Alice, what did you do last time? Fighting Phishing Using Past Activity Tests

نویسندگان

Nikos Nikiforakis

Andreas Makridakis

Elias Athanasopoulos

Evangelos P. Markatos

چکیده

Phishing attacks are one of the most crucial modern security threats in the current World Wide Web. An adversary may clone a legitimate Web site and lure a user to submit her credentials to the malicious construct. The adversary may then use the stolen credentials to the authentic site. In this paper we present a novel idea to fight phishing using Past Activity Tests (PACTs). In a nutshell, PACTs take advantage of the fact that the user has accessed at least once her account in the past, contrary to the phisher who accesses the user’s account for the first time. Thus, a user can answer a question relative to her past activity, but the attacker can not.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

It Ain’t What You Do (But the Way That You Do It): Will Safety II Transform the Way We Do Patient Safety; Comment on “False Dawns and New Horizons in Patient Safety Research and Practice”

Mannion and Braithwaite outline a new paradigm for studying and improving patient safety – Safety II. In this response, I argue that Safety I should not be dismissed simply because the safety management strategies that are developed and enacted in the name of Safety I are not always true to the original philosophy of ‘systems thinking.’

متن کامل

Chapter 3 Improving Phishing Countermeasures

As the battle against phishing continues, many questions remain about where stakeholders should place their efforts to achieve effective prevention, speedy detection, and fast action. Do stakeholders have sufficient incentives to act? What should be the top priorities for the anti-phishing community? To provide insights into these questions we conducted 31 in-depth interviews with anti-phishing...

متن کامل

Anticipating Experimental Risks Using Surveys

We introduce a survey instrument for anticipating otherwise-unforeseen risks resulting from research experiments. We present experiments hypothetically, then ask: “If someone you cared about were a candidate participant for this experiment, would you want that person to be included as a participant?” (Q1) and “Do you believe the researchers should be allowed to proceed with this experiment?” (Q...

متن کامل

قانون طلایی تدارک حمایت از دانش آموزان با نیازهای ویژه در کلاسهای فراگیر: از دیگران آنطور حمایت کنید که دوست دارید از شما حمایت کنند

Consider for a moment that the school system paid someone to be with you supporting you 8 hours a day, 5 days a week. Now, imagine that you had no say over who that support person was or how she or he supported you. Or imagine that someone regularly stopped into your place of employment to provide you with one-on-one support. This person was present for all your interactions, escorted you to th...

متن کامل