WO2008127265A1 - Authentification sécurisée d'un site web en utilisant les caractéristiques du site web, des références d'utilisateur sécurisées et un navigateur privé - Google Patents

Authentification sécurisée d'un site web en utilisant les caractéristiques du site web, des références d'utilisateur sécurisées et un navigateur privé Download PDF

Info

Publication number
WO2008127265A1
WO2008127265A1 PCT/US2007/016866 US2007016866W WO2008127265A1 WO 2008127265 A1 WO2008127265 A1 WO 2008127265A1 US 2007016866 W US2007016866 W US 2007016866W WO 2008127265 A1 WO2008127265 A1 WO 2008127265A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
web site
address
specific
agent program
Prior art date
Application number
PCT/US2007/016866
Other languages
English (en)
Inventor
William Loesch
Derek Fluker
Original Assignee
Guardid Systems
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guardid Systems filed Critical Guardid Systems
Publication of WO2008127265A1 publication Critical patent/WO2008127265A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Definitions

  • the present invention relates to the field of online computer security.
  • the present invention provides a system and process for maintaining a database of information and characteristics about specific web sites, particularly the web sites of financial institutions, to facilitate more secure authentication of selected web sites and to protect against "phishing" and "pharming" attacks.
  • the process allows user/clients to utilize the information and characteristics stored in the website database to help to validate the identity of the website before passing sensitive information to the website such as authentication credentials.
  • the present invention allows user/clients of multiple online services to periodically receive updated information about selected websites.
  • Cyber criminals use two different types of attacks to steal user/client confidential authentication information (e.g. user name and password): "phishing" and "pharming". In phishing (pronounced "fishing") attacks, cyber criminals send out a wave of spam email, sometimes up to millions of messages.
  • Each email contains a message that appears to come from a well-known and trusted company (i.e. bank or other financial institution). The message urges the recipient to click on a link provided in the mail. Upon clicking on the link provided in the phishing email, the user/client is presented an authentic-looking, but actually bogus web site which asks the user/client to enter his/her confidential authentication information, that is, usernames, passwords, etc.
  • Pharming (pronounced "farming") is another form of online fraud. Pharmers rely upon the same bogus web sites and theft of confidential information to perpetrate online scams, but are more difficult to detect because they do not rely upon the victim accepting a "bait" message. Instead of relying on users clicking on an enticing link in fake email messages, pharming instead use an attack called DNS (domain name server) cache poisoning to redirect victims to the bogus web site even if they type the right web address of their bank or other online service into their web browser. Domain name servers are often associated with Internet service providers (ISP's) and function to convert calls to URL's (uniform resource locators), such as the form www.website.com. to numeric IP (Internet protocol) addresses for their subscribers.
  • ISP's Internet service providers
  • URL's uniform resource locators
  • Fig. 1 illustrates how this a blacklist scheme works.
  • An email 201 with an embedded URL has the URL compared at 203 with a blacklist of known phishing URL's. If the comparison is a match at 205, the web site is probably a phishing site.
  • blacklist tools are not very effective against phishing attacks because cyber criminals routinely change the URL in their phishing emails on a daily or even hourly basis.
  • blacklist anti-phishing solutions are usually combined with "heuristic" algorithms which attempt to monitor every web site visited by the user/client and determine, based on characteristics of the web site whether that site might be a bogus phishing or pharming site. Heuristic algorithms often make use of artificial intelligence techniques.
  • hueristic algorithms In order to be effective, hueristic algorithms must look at every web page visited by the user. Hueristic algorithms typically look at characteristics of the web page together with the web site URL and IP address and attempt to rank the security risk of the web page.
  • Fig. 2 illustrates the operation of a heuristic algorithm.
  • the email 210 with an embedded URL is processed, and the web site specified is downloaded at 212 and analyzed by the heuristic algorithm at 214. If a match occurs at 216, the web site may be a phishing site, but the result is inconclusive. If no match occurs at 216, the web site may not be a phishing site, but again the test is not conclusive.
  • Hueristic algorithms are almost impossible to test and typically result in both false positive and false negative results.
  • This invention provides a process which overcomes deficiencies of known web site authentication processes.
  • the invention provides an improved approach to providing users/clients with a tool to defeat both phishing and pharming attacks.
  • An embodiment of the process couples a dedicated secure hardware store for end-user log-on credentials with a private web browser application which cannot be compromised by plug-ins and a whitelist of known financial institution web sites to provide secure authentication and guard against pharming and phishing attacks.
  • the password store is a secure repository for user sign-in credentials, such as a username and a password.
  • Information in the password store is not stored on the client computer, but instead is stored in a separate protected memory, such as a smart card, a nonvolatile USB (universal serial bus) memory device, or some other equivalent hardware token which can be disconnected from the user's computer when not needed to greatly reduce vulnerabilities to corruption.
  • Client software is provided which allows end users to enter and store their sign-in credentials for selected web sites in the password store.
  • the hardware-protected password store is coupled with a web site database which contains specific information about selected web sites, especially the web sites of financial institutions.
  • Such web site database is protected by a digital signature stored in the protected memory, so that only an end-user possessing the protected memory hardware store can access the web site database.
  • Information in this web site database includes the web site URL, web site IP address (or addresses), and textual and/or graphical information contained in the web site.
  • the web site database is stored on the end-user's computer and is periodically updated with new information sent from an update web site database server. Such updates are also protected by the digital signature stored in the protected memory.
  • the phishing protection embodiment operates in the following way: An agent program monitors all attempts by user to send data to any web site.
  • the agent program accomplishes this through agent program plug-ins to standard web browsers.
  • the agent program intercepts any "post" data stream and checks to see if any text fields within post stream match any credentials stored in the password store. If no match is detected, the agent program allows user data to be sent to web site. If a match is detected, the agent program retrieves the actual IP address of the site contacted and compares it with the IP address or addresses for the specific entry in the web site database associated with the sign-in credential which matches the text typed by the user. If no match is detected, the agent program warns the user and prevents the user from sending the user's credentials to the web site. If a match is detected, the agent program starts a private browser and sends user's credentials to web site. If the user's credentials are accepted by the web site, a session is established and run completely within the private browser.
  • the private browser of the authentication process is a program which processes web page code in a manner similar to standard browsers.
  • the private browser has no capabilities for the installation of browser plug-ins.
  • Browser plug-ins are extensions of standard browser programs which usually perform additional, beneficial functions for the user, such as image readers, media players, and the like.
  • malicious plug-ins have been devised which perform actions detrimental to the user, such as stealing sign-on credentials which are sent to web sites operated by cyber criminals, and other malicious actions.
  • the lack of a capability of installing any kind of plug-ins in the private browser makes it invulnerable to this kind of corruption.
  • the pharming protection embodiment includes the following steps: The user enters a web site URL into the user's standard web browser, by any method, such as typing in the URL, clicking on a link, or the like.
  • the agent program checks to see if the web site URL entered by user into the web browser matches any of the web site URL's in the web site database. If no match is detected, no further action is taken by the agent program, and web site communication is handled by the user's standard or default web browser. If a match is detected, the agent program starts the private browser. The private browser contacts the web site associated with the URL and waits for the remote server to return the requested web page to the private browser. Once the remote server has returned the requested web page to the private browser, the agent program determines the IP address of the remote server.
  • the agent program compares the IP address of the remote server with the IP address (or addresses) associated with the web site URL which are stored in web site database. If the IP address of the remote server does not match any of the IP addresses associated with the web site URL in the web site database, the agent program issues a warning that the user is not connected to the originally requested site, and does not allow user to retrieve sign-in credentials from the password store and send them to the web site. If the IP address of the remote server matches one of the IP addresses associated with the web site URL in the web site database, the agent program retrieves the user's credentials from the password store and passes them to the private browser which in turn passes them to the web site. If the user's credentials are accepted by the web site, a session is established and run completely within the private browser.
  • Fig. 1 is a flow diagram showing a conventional blacklist approach to protecting against phishing attempts.
  • Fig. 2 is a flow diagram showing a conventional heuristic approach to protecting against phishing attempts.
  • Fig. 3 is a block diagram showing principal components used by a secure web site authentication process according to the present invention.
  • Fig. 4 is a flow diagram illustrating principal steps of a phishing protection embodiment of the secure web site authentication process of the present invention.
  • Fig. 5 is a flow diagram illustrating principal steps of a pharming protection embodiment of the secure web site authentication process of the present invention.
  • the reference numeral 1 (Fig. 3) generally designates components of a secure web site authentication process which is an embodiment of the present invention.
  • the process 1 is employed in cooperation with a user computer 3 to provide secure access over a universal computer network such as the Internet 5 to web sites storing information sensitive to a user of the computer 3, such as financial web sites 7 and 9.
  • the process 1 functions to prevent attempted accesses to intended web sites 7 or 9 from being redirected to malicious or bogus web sites, such as web site 13, through phishing or pharming attacks, or other malicious activities.
  • the user computer 3 may be any type of so-called personal computer, such as a desktop computer, a notebook computer, a tablet computer, a personal digital assistant (PDA), or other computing device which can access web sites 7 or 9, through the Internet 5, either by wired or wireless connection, to conduct business therewith, including certain cellular telephones.
  • the user computer 3 is a desktop or a notebook type of computer.
  • Such computers 3 normally have a standard web browser program 20 installed therein for such Internet access, and the browser 20 may have browser plug-in programs 22 installed therein for expanding capabilities of the browser 20 for such things as reading particular data or image formats, playing various kinds of media files such as audio and video files, and the like.
  • Such browsers 20 may include, but are not limited to, programs such as Microsoft Internet Explorer, Netscape, Mozilla Firefox, or the like.
  • Conventional user computers 3 typically include an email program 24 which is used for sending and receiving emails 26 with other users.
  • spam email A fact of current email operation is that users often receiving large numbers of unsolicited email 26, often referred to as "spam". Many spam emails are attempts to entice the user to spend money and are otherwise relatively harmless. However, some spam email includes malicious software, referred to as "malware”, which may include computer viruses, worms, Trojan horses, spyware, adware, and the like. Some unsolicited email 26 has the appearance of originating from a trusted source, such as financial web site A (7) or financial web site N (9) and may include what appears to be a link to the financial sites 7 or 9, which may be a bank, an investment fund, or other financial entity with which the user may have an account.
  • a trusted source such as financial web site A (7) or financial web site N (9) and may include what appears to be a link to the financial sites 7 or 9, which may be a bank, an investment fund, or other financial entity with which the user may have an account.
  • the email will include what appears to be a link to the web site of the financial institution and often will have a message which urges the user to access the link and "verify their account information".
  • the user is encouraged to enter their account credentials, such as user name and password, for their account at the institution to access their account information.
  • the linked web site is actually a bogus web site 13 and any credential information entered by the user is logged and used to compromise the user's account, identity, or the like. Such malicious activity is referred to as phishing.
  • Domain name servers (DNS) 30 are used in Internet communications to convert
  • a domain name server 30 is corrupted to associate a URL, such as for financial web site A (7), with an IP address which is associated with bogus financial web site A (13).
  • a user attempts to access financial web site 7 and enters log-in or sign-on credentials 34, the user is actually accessing bogus financial web site 13 and giving the user's credentials 34 to the malicious site.
  • the user's credentials 34 can then be used to access the actual financial web site A and manipulate the user's account.
  • Such activity is referred to as pharming.
  • the secure web site authentication process 1 has been developed to monitor certain activities of the user of the computer 3 and to prevent actions which would compromise accounts of the user at institutions, such as those that are accessible at the financial web sites 7 and 9.
  • the process 1 is implemented as an agent program 40 which operates in cooperation with a secure password store 42, a user web site database 44, and a private browser 46.
  • the password store 42 is a secure digital memory which stores the user sign-on or log-in credentials 34, such as user names and passwords, which the user must enter to access the user's accounts at the financial web sites.
  • the password store 42 is preferably not part of the standard memory of the computer 3, but a separate memory module which can be separated and disconnected from the computer 3 when not needed to minimize its vulnerability to corruption.
  • the password store 42 can, for example, be a smart card; a non-volatile USB memory device such as those referred to as thumb drives, jump drives, flash drives, or the like; or some other type of separable memory device having any appropriate conventional or proprietary configuration or format.
  • the broken line 43 symbolizes the temporary connection of the password store 42.
  • the user web site database 44 stores URL's and IP addresses associated with selected trusted web sites, such as the financial web sites 7 and 9 and may contain additional information about the web sites, such as textual and/or graphic information associated with pages of the web sites.
  • the user web site database 44 is protected by a digital signature 48 which is stored in the password store 42 so that only the user web site database 44 can only be accessed when the password store 42 is connected to the computer 3.
  • the web site database 44 is stored on the user computer 3 and is periodically updated with new information from a remote web site database server 50 which connects with the user web site database 44 over the backbone of the Internet 5, but using a secure connection protocol 52 which prevents casual access by users of the Internet 5.
  • the private browser 46 is similar in many respects to standard browsers 20 in that the private browser 46 processes web page code to enable the computer 3 to access web sites. However, the private browser 46 has no architecture for extension of its capabilities by the installation of plug-ins 22. Malicious plug-ins for standard browsers 20 have been devised which can detect the entry of user credentials 34, which can then be sent to malicious web sites 13. However, without the capability of installation of any plug-ins, the private browser 46 cannot be corrupted in such a manner. Additionally, the private browser 46 of the process 1 cannot be activated by the user or by any programs other than the agent program 40.
  • a phishing protection embodiment 60 of the process 1 functions to prevent phishing attacks. If the user attempts to send any data to any web site at 62, the agent program 40 at step 64 checks the text of any post data against the user credentials 34 stored in the password store 42. If there is no match at 66, the agent program 40 allows the user data to be passed to the web site at 68. However, if a match occurs at 66, meaning that the user is attempting to post a sign-on credential 34, the agent program 40 obtains the actual IP address from the contacted web site at 70 and compares it with the IP address in the user web site database 44 that is associated with the particular sign-on credential 34 at step 72.
  • the agent program 40 If no match occurs at 74, the agent program 40, at step 76, warns the user that they may be compromising their account and prevents the user from sending the sign-on credential 34 using the private browser 46. However, if there is match at 74, indicating that the web site that has been contacted is the correct web site that is associated with the sign-on credential that was detected at step 66, then the agent program 40 activates the private browser 46 at step 78, at step 80 retrieves the sign-on credential 34 from the password store 42 and sends it to the appropriate web site through the private browser 46, and if the credential 34 is accepted by the contacted web site, opens a user session with the web site in the private browser 46 at step 82.
  • the process 1, through the agent program 40 allows appropriate access to the financial web sites 7 and 9, with which the user has accounts, and prevents access with bogus websites 13 or at least warns the user that the web site the user is attempting to contact is not the trusted web site.
  • the process 1 includes a pharming protection embodiment 90 which prevents the user from unknowingly accessing bogus web sites 13 when a URL is entered for a legitimate web site 7 or 9.
  • the agent program 40 includes a plug-in 22 which is installed in the standard browser 20 which is activated whenever a user enters a web site URL at step 92, or when a URL is invoked by clicking on a link or the like.
  • the agent program 40 compares the URL entered or invoked with the URL's stored in the user web site database 44. If no match occurs at 96, at step 98 the agent program 40 passes the URL entered to the standard browser 20, but prevents the user from sending any sign-on credentials 34 to the web site identified by the entered URL.
  • the agent program 40 activates the private browser 46 to access the web site identified by the entered URL, at step 100.
  • the remote server at the web site returns the requested web page, from which the agent program 40 determines the IP address of the web site.
  • the agent program 40 compares the returned IP address to the stored IP address associated with the URL that was entered. If no match occurs at 104, at step 106 the agent program 40 warns the user that the accessed site is not the site that should be associated with the entered URL and prevents the user from sending any sign-on credentials 34 to the site.
  • the agent program 40 retrieves the appropriate sign-on credentials 34 from the password store 42 and passes them to the web site through the private browser 46. If the sign-on credentials 34 are accepted by the web site, a user session is opened in the private browser 46 at step 110.
  • the pharming embodiment 90 detects a mismatch between a URL of a web site and the IP address that should be associated with and thereby protects the user from pharming attacks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Processus d'authentification sécurisée qui détecte et empêche l'hameçonnage et les attaques nuisibles de sites web spécifiques. Le processus est basé sur un stockage du matériel sécurisé dédié pour des références d'ouverture de session d'utilisateurs, une base de données des informations concernant les sites web spécifiques, et un navigateur sécurisé privé. Toute activité web d'un utilisateur est surveillée par un programme d'agent (40). Le programme d'agent vérifie pour s'assurer que les tentatives de l'utilisateur d'envoyer des références d'ouverture de session stockées dans un stockage de matériel sécurisé de références d'ouverture de session d'utilisateurs, à un site web accédé par l'utilisateur, sont autorisées seulement si l'adresse IP du site web accédé par l'utilisateur correspond au moins à l'une des adresses IP stockées dans une base de données d'un site web associée à la référence d'ouverture de session que l'utilisateur tente d'envoyer. Le processus détecte également des discordances entre un URL et l'adresse IP actuelle du site web associé à l'URL.
PCT/US2007/016866 2006-07-27 2007-07-27 Authentification sécurisée d'un site web en utilisant les caractéristiques du site web, des références d'utilisateur sécurisées et un navigateur privé WO2008127265A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US83368706P 2006-07-27 2006-07-27
US60/833,687 2006-07-27

Publications (1)

Publication Number Publication Date
WO2008127265A1 true WO2008127265A1 (fr) 2008-10-23

Family

ID=39864202

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/016866 WO2008127265A1 (fr) 2006-07-27 2007-07-27 Authentification sécurisée d'un site web en utilisant les caractéristiques du site web, des références d'utilisateur sécurisées et un navigateur privé

Country Status (1)

Country Link
WO (1) WO2008127265A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010136317A1 (fr) 2009-05-27 2010-12-02 Commonit Procédé de navigation sur le réseau internet, support d'enregistrement, serveur d'accès et poste d'utilisateur pour la mise en oeuvre de ce procédé

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6233618B1 (en) * 1998-03-31 2001-05-15 Content Advisor, Inc. Access control of networked data
US6735694B1 (en) * 1997-11-21 2004-05-11 International Business Machines Corporation Method and system for certifying authenticity of a web page copy
US20050010087A1 (en) * 2003-01-07 2005-01-13 Triage Data Networks Wireless, internet-based medical-diagnostic system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6735694B1 (en) * 1997-11-21 2004-05-11 International Business Machines Corporation Method and system for certifying authenticity of a web page copy
US6233618B1 (en) * 1998-03-31 2001-05-15 Content Advisor, Inc. Access control of networked data
US20050010087A1 (en) * 2003-01-07 2005-01-13 Triage Data Networks Wireless, internet-based medical-diagnostic system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010136317A1 (fr) 2009-05-27 2010-12-02 Commonit Procédé de navigation sur le réseau internet, support d'enregistrement, serveur d'accès et poste d'utilisateur pour la mise en oeuvre de ce procédé
FR2946168A1 (fr) * 2009-05-27 2010-12-03 Commonit Procede de navigation sur le reseau internet, support d'enregistrement, serveur d'acces et poste d'utilisateur pour la mise en oeuvre de ce procede.

Similar Documents

Publication Publication Date Title
US8095967B2 (en) Secure web site authentication using web site characteristics, secure user credentials and private browser
US20210234837A1 (en) System and method to detect and prevent Phishing attacks
Bhavsar et al. Study on phishing attacks
US10643259B2 (en) Systems and methods for dynamic vendor and vendor outlet classification
Ludl et al. On the effectiveness of techniques to detect phishing sites
Milletary et al. Technical trends in phishing attacks
Chen et al. Online detection and prevention of phishing attacks
Banday et al. Phishing-A growing threat to e-commerce
Naresh et al. Intelligent phishing website detection and prevention system by using link guard algorithm
Abiodun et al. Linkcalculator—An efficient link-based phishing detection tool
Tsow Phishing with Consumer Electronics-Malicious Home Routers.
Elnaim et al. The current state of phishing attacks against Saudi Arabia university students
Bhardwaj et al. Types of hacking attack and their countermeasure
JP4997242B2 (ja) セキュリティを提供するためのプログラムの解析および補完のための装置および方法
Bhati et al. Prevention approach of phishing on different websites
WO2008127265A1 (fr) Authentification sécurisée d'un site web en utilisant les caractéristiques du site web, des références d'utilisateur sécurisées et un navigateur privé
Alazab et al. Crime toolkits: The current threats to web applications
Domazet Phishing and pharming attacks aimed at identity theft of internet users
Mihai Overview on phishing attacks
Kamal et al. Security and Privacy Issues in Wireless Networks and Mitigation Methods
Mehendele et al. Review of Phishing Attacks and Anti Phishing Tools
Usha et al. Phishing-A Challenge in the Internet
Andrushchak Andrushchak I. Ye. Features of the main directions, techniques and methods of protection against fishing at-tacks
Sharma et al. A Review Of Recent Cyber-Attacks In Fiji
Debnath et al. A comprehensive survey on mobile browser security issues, challenges and solutions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07873420

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 07873420

Country of ref document: EP

Kind code of ref document: A1