Login | Register

Methods and techniques to protect against shoulder surfing and phishing attacks


Methods and techniques to protect against shoulder surfing and phishing attacks

Shi, Pei Pei (2010) Methods and techniques to protect against shoulder surfing and phishing attacks. Masters thesis, Concordia University.

Text (application/pdf)
MR71049.pdf - Accepted Version


Identity theft refers to the preparatory stage of acquiring and collecting someone else's personal information for criminal purposes. During the past few years, a very large number of people suffered adverse consequences of identity theft crimes. In this thesis, we investigate different methods and techniques that can be used to provide better protection against identity theft techniques that have some hi-tech relevance such as shoulder surfing of user's passwords and personal identification numbers (PINs), phishing and keylogging attacks. To address the shoulder surfing threat to traditional PIN entry schemes, two new PIN entry schemes are proposed. Both schemes achieve a good balance between security and usability. In addition, our analysis shows that these two schemes are resilient to shoulder surfing, given that the attacker has a limited capability in recording the login process. We also propose a click-based graphical password authentication scheme. This scheme aims at improving the resistance to shoulder surfing attacks while maintaining the merits of the click-based authentication solutions. It is also resilient to shoulder surfing attacks even if the attacker can record the entire login process for one time with a video device. Finally, in order to defend against online phishing attacks, we present a framework to strengthen password authentication using mobile devices and browser extensions. The proposed authentication framework produces a different password depending on the domain name of the login site. Besides defending against phishing attacks, this solution does not require any modifications at the server side

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (Masters)
Authors:Shi, Pei Pei
Pagination:xi, 77 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Institute for Information Systems Engineering
Thesis Supervisor(s):Zhu, B
ID Code:979364
Deposited By: Concordia University Library
Deposited On:09 Dec 2014 17:58
Last Modified:18 Jan 2018 17:49
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Back to top Back to top