TY - JOUR KW - Browser Indicators KW - Cookies KW - Dynamic Identity KW - Password Authentication KW - Phishing AU - Sandeep Sood AB -

Password based authentication is used in online web applications due to its simplicity and convenience. Main advantage of passwords is that users can memorize them easily without needing any hardware to store them. Efficient password based authentication schemes are required to authenticate legitimacy of remote users or data origin authentication over an insecure communication channel. Password based authentication schemes are highly susceptible to phishing attacks. The phishing attacks are becoming more and more sophisticated and therefore require strong countermeasures. It is important to detect the phishing sites early because most of them are short-lived and cause the damage in the short time span between going online and vanishing. Phishing is doing direct damage to the financial industry and is also affecting the expansion of e-commerce. In this paper, we present the survey of different anti-phishing techniques based on several crucial criteria. This study will help in developing different password based anti-phishing authentication techniques for web applications. Financial transactions in web applications require highly secure authentication protocols. Phishing is the biggest problem financial organizations are facing to provide online transaction services. Most threatening phishing attacks require countermeasures to make online transactions reliable and secure.

BT - Information & Security: An International Journal DA - 2011 DO - https://dx.doi.org/10.11610/isij.2602 IS - 1 LA - eng N2 -

Password based authentication is used in online web applications due to its simplicity and convenience. Main advantage of passwords is that users can memorize them easily without needing any hardware to store them. Efficient password based authentication schemes are required to authenticate legitimacy of remote users or data origin authentication over an insecure communication channel. Password based authentication schemes are highly susceptible to phishing attacks. The phishing attacks are becoming more and more sophisticated and therefore require strong countermeasures. It is important to detect the phishing sites early because most of them are short-lived and cause the damage in the short time span between going online and vanishing. Phishing is doing direct damage to the financial industry and is also affecting the expansion of e-commerce. In this paper, we present the survey of different anti-phishing techniques based on several crucial criteria. This study will help in developing different password based anti-phishing authentication techniques for web applications. Financial transactions in web applications require highly secure authentication protocols. Phishing is the biggest problem financial organizations are facing to provide online transaction services. Most threatening phishing attacks require countermeasures to make online transactions reliable and secure.

PY - 2011 SE - 12 SP - 12 EP - 26 T2 - Information & Security: An International Journal TI - Phishing Attacks: A Challenge Ahead VL - 26 ER -