Web spoofing revisited: SSL and beyond
EZ Ye, Y Yuan, S Smith - 2002 - digitalcommons.dartmouth.edu
Can users believe what their browsers tell them? Even sophisticated Web users decide
whether or not to trust a server based on browser cues such as location bar information, SSL …
whether or not to trust a server based on browser cues such as location bar information, SSL …
Methods, systems, and media for masquerade attack detection by monitoring computer user behavior
Methods, systems, and media for masquerade attack detec tion by monitoring computer user
behavior are provided. In accordance with some embodiments, a method for detecting …
behavior are provided. In accordance with some embodiments, a method for detecting …
[PDF][PDF] Security awareness of computer users: A game based learning approach
NAG Arachchilage, N Asanka - 2012 - core.ac.uk
The research reported in this thesis focuses on developing a framework for game design to
protect computer users against phishing attacks. A comprehensive literature review was …
protect computer users against phishing attacks. A comprehensive literature review was …
Trust on web browser: Attack vs. defense
This paper proposes a browser spoofing attack which can break the weakest link from the
server to user, ie, man-computer-interface, and hence defeat the whole security system of …
server to user, ie, man-computer-interface, and hence defeat the whole security system of …
[图书][B] Cryptographics: exploiting graphics cards for security
D Cook, AD Keromytis - 2006 - books.google.com
Software that covertly monitors user actions, also known as spyware, has become a first-
level security threat due to its ubiquity and the difficulty of detecting and removing it. This is …
level security threat due to its ubiquity and the difficulty of detecting and removing it. This is …
A new approach to Internet banking
M Johnson - 2008 - cl.cam.ac.uk
This thesis investigates the protection landscape surrounding online banking. First,
electronic banking is analysed for vulnerabilities and a survey of current attacks is carried …
electronic banking is analysed for vulnerabilities and a survey of current attacks is carried …
Explicit authentication response considered harmful
Automated online password guessing attacks are facilitated by the fact that most user
authentication techniques provide a yes/no answer as the result of an authentication …
authentication techniques provide a yes/no answer as the result of an authentication …
Keyjacking: the surprising insecurity of client-side SSL
J Marchesini, SW Smith, M Zhao - Computers & Security, 2005 - Elsevier
In theory, PKI can provide a flexible and strong way to authenticate users in distributed
information systems. In practice, much is being invested in realizing this vision via client-side …
information systems. In practice, much is being invested in realizing this vision via client-side …
Invalid certificates in modern browsers: A socio-technical analysis
The authentication of a web server is a crucial procedure in the security of web browsing. It
relies on certificate validation, a process that may require the participation of the user. Thus …
relies on certificate validation, a process that may require the participation of the user. Thus …
Operating system framed in case of mistaken identity: measuring the success of web-based spoofing attacks on os password-entry dialogs
When asking users to enter credentials, today's desktop operating systems often use
windows that provide scant evidence that a trusted path has been established; evidence that …
windows that provide scant evidence that a trusted path has been established; evidence that …