Secret information display based authentication technique towards preventing phishing attacks

  • Authors:

  • Gaurav Varshney;Anjali Sardana;Ramesh Chandra Joshi

  • Affiliations:

  • Indian Institute of Technology, Roorkee, Uttarakhand, India;Indian Institute of Technology, Roorkee, Uttarakhand, India;Chancellor Graphic Era University Dehradun, Uttarakhand, India

  • Venue:
  • Proceedings of the International Conference on Advances in Computing, Communications and Informatics
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

Phishing is a fraudulent technique used by attackers known as phishers for obtaining credentials (username and passwords) of a specific or group of users on internet. Phishing came into focus in 1996, and from then it is emerging out as one of the biggest cybercrime attacks on internet. The solutions for handling phishing attacks include: detecting the activity and filtering it from normal activity (Phished Email and Website detection), preventing it by the use of excellent user interfaces and login authentication schemes and user training so that users can prevent themselves from being falling into it. Researchers have focused on all the three techniques for solving phishing attacks. However the previous techniques handle the problem of phishing to an extent but are incomplete, and complex to implement or use in actuality. The research work in this paper will be focused on the critical review of previous schemes proposed, with a novel scheme for preventing phishing attacks with the use of four characters secret information display during login authentication. The novelty of the scheme lies in its low complexity, better user understandability and real time implementation ability. This paper also describes the analyzed results of a real time experiment done to evaluate the scheme. Our results show great improvement with a total of only 13.5%, 1% and 3% user's phished in rigorous phishing attempts, of various kinds for a period of one month.