COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS

Size: px
Start display at page:

Download "COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS"

Transcription

1 COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS DISSERTATION an der Fakultat fur Mathematik, Informatik und Statistik der Ludwig-Maximilians-Universitat Munchen vorgelegt von Diplom-Medieninformatiker MAX-EMANUEL MAURER Munchen, den 15. Dezember 2013

2 TABLE OF CONTENTS List of Figures xvii I INTRODUCTION 1 1 Introduction Usable Security Usable Warning Design Problem Statement Protection: Detection plus Intervention Technical Terms of Detection Main Contributions Structure 9 2 The Act of Phishing What is a Phishing Attack? The Need to Counteract Phishing Attack Overview The Lifecycle of a Phishing Attack Attacks out of Scope Attacks in Scope: Impersonation A Brief History of Phishing and a Possible Future Outlook The Term "Phishing" Design Space of Current Phishing Attacks Typical Phishing Examples Looking at Today's Browsers: Security Indicators in Use 33 3 Related Work The Phishing Problem Phishing in Numbers 40

3 xii TABLE OF CONTENTS Who is Falling for Phishing and Why? The Current State of Detection Methods Black- and Whitelists Security Toolbars Virus Scanners Typo Checkers Law Enforcement and Website Takedown Changing The Internet Architecture The Current State of User Intervention Classical Warning Research Computer-Specific Warning Literature Phishing Education Research Concepts for Detection General Phishing Defense Detection Attempts for Different Features Making Use of a Community Research Concepts for User Intervention Adaptive Dialogs Guidelines and Applications Thereof User Study Methodology 68 II PROTECTION THROUGH HCI 73 4 Overview of Research Covered Delimitation to Related Work Main Research Classification Research Questions Project Overview 79 5 Nine Research Projects on Phishing and Usability Phishing Website Test Set What Should a Phishing Test Set Look Like? Collection Phase Postprocessing The Final Test Set Findings from of the Test Set Data 90

4 TABLE OF CONTENTS xiii Application of The Test Set Research Results SecurityGuard Website Status Rollup Yet Another Status Toolbar? Designing the Extension Implementation User Study Discussion and Limitations Research Results Community-based Rating Intervention The Real World Example: Web Of Trust Community-Based Security Research Building the Prototype User Study Evaluation Discussions and Limitations Research Results Spell Checking to Detect Fraudulent Websites Detecting Phishing URLs Detector Evaluation Results Discussion and Limitations Research Results Possible User Intervention for the Approach Data Type Based Security Dialogs User Intervention Concept The First Prototype Detecting the Data Types Lab Evaluation The Second Prototype Field Evaluation Second Lab Evaluation Discussion and Limitations Research Results Enhancing SSL Awareness in Web Browsers The Concept of SSLPersonas Redesigning SSL Warning Messages Lab Evaluation Field Evaluation Discussion, Limitations and Future Enhancements Research Results 157

5 xiv TABLE OF CONTENTS 5.7 Diminishing Visual Brand Trust The Concept of Destroying Content Trust Focus Group The Final Plugin User Study Evaluation Discussion and Limitations Research Results Visual Image Comparison For Phishing Detection and Reporting Concept: Detecting Phishing Through Visual Similarity Detector Architecture Evaluating the Detector User Intervention Design User Intervention Evaluation User. Intervention Discussion Research Results The User Study Web Browser Web Browsers Usage in Today's Experiments Universal Browser Manipulation Developing the Extension User Study: Validating the Extension Research Results Aggregated Results and Derived Recommendations Answers to the Research Questions Phishing Detection User Intervention From Phishing To General Security Detector and User Intervention Model Recommendations and Guidelines A Utopia of Anti-Phishing Achieving the Best Detection Optimal User Intervention Future Proof Methods A Web Without Phishing? Evaluation Recommendations Preparation Ethics and Privacy 231

6 TABLE OF CONTENTS xv Execution Analysis 235 III CONCLUSIONS Conclusions and Future Work Summarizing This Thesis Open and Future Work A Final Take Home Message 244 IV BIBLIOGRAPHY 245 Bibliography 247 V APPENDIX 275 Index 281

for High Performance Computing

for High Performance Computing Technische Universität München Institut für Informatik Lehrstuhl für Rechnertechnik und Rechnerorganisation Automatic Performance Engineering Workflows for High Performance Computing Ventsislav Petkov

More information

Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness

Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness Max-Emanuel Maurer, Alexander De Luca, Sylvia Kempe University of Munich Media Informatics Group Amalienstr. 17 80333 München

More information

Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context

Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context TECHNISCHE UNIVERSITAT MUNCHEN Lehrstuhl fur Betriebswirtschaftslehre - Dienstleistungsund Technologiemarketing Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context

More information

An Enterprise Modeling Framework for Banks using. Algebraic Graph Transformation

An Enterprise Modeling Framework for Banks using. Algebraic Graph Transformation An Enterprise Modeling Framework for Banks using Algebraic Graph Transformation vorgelegt von Diplom-Wirtschaftsinformatiker Christoph Brandt aus Berlin-Lichterfelde von der Fakultät IV - Elektrotechnik

More information

Multi-Channel Distribution Strategies in the Financial Services Industry

Multi-Channel Distribution Strategies in the Financial Services Industry Multi-Channel Distribution Strategies in the Financial Services Industry DISSERTATION der Universität St. Gallen, Hochschule für Wirtschafts-, Rechts- und Sozialwissenschaften (HSG) zur Erlangung der Würde

More information

Buyout and Distressed Private Equity: Performance and Value Creation

Buyout and Distressed Private Equity: Performance and Value Creation TECHNISCHE UNIVERSITAT MUNCHEN Lehrstuhl fur Betriebswirtschaftslehre - Finanzmanagement und Kapitalmarkte (Univ.-Prof. Dr. Christoph Kaserer) Buyout and Distressed Private Equity: Performance and Value

More information

anomaly, thus reported to our central servers.

anomaly, thus reported to our central servers. Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

Customer Intimacy Analytics

Customer Intimacy Analytics Customer Intimacy Analytics Leveraging Operational Data to Assess Customer Knowledge and Relationships and to Measure their Business Impact by Francois Habryn Scientific Publishing CUSTOMER INTIMACY ANALYTICS

More information

Development of a Portal for HR Executives to Enable Digital Personnel Files

Development of a Portal for HR Executives to Enable Digital Personnel Files Development of a Portal for HR Executives to Enable Digital Personnel Files Masterarbeit zur Erlangung des akademischen Grades Master of Science (M.Sc.) im Studiengang Wirtschaftswissenschaft der Wirtschaftswissenschaftlichen

More information

Comprehensive real-time protection against Advanced Threats and data theft

Comprehensive real-time protection against Advanced Threats and data theft TRITON AP-WEB Comprehensive real-time protection against Advanced Threats and data theft Your business and its data are under constant attack. Traditional security solutions no longer provide sufficient

More information

Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis

Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis Bachelorarbeit zur Erlangung des akademischen Grades Bachelor of Science (B.Sc.) im Studiengang Wirtschaftsingenieur der Fakultät

More information

Building Chess Endgame Databases for Positions with many Pieces using A-priori Information

Building Chess Endgame Databases for Positions with many Pieces using A-priori Information Building Chess Endgame Databases for Positions with many Pieces using A-priori Information Eiko Bleicher Lehrstuhl Mathematische Optimierung Fakultät Mathematik und Informatik Friedrich-Schiller-Universität

More information

Sophisticated Phishers Make More Spelling Mistakes: Using URL Similarity Against Phishing

Sophisticated Phishers Make More Spelling Mistakes: Using URL Similarity Against Phishing Sophisticated Phishers Make More Spelling Mistakes: Using URL Similarity Against Phishing Max-Emanuel Maurer 1 and Lukas Höfer 1 University of Munich Media Informatics Group Amalienstr. 17 803333 Munich

More information

Introduction to Geventis. Registration for the MIN Graduate School (MINGS)

Introduction to Geventis. Registration for the MIN Graduate School (MINGS) Fakultät für Mathematik, Informatik und Naturwissenschaften Introduction to Geventis Registration for the MIN Graduate School (MINGS) http://www.min.uni-hamburg.de/en/min-graduiertenschule.html Email mings@uni-hamburg.de

More information

Shining Chrome: Using Web Browser Personas to Enhance SSL Certificate Visualization

Shining Chrome: Using Web Browser Personas to Enhance SSL Certificate Visualization Shining Chrome: Using Web Browser Personas to Enhance SSL Certificate Visualization Max-Emanuel Maurer, Alexander De Luca, Tobias Stockinger University of Munich Media Informatics Group Amalienstr. 17

More information

Provider-Independent Social Identity. Management for Personal and. Professional Applications

Provider-Independent Social Identity. Management for Personal and. Professional Applications Provider-Independent Social Identity Management for Personal and Professional Applications Dissertation zur Erlangung des Grades eines Doktors der Wirtschaftswissenschaften eingereicht an der Fakultät

More information

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS AND DATA THEFT Your business and its data

More information

Spectrum Sensing Grid

Spectrum Sensing Grid Architecture Optimization and Implementation of a Radio Receiver with a Multistage Spectrum Sensing Technique as Part of a Low-Cost Spectrum Sensing Grid Architekturoptimierung und Implementierung eines

More information

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business Software Engineering Design Theory and Practice Carlos E. Otero CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Croup, an Informa business AN

More information

ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York

ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ ^ Boca Raton London New York ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an

More information

Designing and Coding Secure Systems

Designing and Coding Secure Systems Designing and Coding Secure Systems Kenneth Ingham and Anil Somayaji September 29, 2009 1 Course overview This class covers secure coding and some design issues from a language neutral approach you can

More information

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey

More information

Reviewer s Guide Kaspersky Internet Security for Mac

Reviewer s Guide Kaspersky Internet Security for Mac Reviewer s Guide Kaspersky Internet Security for Mac 1 Protection for Mac OS X The main window shows all key features such as Scan, Update, Safe Money, and Parental Control in a single place. The current

More information

TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES

TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES ii iii x xiv CHAPTER 1: INTRODUCTION 1 1.0 Background 1 1.1 Research Motivation 4 1.2 Research Objectives 5 1.3 Project Scope 6

More information

Signal Customized Helpdesk Course

Signal Customized Helpdesk Course Signal Customized Helpdesk Course This course is a combination of modules taken from two Microsoft Courses: 50311A and 50331A. It is geared toward staff who handle helpdesk calls and troubleshoot end user

More information

A Mediated Access Control Infrastructure for Dynamic Service Selection

A Mediated Access Control Infrastructure for Dynamic Service Selection A Mediated Access Control Infrastructure for Dynamic Service Selection Dissertation zur Erlangung des Grades eines Doktors der Wirtschaftswissenschaften (Dr. rer. pol.) eingereicht an der Fakultat fur

More information

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3 Securing the Clicks: Network Security in the Age of Social Media Gary Bahadur Jason I nasi Alex de Carvalho Mc ssr New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan

More information

THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS.

THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS. THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS. I. Service Definition Infront Webworks, will provide you with cloud based services and other application

More information

The Impact of Extended Validation (EV) Certificates on Customer Confidence

The Impact of Extended Validation (EV) Certificates on Customer Confidence WHITE PAPER: The Impact of Extended Validation (EV) Certificates on Customer Confidence YOUR SUCCESS IS BUILT ON TRUST 1 THE IMPACT OF EXTENDED VALIDATION (EV) CERTIFICATES ON CUSTOMER CONFIDENCE As ecommerce

More information

Top Attacks in Social Media

Top Attacks in Social Media Top Attacks in Social Media SESSION ID: HUM-F03A Gary Bahadur CEO KRAA Security @KRAASecurity 140 Characters of Pain What s the Problem with Social Media? No security strategies in place No enterprise-wide

More information

A Middleware Architecture for Transactional, Object-Oriented Applications

A Middleware Architecture for Transactional, Object-Oriented Applications A Middleware Architecture for Transactional, Object-Oriented Applications Dissertation am Fachbereich Mathematik und Informatik der Freien Universität Berlin eingereicht von Christoph Hartwich am 14. November

More information

Privacy-preserving Infrastructure for. Social Identity Management

Privacy-preserving Infrastructure for. Social Identity Management Privacy-preserving Infrastructure for Social Identity Management Dissertation zur Erlangung des Grades eines Doktors der Wirtschaftswissenschaften (Dr. rer. pol.) eingereicht an der Fakultät für Wirtschaftswissenschaften

More information

GrinMark Outlook 365 Plugin for SugarCRM Getting Started

GrinMark Outlook 365 Plugin for SugarCRM Getting Started GrinMark Outlook 365 Plugin for SugarCRM Getting Started This document covers installation, settings and usage for GrinMark Outlook 365 Plugin for SugarCRM Prerequisites SugarCRM v6.0 or higher. All flavors

More information

CS; SSART-Treffen, November 18, 2015. Internet Banking: Increasing power of cyber crime... and what to do?

CS; SSART-Treffen, November 18, 2015. Internet Banking: Increasing power of cyber crime... and what to do? CS; SSART-Treffen, November 18, 2015 Internet Banking: Increasing power of cyber crime.. and what to do? Different targets for cyber crime Collect large data volumes (financial data) Collect customer related

More information

Layered security in authentication. An effective defense against Phishing and Pharming

Layered security in authentication. An effective defense against Phishing and Pharming 1 Layered security in authentication. An effective defense against Phishing and Pharming The most widely used authentication method is the username and password. The advantages in usability for users offered

More information

REQUEST FOR QUOTATION YOU ARE HEREBY INVITED TO SUBMIT QUOTATIONS TO THE WATER RESEARCH COMMISSION. 60 Days (COMMENCING FROM RFQ CLOSING DATE)

REQUEST FOR QUOTATION YOU ARE HEREBY INVITED TO SUBMIT QUOTATIONS TO THE WATER RESEARCH COMMISSION. 60 Days (COMMENCING FROM RFQ CLOSING DATE) REQUEST FOR QUOTATION YOU ARE HEREBY INVITED TO SUBMIT QUOTATIONS TO THE WATER RESEARCH COMMISSION. RFQ NUMBER: 20003/15-16 RFQ ISSUE DATE: 06 MAY 2016 CLOSING DATE AND TIME: 07 JUNE 2016 @ 11.00 am RFQ

More information

Cyber Security. Securing Your Mobile and Online Banking Transactions

Cyber Security. Securing Your Mobile and Online Banking Transactions Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet

More information

Phishing. Attack and Defense. Nilesh Kumar

Phishing. Attack and Defense. Nilesh Kumar Phishing Attack and Defense Nilesh Kumar Agenda What is Phishing Phishing Statistics Phishing Techiniques Phishing Defenses What is Phishing? Phishing = Social Engineering + Technical Subterfuge Phishers

More information

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES WEB PROTECTION Features SECURITY OF INFORMATION TECHNOLOGIES The web today has become an indispensable tool for running a business, and is as such a favorite attack vector for hackers. Injecting malicious

More information

A Decision Support System for the Modelling of Asset Prices, Option Prices, and Volatility: An Application of Artificial Neural Networks

A Decision Support System for the Modelling of Asset Prices, Option Prices, and Volatility: An Application of Artificial Neural Networks A Decision Support System for the Modelling of Asset Prices, Option Prices, and Volatility: An Application of Artificial Neural Networks Masterarbeit zur Erlangung des akademischen Grades Master of Science

More information

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/ DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing

More information

Additional services are also available according to your specific plan configuration.

Additional services are also available according to your specific plan configuration. THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY THE COMPANY. I. Service Definition SMS (Company) will provide You with Hosted Exchange and other Application Services

More information

No. 29 February 12, 2016. The President

No. 29 February 12, 2016. The President Vol. 81 Friday, No. 29 February 12, 2016 Part IV The President Executive Order 13719 Establishment of the Federal Privacy Council VerDate Sep2014 20:00 Feb 11, 2016 Jkt 238001 PO 00000 Frm 00001 Fmt

More information

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0 Quick Start for Webroot Internet Security Complete, Version 7.0 This Quick Start describes how to install and begin using the Webroot Internet Security Complete 2011 software. This integrated suite delivers

More information

ischool 2-Year Course Plan Summer 2015-Summer 2016 College Park Campus = CP; Shady Grove Campus = SG; SGO = Online

ischool 2-Year Course Plan Summer 2015-Summer 2016 College Park Campus = CP; Shady Grove Campus = SG; SGO = Online INFM 600 Information Environments CP, SG CP, SGO CP, SG CP, SGO INFM 603 Information Technology and Organizational Context CP, SG CP CP, SG SG INFM 605 Users and Use Context CP, SG CP, SGO CP, SG CP INFM

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Masters in Human Computer Interaction

Masters in Human Computer Interaction Masters in Human Computer Interaction Programme Requirements Taught Element, and PG Diploma in Human Computer Interaction: 120 credits: IS5101 CS5001 CS5040 CS5041 CS5042 or CS5044 up to 30 credits from

More information

Optimized Scheduling in Real-Time Environments with Column Generation

Optimized Scheduling in Real-Time Environments with Column Generation JG U JOHANNES GUTENBERG UNIVERSITAT 1^2 Optimized Scheduling in Real-Time Environments with Column Generation Dissertation zur Erlangung des Grades,.Doktor der Naturwissenschaften" am Fachbereich Physik,

More information

Masters in Advanced Computer Science

Masters in Advanced Computer Science Masters in Advanced Computer Science Programme Requirements Taught Element, and PG Diploma in Advanced Computer Science: 120 credits: IS5101 CS5001 up to 30 credits from CS4100 - CS4450, subject to appropriate

More information

User Guidance in Business Process Modelling

User Guidance in Business Process Modelling User Guidance in Business Process Modelling Dissertation zur Erlangung des Doktorgrades der Naturwissenschaften vorgelegt von Diplom-Wirtschaftsinformatiker (FH) Matthias Born aus Albstadt genehmigt von

More information

tj.jmffliim.upij II, 14 1" H'H'.i.U.' Threat Modeling Designing for Security Adam Shostack WILEY

tj.jmffliim.upij II, 14 1 H'H'.i.U.' Threat Modeling Designing for Security Adam Shostack WILEY tj.jmffliim.upij II, 14 1" H'H'.i.U.' w Threat Modeling Designing for Security Adam Shostack WILEY Contents Introduction xxi Part I Getting Started 1 Chapter 1 Dive In and Threat Model! 3 Learning to Threat

More information

Masters in Artificial Intelligence

Masters in Artificial Intelligence Masters in Artificial Intelligence Programme Requirements Taught Element, and PG Diploma in Artificial Intelligence: 120 credits: IS5101 CS5001 CS5010 CS5011 CS4402 or CS5012 in total, up to 30 credits

More information

Personal Data & Privacy Policy Statement

Personal Data & Privacy Policy Statement Personal Data & Privacy Policy Statement Your Privacy Hong Kong Broadband Network Limited ("we" or the "Company") respect the privacy rights of visitors to all our company websites (the Websites ) and

More information

Cyber security standard

Cyber security standard Cyber security standard Brief description This *Standard specifies security standards that protect *ICT systems and data from unintended or unauthorized access, damage or destruction. Related policies

More information

Cisco ASA 5500 Series Content Security Edition for the Enterprise

Cisco ASA 5500 Series Content Security Edition for the Enterprise Cisco ASA 5500 Series Content Security Edition for the Enterprise Viruses and other malicious code can overwhelm your IT resources, disrupting business operations and impacting business transactions. The

More information

Understanding the risks

Understanding the risks Understanding the risks Data security and reliability Once you re using the internet regularly, you re likely to be asked for your personal details, whether it s to buy things online or to sign up to services.

More information

Masters in Networks and Distributed Systems

Masters in Networks and Distributed Systems Masters in Networks and Distributed Systems Programme Requirements Taught Element, and PG Diploma in Networks and Distributed Systems: 120 credits: IS5101 CS5001 CS5021 CS4103 or CS5023 in total, up to

More information

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY PRINCIPLES AND PRACTICE OF INFORMATION SECURITY Protecting Computers from Hackers and Lawyers Linda Volonino, Ph.D. Canisius College Stephen R. Robinson Verity Partners, LLC with contributions by Charles

More information

No. 30 February 16, 2016. The President

No. 30 February 16, 2016. The President Vol. 81 Tuesday, No. 30 February 16, 2016 Part IV The President Executive Order 13719 Establishment of the Federal Privacy Council: Republication VerDate Sep2014 16:34 Feb 12, 2016 Jkt 238001 PO 00000

More information

Search engine optimization: Black hat Cloaking Detection technique

Search engine optimization: Black hat Cloaking Detection technique Search engine optimization: Black hat Cloaking Detection technique Patel Trupti 1, Kachhadiya Kajal 2, Panchani Asha 3, Mistry Pooja 4 Shrimad Rajchandra Institute of Management and Computer Application

More information

Microsoft Phishing Filter: A New Approach to Building Trust in E-Commerce Content

Microsoft Phishing Filter: A New Approach to Building Trust in E-Commerce Content Microsoft Phishing Filter: A New Approach to Building Trust in E-Commerce Content The recent flurry of media coverage around identity theft and what is being called the new scam of phishing, in which online

More information

Model-Driven Scientific Workflow Engineering

Model-Driven Scientific Workflow Engineering A Framework for Model-Driven Scientific Workflow Engineering Dipl-Inform Guido Scherp Dissertation zur Erlangung des akademischen Grades Doktor der Ingenieurwissenschaften (Dr-Ing) der Technischen Fakultat

More information

SSL VPN Service. To get started using the NASA IV&V/WVU SSL VPN service, you must verify that you meet all required criteria specified here:

SSL VPN Service. To get started using the NASA IV&V/WVU SSL VPN service, you must verify that you meet all required criteria specified here: SSL VPN Service Note: This guide was written using Windows 7 with Internet Explorer 8. The same principles and techniques are applicable to new versions of Internet Explorer as well as Firefox. Any significant

More information

Myths about Criminal Justice 17 Summary 18 Key Terms 19 Review Questions 19 In the Field 20 On the Net 20 Critical Thinking Exercises 20

Myths about Criminal Justice 17 Summary 18 Key Terms 19 Review Questions 19 In the Field 20 On the Net 20 Critical Thinking Exercises 20 CONTENTS PART ONE The Foundations of Criminal Justice 1 CHAPTER ONE Criminal Justice in the United States: An Overview 3 Criminal Justice: An Institution of Social Control 4 Crime and Criminal Law 4 Criminal

More information

Masters in Information Technology

Masters in Information Technology Computer - Information Technology MSc & MPhil - 2015/6 - July 2015 Masters in Information Technology Programme Requirements Taught Element, and PG Diploma in Information Technology: 120 credits: IS5101

More information

WebEx Meeting Center User s Guide

WebEx Meeting Center User s Guide WebEx Meeting Center User s Guide Version 8 Copyright WebEx Communications, Inc. reserves the right to make changes in the information contained in this publication without prior notice. The reader should

More information

Web Application Security

Web Application Security Web Application Security Erwin Huber Head of Research & Development Web Application Security Web Application Security Unit Strong Focus on Web Application Security since 1996 Protection of Web Applications

More information

Overview An Evolution. Improving Trust, Confidence & Safety working together to fight the e-mail beast. Microsoft's online safety strategy

Overview An Evolution. Improving Trust, Confidence & Safety working together to fight the e-mail beast. Microsoft's online safety strategy Overview An Evolution Improving Trust, Confidence & Safety working together to fight the e-mail beast Holistic strategy Prescriptive guidance and user education, collaboration & technology Evolution of

More information

Cybercrime in Canadian Criminal Law

Cybercrime in Canadian Criminal Law Cybercrime in Canadian Criminal Law Sara M. Smyth, LL.M., Ph. D. Member of the Law Society of British Columbia CARSWELL Table of Contents Preface Table of Cases v xvii PART ONE Introduction to Cybercrime

More information

Faking Extended Validation SSL Certificates in Internet Explorer 7

Faking Extended Validation SSL Certificates in Internet Explorer 7 Page 1 of 11 Faking Extended Validation SSL Certificates in Internet Explorer 7 June 7 th 2007, V1.1 Martin Christinat, CTO, christinat@.ch Abstract Extended Validation (EV) SSL certificates are a new

More information

Rational AppScan & Ounce Products

Rational AppScan & Ounce Products IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168

More information

Contents. xvii. Preface. xxi. Foreword. 1 Introduction 1. Preamble 1. Scope and Structure of the Book 3. Acknowledgments 4 Endnotes 5

Contents. xvii. Preface. xxi. Foreword. 1 Introduction 1. Preamble 1. Scope and Structure of the Book 3. Acknowledgments 4 Endnotes 5 Contents Preface Foreword xvii xxi 1 Introduction 1 Preamble 1 Scope and Structure of the Book 3 Acknowledgments 4 Endnotes 5 2 Engineering Systems 7 Introduction 8 Some Initial Observations 8 Deficient

More information

Introduction. Chapter 1 Why Understanding Your Web Traffic Is Important to Your Business 3

Introduction. Chapter 1 Why Understanding Your Web Traffic Is Important to Your Business 3 Contents Foreword Introduction xix xxi Part I Measuring Success 1 Chapter 1 Why Understanding Your Web Traffic Is Important to Your Business 3 Website Measurement Why Do This?... 4 Information Web Analytics

More information

Creating smarter fish by customizing the pond What application developers can do to stop phishing

Creating smarter fish by customizing the pond What application developers can do to stop phishing Creating smarter fish by customizing the pond What application developers can do to stop phishing 12 July, 2006 Ron Ritchey Chief Scientist IATAC 703/377.6704 Ritchey_ronald@bah.com 0 Agenda Introduction

More information

Computer Security Literacy

Computer Security Literacy Computer Security Literacy Staying Safe in a Digital World Douglas Jacobson and Joseph Idziorek CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis

More information

SSL VPN INSTALLATION, UPGRADE, USAGE INSTRUCTIONS Windows XP

SSL VPN INSTALLATION, UPGRADE, USAGE INSTRUCTIONS Windows XP PURPOSE This document provides installation guidelines and instructions to install, upgrade and use UM s SSL VPN client using an Internet Explorer browser or FireFox browser on a Windows Vista operating

More information

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability

More information

COURSE OUTLINE: IC3 Internet Computing Fundamentals

COURSE OUTLINE: IC3 Internet Computing Fundamentals Course Name Internet Computing Fundamentals Course Duration 5 Days Course Structure Instructor-Led with Hands-on Labs Course Overview Learners will identify various types of electronic communication and

More information

Keywords Anti-Phishing, Phishing, MapReduce, Hadoop, Machine learning

Keywords Anti-Phishing, Phishing, MapReduce, Hadoop, Machine learning Volume 3, Issue 6, June 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Phishing Detection

More information

Windows Phone 8 Security Overview

Windows Phone 8 Security Overview Windows Phone 8 Security Overview This white paper is part of a series of technical papers designed to help IT professionals evaluate Windows Phone 8 and understand how it can play a role in their organizations.

More information

Phishing: Facing the Challenge of Email Identity Theft with Proper Tools and Practices

Phishing: Facing the Challenge of Email Identity Theft with Proper Tools and Practices Phishing: Facing the Challenge of Email Identity Theft with Proper Tools and Practices A Leadfusion White Paper 2012 Leadfusion, Inc. All rights reserved. The Threat of Phishing Email is an indispensable

More information

Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis

Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis Von der Fakultat fur Elektrotechnik und Informationstechnik der Rheinisch-Westfalichen Technischen Hochschule Aachen zur Erlangung

More information

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World Securing Your Web World WEBTHREATS Constantly Evolving Web Threats Require Revolutionary Security ANTI-SPYWARE ANTI-SPAM WEB REPUTATION ANTI-PHISHING WEB FILTERING Web Threats Are Serious Business Your

More information

ATP Co C pyr y ight 2013 B l B ue C o C at S y S s y tems I nc. All R i R ghts R e R serve v d. 1

ATP Co C pyr y ight 2013 B l B ue C o C at S y S s y tems I nc. All R i R ghts R e R serve v d. 1 ATP 1 LES QUESTIONS QUI DEMANDENT RÉPONSE Qui s est introduit dans notre réseau? Comment s y est-on pris? Quelles données ont été compromises? Est-ce terminé? Cela peut-il se reproduire? 2 ADVANCED THREAT

More information

Tuning Tips & Techniques

Tuning Tips & Techniques ORACLE Oracle Press Oracle E-Business Suite 12 Tuning Tips & Techniques Richard Bingham Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore

More information

Einführung in die Kognitive Ergonomie

Einführung in die Kognitive Ergonomie i Table of Contents ii Einführung in die Kognitive Ergonomie Wintersemester 1999/2000 Dr. Anthony Jameson Fachbereich Informatik Universität des Saarlandes Postfach 15 11 50 66041 Saarbrücken jameson@cs.uni-sb.de

More information

ICE Trade Vault. Public User & Technology Guide June 6, 2014

ICE Trade Vault. Public User & Technology Guide June 6, 2014 ICE Trade Vault Public User & Technology Guide June 6, 2014 This material may not be reproduced or redistributed in whole or in part without the express, prior written consent of IntercontinentalExchange,

More information

Susceptibility Weighted Imaging and Quantitative Susceptibility Mapping at 3 Tesla and Beyond

Susceptibility Weighted Imaging and Quantitative Susceptibility Mapping at 3 Tesla and Beyond Susceptibility Weighted Imaging and Quantitative Susceptibility Mapping at 3 Tesla and Beyond New Approaches and Applications DISSERTATION zur Erlangung des akademischen Grades Doktoringenieur (Dr.-Ing.)

More information

Free Download Kaspersky Internet Security - multi device new softwares free download ]

Free Download Kaspersky Internet Security - multi device new softwares free download ] Free Download Kaspersky Internet Security - multi device - 2016 new softwares free download ] Description: Benefits Protecting all your connected devices the one-licence, easy-touse solution Kaspersky

More information

Network Security. Chapter 1 Introduction. Network Security IN2101. Georg Carle. Course organization

Network Security. Chapter 1 Introduction. Network Security IN2101. Georg Carle. Course organization Chair for Network Architectures and Services Institute for Informatics TU München Prof. Carle Network Security IN101 Prof. Dr.-Ing. Georg Carle Dipl.-Inform. Ali Fessi Institut für Informatik Technische

More information

Student Loan Counselor Certification Program. I. Introduction & History of Federal Student Loans a. Objective b. Useful Terms

Student Loan Counselor Certification Program. I. Introduction & History of Federal Student Loans a. Objective b. Useful Terms Student Loan Counselor Certification Program I. Introduction & History of Federal Student Loans a. Objective b. Useful Terms II. III. History of Federal Student Loans Federal Student Loan Basics a. Interest

More information

WebEx Meeting Center User Guide

WebEx Meeting Center User Guide WebEx Meeting Center User Guide For Hosts, Presenters, and Attendees 8.17 Copyright 1997 2010 Cisco and/or its affiliates. All rights reserved. WEBEX, CISCO, Cisco WebEx, the CISCO logo, and the Cisco

More information

The Essential Guide to User Interface Design An Introduction to GUI Design Principles and Techniques

The Essential Guide to User Interface Design An Introduction to GUI Design Principles and Techniques The Essential Guide to User Interface Design An Introduction to GUI Design Principles and Techniques Third Edition Wilbert O. Galitz l 1 807 : WILEYp Wiley Publishing, Inc. Contents About the Author Preface

More information

Evolutions in Browser Security

Evolutions in Browser Security ANALYST BRIEF Evolutions in Browser Security TRENDS IN BROWSER SECURITY PERFORMANCE Author Randy Abrams Overview This analyst brief aggregates results from NSS Labs tests conducted between 2009 and 2013

More information

WEB CONTENT SCANNER SDK

WEB CONTENT SCANNER SDK WEB CONTENT SCANNER SDK Web Content Inspection for PCs and Mobile OVERVIEW Web Content Scanner SDK is a multi-platform SDK that enables an application to filter websites based on web content at very high

More information

A Proposed Architecture of Intrusion Detection Systems for Internet Banking

A Proposed Architecture of Intrusion Detection Systems for Internet Banking A Proposed Architecture of Intrusion Detection Systems for Internet Banking A B S T R A C T Pritika Mehra Post Graduate Department of Computer Science, Khalsa College for Women Amritsar, India Mehra_priti@yahoo.com

More information

TRITON APX. Websense TRITON APX

TRITON APX. Websense TRITON APX TRITON APX Unified protection and intelligence against Advanced Threats and data theft Your organization is faced with an increasing number of Advanced Threats that lead to data theft, denial of service

More information

Delivering Business Intelligence With Microsoft SQL Server 2005 or 2008 HDT922 Five Days

Delivering Business Intelligence With Microsoft SQL Server 2005 or 2008 HDT922 Five Days or 2008 Five Days Prerequisites Students should have experience with any relational database management system as well as experience with data warehouses and star schemas. It would be helpful if students

More information