SpoofCatch: A Client-Side Protection Tool Against Phishing Attacks

2021 ◽  
Vol 23 (2) ◽  
pp. 65-74
Author(s):  
Wilayat Khan ◽  
Aakash Ahmad ◽  
Aamir Qamar ◽  
Muhammad Kamran ◽  
Muhammad Altaf
Keyword(s):  
Phishing Attacks ◽  
Client Side

scholarly journals Evaluating Phishing Website Detection on Client Side

2019 ◽  
Vol 8 (6) ◽  
pp. 18-22
Keyword(s):  
Vital Role ◽  
User Studies ◽  
Web Pages ◽  
Web Page ◽  
User Privacy ◽  
Web Based ◽  
Consumer Privacy ◽  
Phishing Attacks ◽  
Client Side ◽  
Website Content

In a web based application phishing attack plays a vital role. To find a solution for this problem, lots of work is carried out over a year, but still now no solution is find out for this problem. The existing solution, suffers from a few drawbacks such as to count potential to compromise consumer privacy. That is the reason for difficulty of detecting phishing attacks in the websites. In addition to this problem, the website content is changed dynamically, and confidence depends on the features of specific provisions of data. To solve these issues, a new direction for the detection of phishing attacks in web-pages is approached here. The proposed system, inherent the phishing limits starting from the constraints they faced while built a web-page. subsequently the implementation of our approach includes, off-the-hook- focused on extraordinary precision and brand-independence and semantic individuality. Here the off-the-hook is constructed from the fully-client-side browser add-on, which describes the user privacy. Additionally, off-the-hook focused on the target website and the phishing webpage is attempting to imitate and comprises this objective with warning. The proposed method is evaluated our genetic algorithm in below user studies.

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

2019 ◽  
Author(s):  
Kostyantyn Kharchenko
Keyword(s):  
Knowledge Base ◽  
Service Oriented Architecture ◽  
Main Idea ◽  
The Real ◽  
Server Side ◽  
Service Oriented ◽  
Services Orchestration ◽  
Client Side ◽  
Abstract Operation ◽  
Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Comparative Study of Cryptography for Cloud Computing for Data Security

2019 ◽  
Vol 13 ◽  
Author(s):  
Priya Mathur ◽  
Amit Kumar Gupta ◽  
Prateek Vashishtha
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Elliptic Curve Cryptography ◽  
Plain Text ◽  
Hybrid Encryption ◽  
Cipher Text ◽  
Business Applications ◽  
Computing Grid ◽  
Cloud Servers ◽  
Client Side

Cloud computing is an emerging technique by which anyone can access the applications as utilities over the internet. Cloud computing is the technology which comprises of all the characteristics of the technologies like distributed computing, grid computing, and ubiquitous computing. Cloud computing allows everyone to create, to configure as well as to customize the business applications online. Cryptography is the technique which is use to convert the plain text into cipher text using various encryption techniques. The art and science used to introduce the secrecy in the information security in order to secure the messages is defined as cryptography. In this paper we are going to review few latest Cryptographic algorithms which are used to enhance the security of the data on the cloud servers. We are comparing Short Range Natural Number Modified RSA (SRNN), Elliptic Curve Cryptography Algorithm, Client Side Encryption Technique and Hybrid Encryption Technique to secure the data in cloud.

scholarly journals Phishing for Long Tails: Examining Organizational Repeat Clickers and Protective Stewards

SAGE Open ◽  
2021 ◽  
Vol 11 (1) ◽  
pp. 215824402199065
Author(s):  
Matthew Canham ◽  
Clay Posey ◽  
Delainey Strickland ◽  
Michael Constantino
Keyword(s):  
Research Effort ◽  
Time Frame ◽  
Future Research ◽  
Negative Behaviors ◽  
Computer Abuse ◽  
Positive Behaviors ◽  
Phishing Attacks ◽  
Long Tails ◽  
Motivated Behaviors ◽  
External Actors

Organizational cybersecurity efforts depend largely on the employees who reside within organizational walls. These individuals are central to the effectiveness of organizational actions to protect sensitive assets, and research has shown that they can be detrimental (e.g., sabotage and computer abuse) as well as beneficial (e.g., protective motivated behaviors) to their organizations. One major context where employees affect their organizations is phishing via email systems, which is a common attack vector used by external actors to penetrate organizational networks, steal employee credentials, and create other forms of harm. In analyzing the behavior of more than 6,000 employees at a large university in the Southeast United States during 20 mock phishing campaigns over a 19-month period, this research effort makes several contributions. First, employees’ negative behaviors like clicking links and then entering data are evaluated alongside the positive behaviors of reporting the suspected phishing attempts to the proper organizational representatives. The analysis displays evidence of both repeat clicker and repeat reporter phenomena and their frequency and Pareto distributions across the study time frame. Second, we find that employees can be categorized according to one of the four unique clusters with respect to their behavioral responses to phishing attacks—“Gaffes,” “Beacons,” “Spectators,” and “Gushers.” While each of the clusters exhibits some level of phishing failures and reports, significant variation exists among the employee classifications. Our findings are helpful in driving a new and more holistic stream of research in the realm of all forms of employee responses to phishing attacks, and we provide avenues for such future research.

scholarly journals Associative Blockchain for Decentralized PKI Transparency

Cryptography ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 14
Author(s):  
Xavier Boyen ◽  
Udyani Herath ◽  
Matthew McKague ◽  
Douglas Stebila
Keyword(s):  
Formal Analysis ◽  
Fraud Detection ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Internet ◽  
Security Model ◽  
User Adoption ◽  
Browser Extension ◽  
History Of ◽  
Client Side

The conventional public key infrastructure (PKI) model, which powers most of the Internet, suffers from an excess of trust into certificate authorities (CAs), compounded by a lack of transparency which makes it vulnerable to hard-to-detect targeted stealth impersonation attacks. Existing approaches to make certificate issuance more transparent, including ones based on blockchains, are still somewhat centralized. We present decentralized PKI transparency (DPKIT): a decentralized client-based approach to enforcing transparency in certificate issuance and revocation while eliminating single points of failure. DPKIT efficiently leverages an existing blockchain to realize an append-only, distributed associative array, which allows anyone (or their browser) to audit and update the history of all publicly issued certificates and revocations for any domain. Our technical contributions include definitions for append-only associative ledgers, a security model for certificate transparency, and a formal analysis of our DPKIT construction with respect to the same. Intended as a client-side browser extension, DPKIT will be effective at fraud detection and prosecution, even under fledgling user adoption, and with better coverage and privacy than federated observatories, such as Google’s or the Electronic Frontier Foundation’s.

Sign in / Sign up

Export Citation Format

Share Document