SECRET INFORMATION DISPLAY BASED AUTHENTICATION TECHNIQUE TOWARDS PREVENTING PHISHING ATTACKS

Abstract

Phishing is a well known online fraud technique for acquiring secret information of user through spoofed websites and emails. Phishing use deceptive techniques for its overall success, some of which are through advanced scripting languages such as java scripts. Phishing create problems such as identity and money thefts and degradation in trust level on online transaction activities from user's perspective. The existing solution to Phishing includes detection schemes, prevention schemes and user training. All of these schemes have their own advantages and drawbacks. The research work is focused on prevention of Phishing attacks by development of an authentication scheme that can provide a trusted path between the user and the authentic web server. The research work in this thesis is focused on the critical review of existing schemes proposed, with introduction to a novel scheme for preventing Phishing attacks with the use of 4 characters secret information display during login authentication. The novelty of the scheme lies in its low complexity, better user understandability and real time implementation ability. Thesis also describes the analyzed results of a real time experiment performed to evaluate the scheme with other mathematical and theoretical analysis, for establishing the real time usability and viability of the scheme. The experimental results and analysis (area of 0.95 in Security and Ease of Use Vs Complexity graph) obtained verifies that the scheme is comparatively lightweight and secure than the existing Phishing prevention schemes.