CFP last date
15 January 2025
Reseach Article

Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification

by O.O. Anifowose, S.E. Abdullahi, S.B. Junaidu
International Journal of Applied Information Systems
Foundation of Computer Science (FCS), NY, USA
Volume 10 - Number 5
Year of Publication: 2016
Authors: O.O. Anifowose, S.E. Abdullahi, S.B. Junaidu
10.5120/ijais2016451512

O.O. Anifowose, S.E. Abdullahi, S.B. Junaidu . Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification. International Journal of Applied Information Systems. 10, 5 ( February 2016), 48-53. DOI=10.5120/ijais2016451512

@article{ 10.5120/ijais2016451512,
author = { O.O. Anifowose, S.E. Abdullahi, S.B. Junaidu },
title = { Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification },
journal = { International Journal of Applied Information Systems },
issue_date = { February 2016 },
volume = { 10 },
number = { 5 },
month = { February },
year = { 2016 },
issn = { 2249-0868 },
pages = { 48-53 },
numpages = {9},
url = { https://www.ijais.org/archives/volume10/number5/866-2016451512/ },
doi = { 10.5120/ijais2016451512 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2023-07-05T19:02:39.267546+05:30
%A O.O. Anifowose
%A S.E. Abdullahi
%A S.B. Junaidu
%T Enhanced Security in Authentication for Web Applications using Anti-Form Grabbing Technique with Email Verification
%J International Journal of Applied Information Systems
%@ 2249-0868
%V 10
%N 5
%P 48-53
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Online users now make use of internet banking as a major platform of making payments of products online. Cybercriminals are using newer and more advanced methods to target online users. Attacks ranging from reverse social engineering called Phishing; whereby spam messages are sent to customers’ emails consisting of links then to fake websites to Trojans that are installed in the user’s computer system without his knowledge which monitors the customer’s financial transactions on his account which are later used for financial gain which ultimately results in loss of financial funds for affected victims. One of the fastest growing threats and attacks in the world today is Man-in-the-Browser (MITB) attacks. MITB attacks are a specialized and upgraded version of Man-in-the-Middle (MITM) attack whereby it installs itself on the user’s PC without the user’s concept through internet usage then steals data authentication details and alters legitimate user transactions for the attacker’s benefit. As the advance in technology continues to influence the way society makes payment for goods and services, then more advanced security approach is required for transaction verification on the internet. This paper proposes a more secure authentication for online transaction using Anti-Form Grabbing technique with Email Verification service.

References
  1. Abbasi, A.G., Muftic, S., and Hotamov, I. (2010). Web Contents Protection, Secure Execution and Authorized Distribution, Computing in the Global Information Technology, Fifth International Multi-conference on Computing in the Global Information Technology, International Multi-Conference on, pp. 157-162.
  2. Akinwale, T. A., Adekoya, F. A., and Ooju, E. O. (2011). Multi-Level Cryptographic Functions for the Functionalities of Open Database System, Department of Computer Science, University of Agriculture, Abeokuta, Nigeria.
  3. Association of German Banks. (2007). Online banking security. Berlin: Bundesverband deutsher Banken.
  4. Batchelor, B., The History of E-Banking. Retrieved August 11 2014 from http://www.ehow.com/about_5109945_history-ebanking.html
  5. Boswell, W. (2014)., The History of the Web. Retrieved August 10 2014 from http://websearch.about.com/od/searchingtheweb/a/webhistory.htm
  6. Canali, D., and Balzarotti, D. (2013). Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web. NDSS 2013, 20th Annual Network and Distributed System Security Symposium, February 24-27, 2013, San Diego, CA, United States.
  7. Fazli, B., Kamarularifin, A., and Jamalul-lail, A. (2012). International Journal of Cyber-Security and Digital Forensics (IJCSDF). Mitigating Man-In-The-Browser Attacks with Hardware-based Authentication Scheme. 1(3): 204-210.
  8. Nilsson, D. (2012). Security in Behaviour Driven Authentication for Web Applications, Master thesis, Department of Computer Science, Electrical and Space Engineering.
  9. Jason, W., Damien, H., and Justin, P. (2008). Enhanced Security for Preventing Man-in-the-Middle Attacks in Authentication, Data Entry and Transaction Verification. Deakin University: Australian Information Security Management Conference.
  10. Jjchai.(2010)., Online banking. Retrieved August 11 2014 from http://www.slideshare.net/jjchai/online-banking
  11. RSA Lab, Making Sense of Man-in-the-browser Attacks, http://viewer.media.bitpipe.com/1039183786_34/1295277188_16/MITB_WP_05 10-RSA.pdf.
  12. Scholasticus, K.(2009)., History of Internet Banking. Retrieved August 11 2014 from http://www.buzzle.com/articles/history-of-internet-banking.html
  13. Sidheeq, M., Dehghantanha, A., and Kananparan, G. (2010). Utilizing trusted platform module to mitigate botnet attacks, Computer Applications and Industrial Electronics, International Conference on, vol., no., pp. 245-249.
  14. Weigold, W., Kramp, T., Hermann, R., Horing, F., Buhler, P., and Baentsch, M. (2008). The Zurich Trusted Information Channel: An efficient defense against Man-in-the-middle and malicious software attacks TRUST'2008. LNCS, vol. 4968, pp. 75-91.
Index Terms

Computer Science
Information Sciences

Keywords

Internet banking Man-in-the-Middle attack Man-in-the-Browser attack and authentication.