Essay: Authentication

There have been many authentication methods that have been proposed by researchers for authentication. Some of the most prominent of them have been discussed here.

Initially there have been some techniques where user based mechanisms are used to authenticate server. Automated Challenge Response Method (ARM) [19] is one such authentication mechanisms where challenge generation module in server requests for response from Challenge-Response interface in client. Then Challenge-Response module calls get response application installed in client machine. Once this is done, user credentials are demanded from client and it is validated by server and thus transaction is made secure. This ensures two way authentication and also prevents man-in-middle attacks as response is obtained from executable which is called by browser and third man cannot interrupt at any cost.
There are also some Domain Name Service (DNS) based anti-phishing approaches[20] techniques which mainly include blacklists, heuristic detection, the page similarity assessment etc.., But, there are many disadvantages with these approaches.

Blacklist based technique is a DNS based anti-phishing approach commonly used by browsers. Some Work Groups provide an open blacklist query interface. Some of the most used browsers like Netscape Browser8.1, Google Safe Browsing (a feature in Google Toolbar for Firefox), Internet Explorer7 use blacklists to protect users when they are browsing through Internet. Blacklists are lists of URLs of some of the phishing sites.
There are many shortcomings in this approach. This technique has low false alarm probability, but it cannot detect the websites that are not in blacklists. Life cycle of phishing websites is too short for establishment of blacklists which makes this technique inaccurate.
Heuristic-based anti-phishing technique is a technique where a webpage is checked to find out whether the page has any of the phishing heuristics characters like host name, checking URL for common spoofing techniques and checking against previously seen images.
This method does not yield accurate results as even the attackers are aware of such techniques and they use some strategies so that they are not detected. So some similarity assessment methods have been proposed to detect phishing websites. For example, CATINA[21] is a content similarity based approach to detect phishing websites. Here, it initially calculates the suspicious page’s lexical signature using TF-IDF and then feeds this to search engine. Basing on the suspicious page’s sort order in the search results the site is checked for its legitimacy.
There are many other similarity based assessment methods. Some of them are mentioned here.
Liu Wenyin and Anthony Y. Fu etc., [22, 23] proposed a page visual similarity assessment method to detect phishing websites, if a web page is similar to a financial organization’s page, but it is not the organization’s web page itself, it is considered a phishing site’s page. JungMin Kang and DoHoon Lee [24] proposed the URL similarity assessment method, if an URL is similar to a bank’s URL, but it is not the bank’s URL, it is considered a phishing website’s URL. There is low assess accuracy rate for the URL and content similarity assessment techniques. The speed of calculating the visual similarity between pages is too slow, so it is only used for phishing-spam detection generally.
Another scheme named A Three-Factor Authentication Scheme named Phish-Secure has been proposed to counter phishing[25].
As a first factor of authentication, an image similarity detection is done which helps in finding out which page the user tends to visit, then it is checked for Phishing. For this purpose a system captures the image of a webpage in a particular resolution in the required format. This image is termed as Visual image. If the attacker is going to create a Phishing site he is going to use the replica of the original webpage in order to fool the users. Now Phish-Secure gets the Visual image of the visited page and collects the mean RGB value of the image. This is termed as M_RGB. The database with Phish-Secure uses consists of details about the page which has to be authenticated. The actual mean RGB of various web pages is stored in the database which is denoted as AM_RGB. Phish-Secure will utilize this information and make a comparison to find out the similarity between the visited page and the page in the database. The similarity is obtained in means of percentage, if the percentage of similarity (PS) is greater than 99 % then Phish-Secure concludes which website the user is tending to visit. This is carried out by taking the corresponding URL in the database and checking is done in order to find whether the site is Phishing or not.
As a second factor of authentication Phish-Secure grabs the destination IP in Layer 3 which gives information about to which IP address the user is getting connected, this is referred as C_IP. If an attacker’s web server IP address has already been found guilty the particular IP is blacklisted. Phish-Secure check this Blacklist with the C_IP and will warn the user. On the other hand if the C_IP is not found in Blacklist, further verification is done in the following step.
Here in this step Phish-Secure grabs the actual list of IP address of the provider which he tends to connect. This is because any provider may have multiple servers for the purpose of load balancing and the user may be connected to his location accordingly.
In order to avoid any confusion Phish-Secure gets the list of IP address which is referred to as actual IP and is checked with the C_IP (i.e.) the IP address to which the user is getting connected. If these two IP address are same Phish-Secure identifies the particular site as genuine and returns a message as authenticated. On the other hand if there is a mismatch in the above verification Phish-Secure identifies the site as Phishing and warns the user. In addition to this the C_IP is added to the black list so that in future if the attacker uses the same web server and tries to attack, Phish-Secure detects the site as Phishing in the second step.
There are many short comings in this method too. Most prominent of them being Time. This technique is very time consuming as it takes lot of time to calculate a pair of pages. So this method is not suitable for using on client terminal. Moreover, accuracy rate for this method depends on many factors such as the text, images and similarity measurement techniques.
Another offline phishing detection system LARX (Large-Scale-Anti-phishing by Retrospective data-eXploration) [26] to detect phishing attack has been proposed. It uses traffic archiving in a vantage point to collect network trace data. Then, LARX uses cloud computing technology to analyze the experimental data similar to ‘divide and conquer’ scheme. A physical server is also used for comparison. All of LARX’s phishing filtering operations are based on cloud computing platform and they work in parallel. LARX can be effectively scaled up to analyze a large volume of network trace data for phishing attack detection.
To meet the user traffic as users manage more accounts, OpenID was proposed. OpenID provides single sign-on (SSO) service, that is, we can enjoy service of multiple sites by signing in only once. But this is vulnerable to phishing attack, So many methods have been proposed to overcome this drawback. Some of them are mentioned here.
‘New Anti-Phishing Method with Two Types of Passwords in OpenID System'[27], is one such method. In this method, two types of passwords have been put forward for anti-phishing for OpenID users. In this method only one fixed passwords and many temporary (session) passwords are used. Fixed passwords are bound to a PC or any electronic device which user owns or which he frequently uses. Temporary passwords are used when user logs in different systems, for this user is sent temporary passwords to his mobile or mailbox. This method effectively avoids phishing.
Detecting and identifying any phishing website in real-time, particularly for e-banking, is really a complex and dynamic problem involving many factors and criteria. Because of the subjective considerations and the ambiguities involved in the detection, Fuzzy Data Mining (DM) Techniques can be an effective tool in assessing and identifying phishing websites for e-banking since it offers a more natural way of dealing with quality factors rather than exact values. ‘Modelling Intelligent Phishing Detection System for e-Banking using Fuzzy Data Mining’ [28], a novel approach to overcome the ‘fuzziness’ in the e-banking phishing website assessment propose an intelligent resilient and effective model for detecting e-banking phishing websites. The proposed model is based on Fuzzy logic (FL) combined with Data Mining algorithms to characterize the e-banking phishing website factors and to investigate its techniques by classifying there phishing types and defining six e-banking phishing website attack criteria’s with a layer structure. The proposed e-banking phishing website model showed the significant importance of the phishing website two criteria’s (URL & Domain Identity) and (Security & Encryption) in the final phishing detection rate result, taking into consideration its characteristic association and relationship with each other as showed from the fuzzy data mining classification and association rule algorithms. Our phishing model also showed the insignificant trivial influence of the (Page Style & Content) criteria along with (Social Human Factor) criteria in the phishing detection final rate result.
Haijun Zhang, Gang Liu, Tommy W. S. Chow [29] proposed a textual and visual content based anti-phishing mechanism using Bayesian approach. This framework synthesizes multiple cues, i.e., textual content and visual content, from the given web page and automatically reports a phishing web page by using a text classifier, an image classifier, and a data fusion process of the classifiers. A Bayesian model is proposed to estimate the threshold, which is required in classifiers to determine the class of web page. It also develop a Bayesian approach to integrate the classification results from the textual and visual contents. The main contributions of this work are threefold. First, it proposes a text classifier using the na??ve Bayes rule for phishing detection. Second, it propose a Bayesian approach to estimate the threshold for either the text classifier or the image classifier such that classifiers enable to label a given web page as ‘phishing’ or ‘normal.’ Third, a novel Bayesian approach to fuse the classification results from the text classifier and the image classifier is proposed.
‘A Novel Anti-Phishing Framework Based on Visual Cryptography'[10] is an anti phishing framework basing on which we have developed our work. In this technique image Captcha is generated and divided into two shares of which one is put with server and other with user. These are later used so that Phishing can be avoided.
There are various mutual authentication methods using cell phones such as browsing using phones, password generation etc.

Source: Essay UK - http://doghouse.net/essays/information-technology/essay-authentication/


Not what you're looking for?

Search our thousands of essays:

Search:


About this resource

This Information Technology essay was submitted to us by a student in order to help you with your studies.



Word count:

This page has approximately words.


Share:


Cite:

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay UK, Essay: Authentication. Available from: <http://doghouse.net/essays/information-technology/essay-authentication/> [22-02-19].


More information:

If you are the original author of this content and no longer wish to have it published on our website then please click on the link below to request removal:


Essay and dissertation help


Latest essays in this category:


Our free essays:

badges