Detection and prevention of possible unauthorized login attempts through stolen credentials from a phishing attack in an online banking system

2017 International Conference on Research and Innovation in Information Systems (ICRIIS) Pub Date : 2017-07-16 DOI:10.1109/ICRIIS.2017.8002440

Shammi Ishara Hewamadduma

{"title":"Detection and prevention of possible unauthorized login attempts through stolen credentials from a phishing attack in an online banking system","authors":"Shammi Ishara Hewamadduma","doi":"10.1109/ICRIIS.2017.8002440","DOIUrl":null,"url":null,"abstract":"With the current technological expansions customers wish to use online banking facilities due to its convenience and worldwide accessibility. The main challenge of going online for a bank is to provide sufficient security for the online customers and their accounts. The dramatic growth of the number of online banking customers has attracted cyber criminals and identity theft is a severe threat to online banking services. Phishing is a famous and easiest method to steal user credential of online customers where the sole intention is to obtain confidential information for the purpose of monetary gain. In such a situation the main purpose of this research paper is to analysis the usage of phishing attacks and the dangers it poses to customers and the bank, then to find out the available methods to detect and prevent unauthorized login attempts, the technologies and security weaknesses of those methods and finally to propose a solution to detect and prevent unauthorized login attempts using behavioral based analysis, IP and device identification technologies.","PeriodicalId":384130,"journal":{"name":"2017 International Conference on Research and Innovation in Information Systems (ICRIIS)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Research and Innovation in Information Systems (ICRIIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRIIS.2017.8002440","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

With the current technological expansions customers wish to use online banking facilities due to its convenience and worldwide accessibility. The main challenge of going online for a bank is to provide sufficient security for the online customers and their accounts. The dramatic growth of the number of online banking customers has attracted cyber criminals and identity theft is a severe threat to online banking services. Phishing is a famous and easiest method to steal user credential of online customers where the sole intention is to obtain confidential information for the purpose of monetary gain. In such a situation the main purpose of this research paper is to analysis the usage of phishing attacks and the dangers it poses to customers and the bank, then to find out the available methods to detect and prevent unauthorized login attempts, the technologies and security weaknesses of those methods and finally to propose a solution to detect and prevent unauthorized login attempts using behavioral based analysis, IP and device identification technologies.

查看原文本刊更多论文

侦测和预防网上银行系统中可能的未经授权登入企图，透过窃取凭证进行网路钓鱼攻击

随着当前技术的发展，客户希望使用网上银行设施，因为它的便利性和全球可访问性。银行走向网上的主要挑战是为网上客户及其账户提供足够的安全保障。网上银行客户数量的急剧增长吸引了网络犯罪分子，身份盗窃对网上银行服务构成严重威胁。网络钓鱼是一种著名且最简单的窃取在线客户用户凭证的方法，其唯一目的是获取机密信息以获取金钱利益。在这种情况下，本研究论文的主要目的是分析网络钓鱼攻击的使用情况及其对客户和银行构成的危险，然后找出检测和防止未经授权登录尝试的可用方法，这些方法的技术和安全弱点，最后提出使用基于行为的分析，IP和设备识别技术来检测和防止未经授权登录尝试的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 International Conference on Research and Innovation in Information Systems (ICRIIS)

自引率

0.00%

发文量