Title :
SpoofKiller: You Can Teach People How to Pay, but Not How to Pay Attention
Author :
Jakobsson, Markus ; Siadati, Hossein
Abstract :
We describe a novel approach to reduce the impact of spoofing by a subtle change in the login process. At the heart of our contribution is the understanding that current antispoof technologies fail largely as a result of the difficulties to communicate security and risk to typical users. Accordingly, our solution is oblivious to whether the user was tricked by a fraudster or not. We achieve that by modifying the user login process, and letting the browser or operating system cause different results of user login requests, based on whether the site is trusted or not. Experimental results indicate that our new approach, which we dub "SpoofKiller", will address approximately 80% of spoofing attempts.
Keywords :
fraud; online front-ends; operating systems (computers); security of data; SpoofKiller; antispoof technologies; browser; fraudster; login process; operating system; spoofing impact; Authentication; Browsers; Context; Presses; Pressing; Smart phones;
Conference_Titel :
Socio-Technical Aspects in Security and Trust (STAST), 2012 Workshop on
Conference_Location :
Cambridge, MA
Print_ISBN :
978-1-4673-2748-0
DOI :
10.1109/STAST.2012.12
