Cantina: a content-based approach to detecting phishing web sites
Phishing is a significant problem involving fraudulent email and web sites that trick
unsuspecting users into revealing private information. In this paper, we present the design …
unsuspecting users into revealing private information. In this paper, we present the design …
Anti-phishing phil: the design and evaluation of a game that teaches people not to fall for phish
S Sheng, B Magnien, P Kumaraguru… - Proceedings of the 3rd …, 2007 - dl.acm.org
In this paper we describe the design and evaluation of Anti-Phishing Phil, an online game
that teaches users good habits to help them avoid phishing attacks. We used learning …
that teaches users good habits to help them avoid phishing attacks. We used learning …
Very fast containment of scanning worms, revisited
Computer worms—malicious, self-propagating programs—represent a significant threat to
large networks. One possible defense, containment, seeks to limit a worm's spread by …
large networks. One possible defense, containment, seeks to limit a worm's spread by …
An evaluation of extended validation and picture-in-picture phishing attacks
C Jackson, DR Simon, DS Tan, A Barth - Financial Cryptography and Data …, 2007 - Springer
In this usability study of phishing attacks and browser anti-phishing defenses, 27 users each
classified 12 web sites as fraudulent or legitimate. By dividing these users into three groups …
classified 12 web sites as fraudulent or legitimate. By dividing these users into three groups …
Dynamic pharming attacks and locked same-origin policies for web browsers
We describe a new attack against web authentication, which we call dynamic pharming.
Dynamic pharming works by hijacking DNS and sending the victim's browser malicious …
Dynamic pharming works by hijacking DNS and sending the victim's browser malicious …
Using a personal device to strengthen password authentication from an untrusted computer
M Mannan, PC Van Oorschot - International Conference on Financial …, 2007 - Springer
Keylogging and phishing attacks can extract user identity and sensitive account information
for unauthorized access to users' financial accounts. Most existing or proposed solutions are …
for unauthorized access to users' financial accounts. Most existing or proposed solutions are …
A systematic approach to uncover security flaws in GUI logic
S Chen, J Meseguer, R Sasse… - … IEEE Symposium on …, 2007 - ieeexplore.ieee.org
To achieve end-to-end security, traditional machine-to-machine security measures are
insufficient if the integrity of the human-computer interface is compromised. GUI logic flaws …
insufficient if the integrity of the human-computer interface is compromised. GUI logic flaws …
Compartmented security for browsers-or how to thwart a phisher with trusted computing
S Gajek, AR Sadeghi, C Stuble… - … Reliability and Security …, 2007 - ieeexplore.ieee.org
Identity theft through phishing attacks has become a major concern for Internet users.
Typically, phishing attacks aim at luring the user to a faked Web site to disclose personal …
Typically, phishing attacks aim at luring the user to a faked Web site to disclose personal …
Unveiling the mask of phishing: Threats, preventive measures, and responsibilities
I Bose, ACM Leung - … of the Association for Information Systems, 2007 - aisel.aisnet.org
Phishing, a new-rise identity fraud of this century has already caused huge financial loss
and social disorder. This paper provides an overview of the evolution and forecasted trend …
and social disorder. This paper provides an overview of the evolution and forecasted trend …
Wske: Web server key enabled cookies
C Masone, KH Baek, S Smith - International Conference on Financial …, 2007 - Springer
In this paper, we present the design and prototype of a new approach to cookie
management: if a server deposits a cookie only after authenticating itself via the SSL …
management: if a server deposits a cookie only after authenticating itself via the SSL …