de dados, tornando esse processo lento e ineficiente. Para solucionar este problema, este trabalho propõe um framework de detecção de phishing no Twitter. O framework utiliza aprendizagem online supervisionada, ou seja, o classificador é atualizado a cada tweet processado e, caso este realize uma predição errada, o modelo é atualizado se adaptando rapidamente às mudanças com baixo custo computacional, tempo e mantendo a sua eficiência na tarefa de classificação. Para este estudo avaliamos o desempenho dos algoritmos de aprendizagem online Adaptive Random Forest, Hoeffding Tree, Naive Bayes, Perceptron e Stochastic Gradient Descent. O classificador online Adaptive Random Forest apresentou acurácia prequential 99,8%, na classificação de tweets de phishing.

Detecção de phishing

Twitter

Aprendizagem de máquina

Classificador online

Phishing detection

machine learning

online learning

The Impact of Information Security Awareness on Compliance with Information Security Policies: a Phishing Perspective

Hanus, Bartlomiej T.

08 1900

This research seeks to derive and examine a multidimensional definition of information security awareness, investigate its antecedents, and analyze its effects on compliance with organizational information security policies. The above research goals are tested through the theoretical lens of technology threat avoidance theory and protection motivation theory. Information security awareness is defined as a second-order construct composed of the elements of threat and coping appraisals supplemented by the responsibilities construct to account for organizational environment. The study is executed in two stages. First, the participants (employees of a municipality) are exposed to a series of phishing and spear-phishing messages to assess if there are any common characteristics shared by the phishing victims. The differences between the phished and the not phished group are assessed through multiple discriminant analysis. Second, the same individuals are asked to participate in a survey designed to examine their security awareness. The research model is tested using PLS-SEM approach. The results indicate that security awareness is in fact a second-order formative construct composed of six components. There are significant differences in security awareness levels between the victims of the phishing experiment and the employees who maintain compliance with security policies. The study extends the theory by proposing and validating a universal definition of security awareness. It provides practitioners with an instrument to examine awareness in a plethora of settings and design customized security training activities.

security awareness

policy compliance

phishing

threat avoidance

information security

Data protection.

Computer networks -- Security measures.

Phishing -- Case studies.