DocumentCode
2360985
Title
SpoofKiller: You Can Teach People How to Pay, but Not How to Pay Attention
Author
Jakobsson, Markus ; Siadati, Hossein
fYear
2012
fDate
25-25 June 2012
Firstpage
3
Lastpage
10
Abstract
We describe a novel approach to reduce the impact of spoofing by a subtle change in the login process. At the heart of our contribution is the understanding that current antispoof technologies fail largely as a result of the difficulties to communicate security and risk to typical users. Accordingly, our solution is oblivious to whether the user was tricked by a fraudster or not. We achieve that by modifying the user login process, and letting the browser or operating system cause different results of user login requests, based on whether the site is trusted or not. Experimental results indicate that our new approach, which we dub "SpoofKiller", will address approximately 80% of spoofing attempts.
Keywords
fraud; online front-ends; operating systems (computers); security of data; SpoofKiller; antispoof technologies; browser; fraudster; login process; operating system; spoofing impact; Authentication; Browsers; Context; Presses; Pressing; Smart phones;
fLanguage
English
Publisher
ieee
Conference_Titel
Socio-Technical Aspects in Security and Trust (STAST), 2012 Workshop on
Conference_Location
Cambridge, MA
Print_ISBN
978-1-4673-2748-0
Type
conf
DOI
10.1109/STAST.2012.12
Filename
6363423
Link To Document