Article: An intelligent anti-phishing solution: password-transaction secure window Journal: International Journal of Internet Technology and Secured Transactions (IJITST) 2011 Vol.3 No.3 pp.279 - 292 Abstract: Current phishing attacks cause serious problems to both organisations and users. Phishing attackers try to steal the confidential information of the users such as their username, password etc. Phishing is done either by e-mails or instant messaging or by a spoofed website which is an exact replica of original one. It is very difficult to distinguish fake websites and legitimate websites. Homograph attacks help in phishing and make it more difficult for users to identify them. Some malware like key-loggers also help to steal the crucial information. A different type of malware called transaction generator (TG) is also used by attackers. Instead of passing the confidential information to attackers, a TG waits until users login into their accounts and then does the transaction illegally in the background. In this paper, we present several anti-phishing methods with their pros and cons. In addition, we propose an intelligent anti-phishing solution named Password-Transaction Secure Window (PTSW) in order to secure users and their personal information. The PTSW is a cheap and efficient solution against password and transaction attacks. Inderscience Publishers - linking academia, business and industry through research

Title: An intelligent anti-phishing solution: password-transaction secure window

Authors: Dharmendra Choukse, Umesh Kumar Singh, Dimitris Kanellopoulos

Addresses: Institute of Engineering and Sciences, IPS Academy, Rajendra Nagar Indore, Pin 452012, India. ' Institute of Computer Science, Vikram University, Ujjain, Pin 456010, India. ' Department of Mathematics, University of Patras, University Campus, 26500, Rio, Patras, Greece

Abstract: Current phishing attacks cause serious problems to both organisations and users. Phishing attackers try to steal the confidential information of the users such as their username, password etc. Phishing is done either by e-mails or instant messaging or by a spoofed website which is an exact replica of original one. It is very difficult to distinguish fake websites and legitimate websites. Homograph attacks help in phishing and make it more difficult for users to identify them. Some malware like key-loggers also help to steal the crucial information. A different type of malware called transaction generator (TG) is also used by attackers. Instead of passing the confidential information to attackers, a TG waits until users login into their accounts and then does the transaction illegally in the background. In this paper, we present several anti-phishing methods with their pros and cons. In addition, we propose an intelligent anti-phishing solution named Password-Transaction Secure Window (PTSW) in order to secure users and their personal information. The PTSW is a cheap and efficient solution against password and transaction attacks.

Keywords: phishing attacks; intelligent anti-phishing; authentication; computer fraud; information assurance; privacy protection; information security; personal information; password attacks; transaction attacks.

DOI: 10.1504/IJITST.2011.041296

International Journal of Internet Technology and Secured Transactions, 2011 Vol.3 No.3, pp.279 - 292

Received: 10 Feb 2010
Accepted: 16 May 2010
Published online: 29 Nov 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: An intelligent anti-phishing solution: password-transaction secure window

Keep up-to-date