Mitigating man in the middle attack over secure sockets layer

Joshi, Yogesh M.; Das, Debabrata; Saha, Subir Kumar

doi:10.1109/imsaa.2009.5439461

Cited by 27 publications

(16 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ross et al presented a browser extension tool called PwdHash, which uses the domain name of the remote site as salt for password hashing to protect user's identity and other private information by mitigating MITM for phishing. Joshi et al improved Pwd‐Hash by hashing the user password with the SSL certificate parameters instead of URL parameters. Thus, it detects phishing websites and, if the phishing site is a MITM, then it would hash the password with the SSL certificate.…”

Section: Related Workmentioning

confidence: 99%

Sniff‐Phish: A novel framework for resource intensive computation in cloud to detect email scam

Kumar¹,

Srinivasagan²,

Ben‐Othman

2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Today, the growing significance of digitization across the globe has made the cybersecurity as inevitable. There are many threats in existence to induce harm and to make illegal activities in a device or a network. Email scam or phishing is a technique that most of the hackers use as baits to infiltrate into a system. After a systematic analysis of the infiltration process, a Chrome extension application named Sniff‐Phish is developed, where the resource intensive computational tasks are performed in cloud with which we could be able to detect various categories of real‐time email scams or phishing attacks like zero‐day and spear phishing. This extension application is based upon analyzing some basic criterion of the malicious URL and duly presenting the legitimacy level of the link in the form of a report. The accuracy obtains for Sniff‐Phish is 98% and covers a wide range of phishing websites, resulting in the less false positive rate of 1.2%. Considering the zero‐day and spear phishing detection rate of Sniff‐Phish, the overall experimental results prove that the proposed system outperforms the conventional phishing detection methods.

show abstract

Section: Related Workmentioning

confidence: 99%

Sniff‐Phish: A novel framework for resource intensive computation in cloud to detect email scam

Kumar¹,

Srinivasagan²,

Ben‐Othman

2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…Banking information, such as credit card details, is usually the primary target and the success Phishers tend to have means this type of attack has become the most popular way of conducting cyber-crime [140]. were victims and were affected financially as a result of successful Phishing attacks [141]. Whilst security is steadily improving for combatting attacks such as these, there is a real need for alternative approaches to defence.…”

Section: Cyber-threat Growing Concernmentioning

confidence: 99%

Behavioural Observation for Critical Infrastructure Security Support

Hurst

Merabti

Fergus

2013

2013 European Modelling Symposium

View full text Add to dashboard Cite

“…Here we consider three attacks which are particularly important when sensitive data is being transmitted. These are the Man-In-The-Middle attack [28], the Isomorphic attack [29] and the Denial of Decryption attack [30]. The Man-In-The-Middle attack is designed to allow an attacker to intercept, read, and possibly change information being sent between two parties.…”

Section: Proof Of Securitymentioning

confidence: 99%