Filters








8,436 Hits in 10.1 sec

The Use of Attack and Protection Trees to Analyze Security for an Online Banking System

Kenneth Edge, Richard Raines, Michael Grimaila, Rusty Baldwin, Robert Bennington, Christopher Reuter
2007 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07)  
As the number of customers using online banking increases, online banking systems are becoming more desirable targets for criminals to attack.  ...  To maintain their customers' trust and confidence in the security of their online bank accounts, financial institutions must identify how attackers compromise accounts and develop methods to protect them  ...  Conclusions This paper defined attack and protection trees and discussed how they can be implemented in the security analysis of an online banking system.  ... 
doi:10.1109/hicss.2007.558 dblp:conf/hicss/EdgeRGBBR07 fatcat:v3zhfu5akbg4ngwn6fjnndckhe

A New Approach to Enhance Internet Banking Security

M. F., Kamruddin Nur, Aloke Kumar, Md. Akhtaruzzaman
2017 International Journal of Computer Applications  
In this research work emphasize the protection of online banking. At first, E-banking is analyzed for all kinds of vulnerabilities and a practical investigation of all type of attacks is carried out.  ...  In this paper, a security-aware architecture is introduced to protect from several attacks. The proposed system has a secure protocol and certificate verification mechanism.  ...  Schneier introduced the "attack tree" method of describing and analyzing the attacks on a system [3] .  ... 
doi:10.5120/ijca2017913093 fatcat:n3q2trxy2fgr7elvqrl3dkeqmq

A Smart Comparative Analysis for Secure Electronic Websites

Sobia Wassan, Chen Xi, Nz Jhanjhi, Hassan Raza
2021 Intelligent Automation and Soft Computing  
The growing popularity of online payment services and payroll systems, however, has opened new pathways for hackers to steal consumers' information and money, a risk which poses significant danger to the  ...  Online banking is an ideal method for conducting financial transactions such as e-commerce, e-banking, and e-payments.  ...  The study explores the consequences of electronic banking services on electronic trust using an electronic safety system.  ... 
doi:10.32604/iasc.2021.015859 fatcat:q3xdd5uhgbcv3bud5yuuaqskhi

A Formal Classification of Internet Banking Attacks and Vulnerabilities

Laerte Peotta, Marcelo D. Holtz, Bernardo M. David, Flavio G. Deus, Rafael Timoteo de Sousa
2011 International Journal of Computer Science & Information Technology (IJCSIT)  
Based ona thorough analysis of current security models, we propose a guidelines for designing secure internet banking systems which are not affected by the presented attacks and vulnerabilities.  ...  A formal classification of attacks and vulnerabilities that affect current internet banking systems is presented along with two attacks which demonstrate the insecurity of such systems.  ...  ATTACK MODELLING AND TYPICAL SCENARIOS The attack tree model [15] for common attacks against online banking systems is presented in Figure 2 .  ... 
doi:10.5121/ijcsit.2011.3113 fatcat:7grthf4rtnafxo5jqcajia3m24

Using Fraud Trees to Analyze Internet Credit Card Fraud [chapter]

Clive Blackwell
2014 IFIP Advances in Information and Communication Technology  
This paper uses the concept of a fraud tree, an extension of an attack tree, to comprehensively model online fraud techniques and to suggest defensive obstacles for merchants to counter threats.  ...  The fraud tree model can advise merchants about the checks to be performed to reduce risk even in the presence of incomplete knowledge of the circumstances of the transactions.  ...  [7] have employed a protection tree in an investigation of an online banking system to defeat various fraudulent methods modeled in the corresponding attack tree.  ... 
doi:10.1007/978-3-662-44952-3_2 fatcat:s5ay44bmmbhubblpl3d3joiejy

Information Security and Risk Management for Banking System
English

Dr.Kodukula Subrahmanyam, M Haritha, V Tejaswini, Ch Balaram, C Dheeraj
2014 International Journal of Computer Trends and Technology  
In such an atmosphere, it is very hard to initiate a system for evaluating and simulating the major hazards.  ...  This paper proposes a management line of attack to address risk dependency issues.  ...  Security of new technologies / channels needs to be paid attention, for e.g., E-commerce, online banking and any other online transactions.  ... 
doi:10.14445/22312803/ijctt-v10p129 fatcat:rl3ynstcj5bqppzvu2zcbqhn3q

Impersonation Attack-Defense Tree

Yusep Rosmansyah, Ignatius Leo Sri Hendarto, Demby Pratama
2020 International Journal of Emerging Technologies in Learning (iJET)  
The method of protection is presented in the form of an attack-defense tree model.  ...  Nowadays, online learning or e-learning has become increasingly popular and evolved. Many academic institutions use the Learning Management System (LMS) as a medium for delivering e-learning.  ...  The ADTree is a method created by researchers to introduce and formalize defense trees as a graphical representation of the steps an attacker might take to attack a system and create protection for the  ... 
doi:10.3991/ijet.v15i19.12699 fatcat:k6r4w2oqpngsdnbnq6lz2jm3a4

Describing advanced persistent threats using a multi-agent system approach

Sravani Teja Bulusu, Romain Laborde, Ahmad Samer Wazan, Francois Barrere, Abdelmalek Benzekri
2017 2017 1st Cyber Security in Networking Conference (CSNet)  
Our model is inspired by the concepts of agent-oriented social modelling approaches, generally used for software security requirement analysis.  ...  Advanced Persistent Threats are increasingly becoming one of the major concerns to many industries and organizations.  ...  The authors thank all the security experts at Airbus as well as the anonymous reviewers who helped us with their useful comments.  ... 
doi:10.1109/csnet.2017.8241997 dblp:conf/csnet/BulusuLWBB17 fatcat:mt377ptolbhkxle3kth6lm266a

SSOAM: Automated Security Testing Framework for SOA Middleware in Banking Domain

Mustafa Al-Fayoumi, Ruba Haj Hamad, Jaafer Al-Saraireh
2018 Journal of Computer Science  
In the banking domain, a high level of security must be considered and achieved to prevent a core-banking system from vulnerabilities and attackers.  ...  Thus, this paper studies and analyzes the importance of implementing secure banking SOAM design architecture and of having an automated security testing framework.  ...  Acknowledgment The authors would like to thank the reviewers for their valuable comments and suggestions that contributed to the improvement of this work.  ... 
doi:10.3844/jcssp.2018.957.968 fatcat:rzzrlzdq55h7ho7hd4vrkmuoly

COMPARATIVE STUDY OF TESTING METHOD AND TOOLS FOR WEB SITES

Ms.AmiShaileshkumar Desai, Dr.Sanjay Buch
2016 International Journal of Advanced Research  
In this review we discuss the security testing methods as well as model issues of web services. Development based on SOA is still required for providing the unique security or proper testing.  ...  SOA (service oriented architecture) provides based to online servicing, social interactions and communications without human interaction, but it is raises privacy and security concerns in web services.  ...  Attack on online payment system is basically done through network attack or cryptographic. So author prepare secure communication tunnel for protection.  ... 
doi:10.21474/ijar01/2340 fatcat:gad6lkpuifbf3e7ccu65rtrrq4

Using Attack-Defense Trees to Analyze Threats and Countermeasures in an ATM: A Case Study [chapter]

Marlon Fraile, Margaret Ford, Olga Gadyatskaya, Rajesh Kumar, Mariëlle Stoelinga, Rolando Trujillo-Rasua
2016 Lecture Notes in Business Information Processing  
This paper reports on the application of attack-defense trees to model and analyze the security of ATMs.  ...  In particular, we share our insights into the benefits and drawbacks of attack-defense tree modeling, as well as best practices and lessons learned.  ...  In [4, 5] , Edge et al. modeled an online banking scenario and homeland security via deriving protection trees from ATrees.  ... 
doi:10.1007/978-3-319-48393-1_24 fatcat:2lq4ziagdzhsbjlwgqq5v6jpzi

Security and usability

Mohammad Mannan, P. C. van Oorschot
2008 Proceedings of the 2007 Workshop on New Security Paradigms - NSPW '07  
The survey also sheds light on the security settings of systems used for sensitive online transactions.  ...  We analyze banks' requirements for online banking from a usable security perspective, using Canadian banks as a case study. Our contributions and discussion points for NSPW include:  ...  Acknowledgements We thank anonymous NSPW reviewers for their comments, and NSPW 2007 attendees and members of the Carleton's Digital Security Group for their enthusiastic discussion on this topic.  ... 
doi:10.1145/1600176.1600178 dblp:conf/nspw/MannanO07 fatcat:5h5r5hzkkzcdtmtpb2jgo3xi6i

Anti-keylogging measures for secure Internet login: An example of the law of unintended consequences

Stuart P. Goring, Joseph R. Rabaiotti, Antonia J. Jones
2007 Computers & security  
In this paper we show, using a real online banking system as an example, that if these features are incorrectly implemented they can potentially allow an attacker to bypass them completely and gain access  ...  Traditional authentication systems used to protect access to online services (such as passwords) are vulnerable to compromise via the introduction of a keystroke logger to the service user's computer.  ...  AJJ would also like to acknowledge the courteous and patient treatment she received from NG (you know who you are), under what must have been somewhat exasperating circumstances, when our observations  ... 
doi:10.1016/j.cose.2007.05.003 fatcat:4sc4xnt5vng3pb7pwtzgqkxlpa

Intelligent Quality Performance Assessment for E-Banking Security using Fuzzy Logic

Maher Ragheb Aburrous, Alamgir Hossain, Fadi Thabatah, Keshav Dahal
2008 Fifth International Conference on Information Technology: New Generations (itng 2008)  
This classification will enable us to produce an overall security score for an e-banking website.  ...  Customers often like to use new information technologies for the various online transactions related internet banking and online shopping.  ... 
doi:10.1109/itng.2008.154 dblp:conf/itng/AburrousHTD08 fatcat:pts26beohzhsbcf7tdvn34a6w4

Formalizing and Verification of an Antivirus Protection Service using Model Checking

Adalat Safarkhanlou, Alireza Souri, Monire Norouzi, SeyedHassan Es. Haghi Sardroud
2015 Procedia Computer Science  
In this paper, a protection service model is proposed for an antivirus system. The proposed model has been focused on maintaining in secure state of the system.  ...  For proving the correctness and the reachability of proposed model, some properties of the proposed model are verified by using NuSMV model checker.  ...  In the recent years, many attacks [2] are occurred to home systems, bank servers and military systems by the viruses and malwares.  ... 
doi:10.1016/j.procs.2015.07.443 fatcat:75v2hxqv25emfh6jvnkhipakey
« Previous Showing results 1 — 15 out of 8,436 results