Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Standard view
Full view
of .
Look up keyword or section
Like this

Table Of Contents

Management summary
1.1 A quick history of phishing
1.2 Towards a definition of phishing
1.3 Demarcation of the study
1.3.1 Problem description
1.3.2 Research questions
1.3.3 Research methodology
1.3.4 Added value of this study
1.3.5 Information resources
1.4 Outline
2.1 Facts and figures
2.1.1 Genesis of internet banking
2.1.2 Confidence in internet banking security
2.2 Requirements on internet banking
2.2.1 Security requirements
2.2.3 Legislative and compliance aspects
2.3 Threat modeling
2.3.1 Existing threat models
2.4 The phishing threat model
2.4.1 Identification of internet banking components
2.4.2 Identification of phishing threats
2.4.3 Phishing threat risk rating
2.4.4 Adversary model
2.5 Key issues of this chapter
3.1 Modus Operandi
3.1.1 Actions and actors: A systematic overview
3.1.2 Organization of a phishing gang: Seperation of con- cerns
3.1.3 Phishing techniques
3.2 Popular variants of phishing
3.2.1 Dragnet phishing
3.2.2 Real-time man-in-the-middle phishing
3.2.3 Malware-based phishing
Section 3.3. Reflection on threats
3.3 Reflection on threats
3.4 Key issues of this chapter
4.1 Front-end security solutions
4.1.1 End-system security products
4.1.2 Authentication mechanisms
4.2 Back-end security solutions
4.2.1 Transaction anomaly detection
4.2.2 Log file analysis
4.2.3 Takedowns
4.3 Evaluation of the current defensive strategy
4.3.1 Completeness of anti-phishing controls
4.3.2 Defensibility against current attacks
4.3.3 Anti-phishing responsibility and liability
4.4 Key issues of this chapter
Future attack vectors
5.1 Attack vector analysis
5.2 The lure: state of the art attack vectors
5.2.1 Deepening: Spear phishing
5.2.2 Broadening: Vishing
5.3 The hook: state of the art attack vectors
5.3.1 Deepening: man-in-the-browser attacks
5.3.2 Broadening: Man-in-the-mailclient attacks
5.4 Key issues of this chapter
6.1 Conceptual defensive solution
6.1.1 Relevant observations
6.1.2 Elaboration of our defensive concept
6.1.3 How this matches our internet banking requirements
6.2 Implementation considerations
In a two-channel context
0 of .
Results for:
No results containing your search query
P. 1


Ratings: (0)|Views: 526|Likes:
Published by rosemberg.silva

More info:

Published by: rosemberg.silva on May 16, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 4 to 31 are not shown in this preview.
You're Reading a Free Preview
Pages 35 to 46 are not shown in this preview.
You're Reading a Free Preview
Pages 50 to 52 are not shown in this preview.
You're Reading a Free Preview
Pages 56 to 149 are not shown in this preview.

Activity (4)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
Dishank Jain liked this
jwr47 liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->