Google scholar arxiv informatics ads IJAIS publications are indexed with Google Scholar, NASA ADS, Informatics et. al.

Call for Paper

-

November Edition 2018

International Journal of Applied Information Systems solicits high quality original research papers for the November 2018 Edition of the journal. The last date of research paper submission is October 15, 2018.

Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification

O.O. Anifowose, S.E. Abdullahi, S.B. Junaidu. Published in Information Sciences

International Journal of Applied Information Systems
Year of Publication: 2016
Publisher: Foundation of Computer Science (FCS), NY, USA
Authors: O.O. Anifowose, S.E. Abdullahi, S.B. Junaidu
10.5120/ijais2016451512
Download full text
  1. O O Anifowose, S E Abdullahi and S B Junaidu. Article: Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification. International Journal of Applied Information Systems 10(5):48-53, February 2016. BibTeX

    @article{key:article,
    	author = "O.O. Anifowose and S.E. Abdullahi and S.B. Junaidu",
    	title = "Article: Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification",
    	journal = "International Journal of Applied Information Systems",
    	year = 2016,
    	volume = 10,
    	number = 5,
    	pages = "48-53",
    	month = "February",
    	note = "Published by Foundation of Computer Science (FCS), NY, USA"
    }
    

Abstract

Online users now make use of internet banking as a major platform of making payments of products online. Cybercriminals are using newer and more advanced methods to target online users. Attacks ranging from reverse social engineering called Phishing; whereby spam messages are sent to customers’ emails consisting of links then to fake websites to Trojans that are installed in the user’s computer system without his knowledge which monitors the customer’s financial transactions on his account which are later used for financial gain which ultimately results in loss of financial funds for affected victims. One of the fastest growing threats and attacks in the world today is Man-in-the-Browser (MITB) attacks. MITB attacks are a specialized and upgraded version of Man-in-the-Middle (MITM) attack whereby it installs itself on the user’s PC without the user’s concept through internet usage then steals data authentication details and alters legitimate user transactions for the attacker’s benefit. As the advance in technology continues to influence the way society makes payment for goods and services, then more advanced security approach is required for transaction verification on the internet.

This paper proposes a more secure authentication for online transaction using Anti-Form Grabbing technique with Email Verification service.

Reference

  1. Abbasi, A.G., Muftic, S., and Hotamov, I. (2010). Web Contents Protection, Secure Execution and Authorized Distribution, Computing in the Global Information Technology, Fifth International Multi-conference on Computing in the Global Information Technology, International Multi-Conference on, pp. 157-162.
  2. Akinwale, T. A., Adekoya, F. A., and Ooju, E. O. (2011). Multi-Level Cryptographic Functions for the Functionalities of Open Database System, Department of Computer Science, University of Agriculture, Abeokuta, Nigeria.
  3. Association of German Banks. (2007). Online banking security. Berlin: Bundesverband deutsher Banken.
  4. Batchelor, B., The History of E-Banking. Retrieved August 11 2014 from http://www.ehow.com/about_5109945_history-ebanking.html
  5. Boswell, W. (2014)., The History of the Web. Retrieved August 10 2014 from http://websearch.about.com/od/searchingtheweb/a/webhistory.htm
  6. Canali, D., and Balzarotti, D. (2013). Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web. NDSS 2013, 20th Annual Network and Distributed System Security Symposium, February 24-27, 2013, San Diego, CA, United States.
  7. Fazli, B., Kamarularifin, A., and Jamalul-lail, A. (2012). International Journal of Cyber-Security and Digital Forensics (IJCSDF). Mitigating Man-In-The-Browser Attacks with Hardware-based Authentication Scheme. 1(3): 204-210.
  8. Nilsson, D. (2012). Security in Behaviour Driven Authentication for Web Applications, Master thesis, Department of Computer Science, Electrical and Space Engineering.
  9. Jason, W., Damien, H., and Justin, P. (2008). Enhanced Security for Preventing Man-in-the-Middle Attacks in Authentication, Data Entry and Transaction Verification. Deakin University: Australian Information Security Management Conference.
  10. Jjchai.(2010)., Online banking. Retrieved August 11 2014 from http://www.slideshare.net/jjchai/online-banking
  11. RSA Lab, Making Sense of Man-in-the-browser Attacks, http://viewer.media.bitpipe.com/1039183786_34/1295277188_16/MITB_WP_05 10-RSA.pdf.
  12. Scholasticus, K.(2009)., History of Internet Banking. Retrieved August 11 2014 from http://www.buzzle.com/articles/history-of-internet-banking.html
  13. Sidheeq, M., Dehghantanha, A., and Kananparan, G. (2010). Utilizing trusted platform module to mitigate botnet attacks, Computer Applications and Industrial Electronics, International Conference on, vol., no., pp. 245-249.
  14. Weigold, W., Kramp, T., Hermann, R., Horing, F., Buhler, P., and Baentsch, M. (2008). The Zurich Trusted Information Channel: An efficient defense against Man-in-the-middle and malicious software attacks TRUST'2008. LNCS, vol. 4968, pp. 75-91.

Keywords

Internet banking, Man-in-the-Middle attack, Man-in-the-Browser attack and authentication.