Please use this identifier to cite or link to this item: http://localhost:8081/xmlui/handle/123456789/15322
Full metadata record
DC FieldValueLanguage
dc.contributor.authorJindal, Sajal-
dc.date.accessioned2022-02-07T10:11:37Z-
dc.date.available2022-02-07T10:11:37Z-
dc.date.issued2019-05-
dc.identifier.urihttp://localhost:8081/xmlui/handle/123456789/15322-
dc.description.abstractPhishing attacks are one of the most serious threats faced by the users on the internet the attackers try to steal sensitive information such as login details, credit card details, etc. by deceiving the users to enter sensitive information on the phishing websites and thus leading to huge financial losses. These attacks involve using social engineering techniques to deceive the users. Many schemes have been proposed to detect phishing attacks but the amount of such attacks has not declined. New attacks like Active Man-In-The-Middle (MITM) phishing attacks have emerged which include Real Time Man-In-The-Middle (RT MITM) and Controlled Relay Man-In-The-Middle (CR MITM) phishing attacks. These attacks allow the attackers to obtain the users’ account details and relay them in real-time. Similarly, the attacker can lure the user to enter details on a spoofed app and thus gain access to the user’s account. The existing popular authentication schemes fail to address these attacks. Therefore, there is a need to prevent phishing attacks such as active MITM phishing attacks, app spoofing and malicious browser extension based attacks by creating an anti-phishing user authentication scheme. In this thesis, we propose a novel user authentication scheme which enables the user to log into his/her account without memorizing any password or any other authentication token. The proposed authentication scheme requires the user has to scan a dynamically generated QR-code using the smartphone app and then verify the image captured by the webcam and sent on the smartphone via push notification. Thus, the complete authentication procedure requires minimal user involvement and implements automatically. We have implemented and evaluated the proposed scheme in terms of usability, deployability and security parameters and the results depict that the proposed authentication scheme performs well and can be used as a secure user authentication schemeen_US
dc.description.sponsorshipINDIAN INSTITUTE OF TECHNOLOGY ROORKEEen_US
dc.language.isoenen_US
dc.publisherI I T ROORKEEen_US
dc.subjectReal Time Man-In-The-Middleen_US
dc.subjectPhishingen_US
dc.subjectQR-codeen_US
dc.subjectSimilarlyen_US
dc.titleMULTI-FACTOR AUTHENTICATION SCHEME FOR ANTI-PHISHING USING MOBILE APP AND WEBCAMen_US
dc.typeOtheren_US
Appears in Collections:MASTERS' THESES (CSE)

Files in This Item:
File Description SizeFormat 
G29157.pdf1.34 MBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.