Welcome to the InfoSci Platform
Reference Hub3
Defeating Active Phishing Attacks for Web-Based Transactions

Defeating Active Phishing Attacks for Web-Based Transactions

Xin Luo, Tan Teik Guan
Copyright: © 2007 |Volume: 1 |Issue: 3 |Pages: 14
ISSN: 1930-1650|EISSN: 1930-1669|ISSN: 1930-1650|EISBN13: 9781615203291|EISSN: 1930-1669|DOI: 10.4018/jisp.2007070104
Cite Article Cite Article

MLA

Luo, Xin, and Tan Teik Guan. "Defeating Active Phishing Attacks for Web-Based Transactions." IJISP vol.1, no.3 2007: pp.47-60. http://doi.org/10.4018/jisp.2007070104

APA

Luo, X. & Guan, T. T. (2007). Defeating Active Phishing Attacks for Web-Based Transactions. International Journal of Information Security and Privacy (IJISP), 1(3), 47-60. http://doi.org/10.4018/jisp.2007070104

Chicago

Luo, Xin, and Tan Teik Guan. "Defeating Active Phishing Attacks for Web-Based Transactions," International Journal of Information Security and Privacy (IJISP) 1, no.3: 47-60. http://doi.org/10.4018/jisp.2007070104

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Till now, the best defense against phishing is the use of two-factor authentication systems. Yet this protection is short-lived and comparatively weak. The absence of a fool-proof solution against man-in-the-middle, or active phishing, attacks have resulted in an avalanche of security practitioners painting bleak scenarios where active phishing attacks cripple the growth of Web-based transactional systems. Even with vigilant users and prudent applications, no solutions seem to have addressed the attacks comprehensively. In this article, we propose the new two-factor interlock authentication protocol (TIAP), adapted from the interlock protocol with two-factor authentication, which is able to defend successfully against active phishing attacks. We further scrutinize the TIAP by simulating a series of attacks against the protocol and demonstrate how each attack is defeated.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.