Tan et al., 2022 - Google Patents
Securing password authentication for web-based applicationsTan et al., 2022
View PDF- Document ID
- 9140539276980652138
- Author
- Tan T
- Szalachowski P
- Zhou J
- Publication year
- Publication venue
- 2022 IEEE Conference on Dependable and Secure Computing (DSC)
External Links
Snippet
There is currently no foolproof mechanism for any website to prevent their users from being directed to fraudulent websites and having their passwords stolen. Phishing attacks continue to plague password-based authentication despite ag-gressive efforts in detection, takedown …
- 238000000034 method 0 abstract description 13
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Tsai et al. | The application of multi-server authentication scheme in internet banking transaction environments | |
| Kaur et al. | A secure two‐factor authentication framework in cloud computing | |
| Mannan et al. | Leveraging personal devices for stronger password authentication from untrusted computers | |
| Derhab et al. | Two-factor mutual authentication offloading for mobile cloud computing | |
| Alqubaisi et al. | Should we rush to implement password-less single factor FIDO2 based authentication? | |
| Khan et al. | [Retracted] A Robust and Privacy‐Preserving Anonymous User Authentication Scheme for Public Cloud Server | |
| Cao et al. | Protecting web-based single sign-on protocols against relying party impersonation attacks through a dedicated bi-directional authenticated secure channel | |
| Alhaidary et al. | Vulnerability analysis for the authentication protocols in trusted computing platforms and a proposed enhancement of the offpad protocol | |
| Alzuwaini et al. | An Efficient Mechanism to Prevent the Phishing Attacks. | |
| Sharma et al. | Advanced multi-factor user authentication scheme for E-governance applications in smart cities | |
| Zhang et al. | El passo: privacy-preserving, asynchronous single sign-on | |
| Praveen Kumar et al. | A password less authentication protocol for multi-server environment using physical unclonable function | |
| Ahamad et al. | A secure and resilient scheme for telecare medical information systems with threat modeling and formal verification | |
| Lagarde | Security assessment of authentication and authorization mechanisms in ethereum, quorum, hyperledger fabric and corda | |
| Liu et al. | Provably secure anti-phishing scheme for medical information in smart healthcare | |
| Tan et al. | Securing password authentication for web-based applications | |
| Sarower et al. | SMFA: Strengthening Multi-Factor Authentication With Steganography for Enhanced Security | |
| Reimair et al. | Emulating U2F authenticator devices | |
| Abbas et al. | Identifying an OpenID anti‐phishing scheme for cyberspace | |
| Braun et al. | Phishsafe: leveraging modern javascript api's for transparent and robust protection | |
| Chang et al. | On making U2F protocol leakage-resilient via re-keying | |
| Aljawarneh et al. | A web client authentication system using smart card for e-systems: initial testing and evaluation | |
| Joseph et al. | Cookie based protocol to defend malicious browser extensions | |
| Eldow et al. | Literature review of authentication layer for public cloud computing: a meta-analysis | |
| Xie et al. | VOAuth: A solution to protect OAuth against phishing |