查看文章

The rapid growth of security incidents and data breaches recently had risen concerns on Internet banking security issues. Existing Internet banking authentication mechanism that primarily relies on the conventional password-only authentication cannot efficiently resist to recent password guessing and password cracking attacks. To address this problem, this paper proposed an eXtended Honey Encryption (XHE) scheme by adding an additional protection mechanism on the existing user authentication mechanism. When the malicious user attempts to unauthorized access to online bank account by entering his guessed password, instead of rejecting the access, the XHE algorithm generates an indistinguishable bogus bank data, subsequently redirects attacker to fake user account, in which the attack could not determine whether the guessed password is working correctly or not. Therefore, increasing the …