COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS
Size: px
Start display at page:

Download "COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS"

Transcription

1 COUNTERACTING PHISHING THROUGH HCI: DETECTING ATTACKS AND WARNING USERS DISSERTATION an der Fakultat fur Mathematik, Informatik und Statistik der Ludwig-Maximilians-Universitat Munchen vorgelegt von Diplom-Medieninformatiker MAX-EMANUEL MAURER Munchen, den 15. Dezember

2 TABLE OF CONTENTS List of Figures xvii I INTRODUCTION 1 1 Introduction Usable Security Usable Warning Design Problem Statement Protection: Detection plus Intervention Technical Terms of Detection Main Contributions Structure 9 2 The Act of Phishing What is a Phishing Attack? The Need to Counteract Phishing Attack Overview The Lifecycle of a Phishing Attack Attacks out of Scope Attacks in Scope: Impersonation A Brief History of Phishing and a Possible Future Outlook The Term "Phishing" Design Space of Current Phishing Attacks Typical Phishing Examples Looking at Today's Browsers: Security Indicators in Use 33 3 Related Work The Phishing Problem Phishing in Numbers 40

3 xii TABLE OF CONTENTS Who is Falling for Phishing and Why? The Current State of Detection Methods Black- and Whitelists Security Toolbars Virus Scanners Typo Checkers Law Enforcement and Website Takedown Changing The Internet Architecture The Current State of User Intervention Classical Warning Research Computer-Specific Warning Literature Phishing Education Research Concepts for Detection General Phishing Defense Detection Attempts for Different Features Making Use of a Community Research Concepts for User Intervention Adaptive Dialogs Guidelines and Applications Thereof User Study Methodology 68 II PROTECTION THROUGH HCI 73 4 Overview of Research Covered Delimitation to Related Work Main Research Classification Research Questions Project Overview 79 5 Nine Research Projects on Phishing and Usability Phishing Website Test Set What Should a Phishing Test Set Look Like? Collection Phase Postprocessing The Final Test Set Findings from of the Test Set Data 90

4 TABLE OF CONTENTS xiii Application of The Test Set Research Results SecurityGuard Website Status Rollup Yet Another Status Toolbar? Designing the Extension Implementation User Study Discussion and Limitations Research Results Community-based Rating Intervention The Real World Example: Web Of Trust Community-Based Security Research Building the Prototype User Study Evaluation Discussions and Limitations Research Results Spell Checking to Detect Fraudulent Websites Detecting Phishing URLs Detector Evaluation Results Discussion and Limitations Research Results Possible User Intervention for the Approach Data Type Based Security Dialogs User Intervention Concept The First Prototype Detecting the Data Types Lab Evaluation The Second Prototype Field Evaluation Second Lab Evaluation Discussion and Limitations Research Results Enhancing SSL Awareness in Web Browsers The Concept of SSLPersonas Redesigning SSL Warning Messages Lab Evaluation Field Evaluation Discussion, Limitations and Future Enhancements Research Results 157

5 xiv TABLE OF CONTENTS 5.7 Diminishing Visual Brand Trust The Concept of Destroying Content Trust Focus Group The Final Plugin User Study Evaluation Discussion and Limitations Research Results Visual Image Comparison For Phishing Detection and Reporting Concept: Detecting Phishing Through Visual Similarity Detector Architecture Evaluating the Detector User Intervention Design User Intervention Evaluation User. Intervention Discussion Research Results The User Study Web Browser Web Browsers Usage in Today's Experiments Universal Browser Manipulation Developing the Extension User Study: Validating the Extension Research Results Aggregated Results and Derived Recommendations Answers to the Research Questions Phishing Detection User Intervention From Phishing To General Security Detector and User Intervention Model Recommendations and Guidelines A Utopia of Anti-Phishing Achieving the Best Detection Optimal User Intervention Future Proof Methods A Web Without Phishing? Evaluation Recommendations Preparation Ethics and Privacy 231

6 TABLE OF CONTENTS xv Execution Analysis 235 III CONCLUSIONS Conclusions and Future Work Summarizing This Thesis Open and Future Work A Final Take Home Message 244 IV BIBLIOGRAPHY 245 Bibliography 247 V APPENDIX 275 Index 281

Similar documents

for High Performance Computing

for High Performance Computing Technische Universität München Institut für Informatik Lehrstuhl für Rechnertechnik und Rechnerorganisation Automatic Performance Engineering Workflows for High Performance Computing Ventsislav Petkov

More information

An Enterprise Modeling Framework for Banks using. Algebraic Graph Transformation

An Enterprise Modeling Framework for Banks using. Algebraic Graph Transformation An Enterprise Modeling Framework for Banks using Algebraic Graph Transformation vorgelegt von Diplom-Wirtschaftsinformatiker Christoph Brandt aus Berlin-Lichterfelde von der Fakultät IV - Elektrotechnik

More information

Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness

Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness Max-Emanuel Maurer, Alexander De Luca, Sylvia Kempe University of Munich Media Informatics Group Amalienstr. 17 80333 München

More information

Multi-Channel Distribution Strategies in the Financial Services Industry

Multi-Channel Distribution Strategies in the Financial Services Industry Multi-Channel Distribution Strategies in the Financial Services Industry DISSERTATION der Universität St. Gallen, Hochschule für Wirtschafts-, Rechts- und Sozialwissenschaften (HSG) zur Erlangung der Würde

More information

Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context

Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context TECHNISCHE UNIVERSITAT MUNCHEN Lehrstuhl fur Betriebswirtschaftslehre - Dienstleistungsund Technologiemarketing Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context

More information

Buyout and Distressed Private Equity: Performance and Value Creation

Buyout and Distressed Private Equity: Performance and Value Creation TECHNISCHE UNIVERSITAT MUNCHEN Lehrstuhl fur Betriebswirtschaftslehre - Finanzmanagement und Kapitalmarkte (Univ.-Prof. Dr. Christoph Kaserer) Buyout and Distressed Private Equity: Performance and Value

More information

TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES

TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES TABLE OF CONTENTS ABSTRACT ACKNOWLEDGEMENT LIST OF FIGURES LIST OF TABLES ii iii x xiv CHAPTER 1: INTRODUCTION 1 1.0 Background 1 1.1 Research Motivation 4 1.2 Research Objectives 5 1.3 Project Scope 6

More information

Customer Intimacy Analytics

Customer Intimacy Analytics Customer Intimacy Analytics Leveraging Operational Data to Assess Customer Knowledge and Relationships and to Measure their Business Impact by Francois Habryn Scientific Publishing CUSTOMER INTIMACY ANALYTICS

More information

The Impact of Extended Validation (EV) Certificates on Customer Confidence

The Impact of Extended Validation (EV) Certificates on Customer Confidence WHITE PAPER: The Impact of Extended Validation (EV) Certificates on Customer Confidence YOUR SUCCESS IS BUILT ON TRUST 1 THE IMPACT OF EXTENDED VALIDATION (EV) CERTIFICATES ON CUSTOMER CONFIDENCE As ecommerce

More information

Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis

Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis Boom and Bust Cycles in Scientific Literature A Toolbased Big-Data Analysis Bachelorarbeit zur Erlangung des akademischen Grades Bachelor of Science (B.Sc.) im Studiengang Wirtschaftsingenieur der Fakultät

More information

Introduction to Geventis. Registration for the MIN Graduate School (MINGS)

Introduction to Geventis. Registration for the MIN Graduate School (MINGS) Fakultät für Mathematik, Informatik und Naturwissenschaften Introduction to Geventis Registration for the MIN Graduate School (MINGS) http://www.min.uni-hamburg.de/en/min-graduiertenschule.html Email [email protected]

More information

Privacy-preserving Infrastructure for. Social Identity Management

Privacy-preserving Infrastructure for. Social Identity Management Privacy-preserving Infrastructure for Social Identity Management Dissertation zur Erlangung des Grades eines Doktors der Wirtschaftswissenschaften (Dr. rer. pol.) eingereicht an der Fakultät für Wirtschaftswissenschaften

More information

Layered security in authentication. An effective defense against Phishing and Pharming

Layered security in authentication. An effective defense against Phishing and Pharming 1 Layered security in authentication. An effective defense against Phishing and Pharming The most widely used authentication method is the username and password. The advantages in usability for users offered

More information

anomaly, thus reported to our central servers.

anomaly, thus reported to our central servers. Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business Software Engineering Design Theory and Practice Carlos E. Otero CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Croup, an Informa business AN

More information

E-Commerce Design and Implementation Tutorial

E-Commerce Design and Implementation Tutorial A Mediated Access Control Infrastructure for Dynamic Service Selection Dissertation zur Erlangung des Grades eines Doktors der Wirtschaftswissenschaften (Dr. rer. pol.) eingereicht an der Fakultat fur

More information

THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS.

THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS. THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS. I. Service Definition Infront Webworks, will provide you with cloud based services and other application

More information

ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York

ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ ^ Boca Raton London New York ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an

More information

Designing and Coding Secure Systems

Designing and Coding Secure Systems Designing and Coding Secure Systems Kenneth Ingham and Anil Somayaji September 29, 2009 1 Course overview This class covers secure coding and some design issues from a language neutral approach you can

More information

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3

Contents. Assessing Social Media Security. Chapter! The Social Media Security Process 3 Securing the Clicks: Network Security in the Age of Social Media Gary Bahadur Jason I nasi Alex de Carvalho Mc ssr New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan

More information

Comprehensive real-time protection against Advanced Threats and data theft

Comprehensive real-time protection against Advanced Threats and data theft TRITON AP-WEB Comprehensive real-time protection against Advanced Threats and data theft Your business and its data are under constant attack. Traditional security solutions no longer provide sufficient

More information

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey

More information

GrinMark Outlook 365 Plugin for SugarCRM Getting Started

GrinMark Outlook 365 Plugin for SugarCRM Getting Started GrinMark Outlook 365 Plugin for SugarCRM Getting Started This document covers installation, settings and usage for GrinMark Outlook 365 Plugin for SugarCRM Prerequisites SugarCRM v6.0 or higher. All flavors

More information

Introduction. Chapter 1 Why Understanding Your Web Traffic Is Important to Your Business 3

Introduction. Chapter 1 Why Understanding Your Web Traffic Is Important to Your Business 3 Contents Foreword Introduction xix xxi Part I Measuring Success 1 Chapter 1 Why Understanding Your Web Traffic Is Important to Your Business 3 Website Measurement Why Do This?... 4 Information Web Analytics

More information

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS AND DATA THEFT Your business and its data

More information

Delivering Business Intelligence With Microsoft SQL Server 2005 or 2008 HDT922 Five Days

Delivering Business Intelligence With Microsoft SQL Server 2005 or 2008 HDT922 Five Days or 2008 Five Days Prerequisites Students should have experience with any relational database management system as well as experience with data warehouses and star schemas. It would be helpful if students

More information

REQUEST FOR QUOTATION YOU ARE HEREBY INVITED TO SUBMIT QUOTATIONS TO THE WATER RESEARCH COMMISSION. 60 Days (COMMENCING FROM RFQ CLOSING DATE)

REQUEST FOR QUOTATION YOU ARE HEREBY INVITED TO SUBMIT QUOTATIONS TO THE WATER RESEARCH COMMISSION. 60 Days (COMMENCING FROM RFQ CLOSING DATE) REQUEST FOR QUOTATION YOU ARE HEREBY INVITED TO SUBMIT QUOTATIONS TO THE WATER RESEARCH COMMISSION. RFQ NUMBER: 20003/15-16 RFQ ISSUE DATE: 06 MAY 2016 CLOSING DATE AND TIME: 07 JUNE 2016 @ 11.00 am RFQ

More information

Introduction to Windchill Projectlink 10.2

Introduction to Windchill Projectlink 10.2 Introduction to Windchill Projectlink 10.2 Overview Course Code Course Length TRN-4270 1 Day In this course, you will learn how to participate in and manage projects using Windchill ProjectLink 10.2. Emphasis

More information

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/ DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing

More information

User Guidance in Business Process Modelling

User Guidance in Business Process Modelling User Guidance in Business Process Modelling Dissertation zur Erlangung des Doktorgrades der Naturwissenschaften vorgelegt von Diplom-Wirtschaftsinformatiker (FH) Matthias Born aus Albstadt genehmigt von

More information

Personal Data & Privacy Policy Statement

Personal Data & Privacy Policy Statement Personal Data & Privacy Policy Statement Your Privacy Hong Kong Broadband Network Limited ("we" or the "Company") respect the privacy rights of visitors to all our company websites (the Websites ) and

More information

ischool 2-Year Course Plan Summer 2015-Summer 2016 College Park Campus = CP; Shady Grove Campus = SG; SGO = Online

ischool 2-Year Course Plan Summer 2015-Summer 2016 College Park Campus = CP; Shady Grove Campus = SG; SGO = Online INFM 600 Information Environments CP, SG CP, SGO CP, SG CP, SGO INFM 603 Information Technology and Organizational Context CP, SG CP CP, SG SG INFM 605 Users and Use Context CP, SG CP, SGO CP, SG CP INFM

More information

Cyber security standard

Cyber security standard Cyber security standard Brief description This *Standard specifies security standards that protect *ICT systems and data from unintended or unauthorized access, damage or destruction. Related policies

More information

Masters in Human Computer Interaction

Masters in Human Computer Interaction Masters in Human Computer Interaction Programme Requirements Taught Element, and PG Diploma in Human Computer Interaction: 120 credits: IS5101 CS5001 CS5040 CS5041 CS5042 or CS5044 up to 30 credits from

More information

Masters in Advanced Computer Science

Masters in Advanced Computer Science Masters in Advanced Computer Science Programme Requirements Taught Element, and PG Diploma in Advanced Computer Science: 120 credits: IS5101 CS5001 up to 30 credits from CS4100 - CS4450, subject to appropriate

More information

Optimized Scheduling in Real-Time Environments with Column Generation

Optimized Scheduling in Real-Time Environments with Column Generation JG U JOHANNES GUTENBERG UNIVERSITAT 1^2 Optimized Scheduling in Real-Time Environments with Column Generation Dissertation zur Erlangung des Grades,.Doktor der Naturwissenschaften" am Fachbereich Physik,

More information

Masters in Artificial Intelligence

Masters in Artificial Intelligence Masters in Artificial Intelligence Programme Requirements Taught Element, and PG Diploma in Artificial Intelligence: 120 credits: IS5101 CS5001 CS5010 CS5011 CS4402 or CS5012 in total, up to 30 credits

More information

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0 Quick Start for Webroot Internet Security Complete, Version 7.0 This Quick Start describes how to install and begin using the Webroot Internet Security Complete 2011 software. This integrated suite delivers

More information

SSL VPN Service. To get started using the NASA IV&V/WVU SSL VPN service, you must verify that you meet all required criteria specified here:

SSL VPN Service. To get started using the NASA IV&V/WVU SSL VPN service, you must verify that you meet all required criteria specified here: SSL VPN Service Note: This guide was written using Windows 7 with Internet Explorer 8. The same principles and techniques are applicable to new versions of Internet Explorer as well as Firefox. Any significant

More information

The Essential Guide to User Interface Design An Introduction to GUI Design Principles and Techniques

The Essential Guide to User Interface Design An Introduction to GUI Design Principles and Techniques The Essential Guide to User Interface Design An Introduction to GUI Design Principles and Techniques Third Edition Wilbert O. Galitz l 1 807 : WILEYp Wiley Publishing, Inc. Contents About the Author Preface

More information

tj.jmffliim.upij II, 14 1" H'H'.i.U.' Threat Modeling Designing for Security Adam Shostack WILEY

tj.jmffliim.upij II, 14 1 H'H'.i.U.' Threat Modeling Designing for Security Adam Shostack WILEY tj.jmffliim.upij II, 14 1" H'H'.i.U.' w Threat Modeling Designing for Security Adam Shostack WILEY Contents Introduction xxi Part I Getting Started 1 Chapter 1 Dive In and Threat Model! 3 Learning to Threat

More information

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY

PRINCIPLES AND PRACTICE OF INFORMATION SECURITY PRINCIPLES AND PRACTICE OF INFORMATION SECURITY Protecting Computers from Hackers and Lawyers Linda Volonino, Ph.D. Canisius College Stephen R. Robinson Verity Partners, LLC with contributions by Charles

More information

Usability Evaluation of Modeling Languages

Usability Evaluation of Modeling Languages Usability Evaluation of Modeling Languages Bearbeitet von Christian Schalles 1. Auflage 2012. Taschenbuch. XXIII, 183 S. Paperback ISBN 978 3 658 00050 9 Format (B x L): 0 x 0 cm Gewicht: 275 g Weitere

More information

Overview of sharing and collaborating on Excel data

Overview of sharing and collaborating on Excel data Overview of sharing and collaborating on Excel data There are many ways to share, analyze, and communicate business information and data in Microsoft Excel. The way that you choose to share data depends

More information

Masters in Information Technology

Masters in Information Technology Computer - Information Technology MSc & MPhil - 2015/6 - July 2015 Masters in Information Technology Programme Requirements Taught Element, and PG Diploma in Information Technology: 120 credits: IS5101

More information

SSL VPN INSTALLATION, UPGRADE, USAGE INSTRUCTIONS Windows XP

SSL VPN INSTALLATION, UPGRADE, USAGE INSTRUCTIONS Windows XP PURPOSE This document provides installation guidelines and instructions to install, upgrade and use UM s SSL VPN client using an Internet Explorer browser or FireFox browser on a Windows Vista operating

More information

Faking Extended Validation SSL Certificates in Internet Explorer 7

Faking Extended Validation SSL Certificates in Internet Explorer 7 Page 1 of 11 Faking Extended Validation SSL Certificates in Internet Explorer 7 June 7 th 2007, V1.1 Martin Christinat, CTO, [email protected] Abstract Extended Validation (EV) SSL certificates are a new

More information

Cybercrime in Canadian Criminal Law

Cybercrime in Canadian Criminal Law Cybercrime in Canadian Criminal Law Sara M. Smyth, LL.M., Ph. D. Member of the Law Society of British Columbia CARSWELL Table of Contents Preface Table of Cases v xvii PART ONE Introduction to Cybercrime

More information

Contents. xvii. Preface. xxi. Foreword. 1 Introduction 1. Preamble 1. Scope and Structure of the Book 3. Acknowledgments 4 Endnotes 5

Contents. xvii. Preface. xxi. Foreword. 1 Introduction 1. Preamble 1. Scope and Structure of the Book 3. Acknowledgments 4 Endnotes 5 Contents Preface Foreword xvii xxi 1 Introduction 1 Preamble 1 Scope and Structure of the Book 3 Acknowledgments 4 Endnotes 5 2 Engineering Systems 7 Introduction 8 Some Initial Observations 8 Deficient

More information

Myths about Criminal Justice 17 Summary 18 Key Terms 19 Review Questions 19 In the Field 20 On the Net 20 Critical Thinking Exercises 20

Myths about Criminal Justice 17 Summary 18 Key Terms 19 Review Questions 19 In the Field 20 On the Net 20 Critical Thinking Exercises 20 CONTENTS PART ONE The Foundations of Criminal Justice 1 CHAPTER ONE Criminal Justice in the United States: An Overview 3 Criminal Justice: An Institution of Social Control 4 Crime and Criminal Law 4 Criminal

More information

Rational AppScan & Ounce Products

Rational AppScan & Ounce Products IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168

More information

Tuning Tips & Techniques

Tuning Tips & Techniques ORACLE Oracle Press Oracle E-Business Suite 12 Tuning Tips & Techniques Richard Bingham Mc Graw Hill Education New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore

More information

Computer Security Literacy

Computer Security Literacy Computer Security Literacy Staying Safe in a Digital World Douglas Jacobson and Joseph Idziorek CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 14 Risk Mitigation

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 14 Risk Mitigation Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 14 Risk Mitigation Objectives Explain how to control risk List the types of security policies Describe how awareness and training

More information

ICE Trade Vault. Public User & Technology Guide June 6, 2014

ICE Trade Vault. Public User & Technology Guide June 6, 2014 ICE Trade Vault Public User & Technology Guide June 6, 2014 This material may not be reproduced or redistributed in whole or in part without the express, prior written consent of IntercontinentalExchange,

More information

MEng, BSc Applied Computer Science

MEng, BSc Applied Computer Science School of Computing FACULTY OF ENGINEERING MEng, BSc Applied Computer Science Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give a machine instructions

More information

No. 29 February 12, 2016. The President

No. 29 February 12, 2016. The President Vol. 81 Friday, No. 29 February 12, 2016 Part IV The President Executive Order 13719 Establishment of the Federal Privacy Council VerDate Sep2014 20:00 Feb 11, 2016 Jkt 238001 PO 00000 Frm 00001 Fmt

More information

Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis

Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis Satellite-UMTS - Specification of Protocols and Traffic Performance Analysis Von der Fakultat fur Elektrotechnik und Informationstechnik der Rheinisch-Westfalichen Technischen Hochschule Aachen zur Erlangung

More information

Network Security. Chapter 1 Introduction. Network Security IN2101. Georg Carle. Course organization

Network Security. Chapter 1 Introduction. Network Security IN2101. Georg Carle. Course organization Chair for Network Architectures and Services Institute for Informatics TU München Prof. Carle Network Security IN101 Prof. Dr.-Ing. Georg Carle Dipl.-Inform. Ali Fessi Institut für Informatik Technische

More information

Keywords Anti-Phishing, Phishing, MapReduce, Hadoop, Machine learning

Keywords Anti-Phishing, Phishing, MapReduce, Hadoop, Machine learning Volume 3, Issue 6, June 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Phishing Detection

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT WEBSITE PRODUCTION Y/601/6623 LEVEL 3 UNIT 12 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 WEBSITE PRODUCTION Y/601/6623

More information

System Specification. Author: CMU Team

System Specification. Author: CMU Team System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect

More information

How To Develop A Business Model For Big Data Driven Innovation

How To Develop A Business Model For Big Data Driven Innovation Fakultät für Wirtschaftswissenschaften The Fifth V How Big Data Can Create Value By Data Driven Innovation Prof. Dr. Barbara Dinter Prof. Dr. Barbara Dinter The Fifth V Big Data Driven Innovation Slide

More information

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES WEB PROTECTION Features SECURITY OF INFORMATION TECHNOLOGIES The web today has become an indispensable tool for running a business, and is as such a favorite attack vector for hackers. Injecting malicious

More information

ATP Co C pyr y ight 2013 B l B ue C o C at S y S s y tems I nc. All R i R ghts R e R serve v d. 1

ATP Co C pyr y ight 2013 B l B ue C o C at S y S s y tems I nc. All R i R ghts R e R serve v d. 1 ATP 1 LES QUESTIONS QUI DEMANDENT RÉPONSE Qui s est introduit dans notre réseau? Comment s y est-on pris? Quelles données ont été compromises? Est-ce terminé? Cela peut-il se reproduire? 2 ADVANCED THREAT

More information

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Anti-Phishing Best Practices for ISPs and Mailbox Providers Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing

More information

Masters in Computing and Information Technology

Masters in Computing and Information Technology Masters in Computing and Information Technology Programme Requirements Taught Element, and PG Diploma in Computing and Information Technology: 120 credits: IS5101 CS5001 or CS5002 CS5003 up to 30 credits

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Contents. BBS Software as a Service (SaaS),7. EH introducing aoudco.pu.ing 1. Distinguishing Cloud Types 4. Exploring

Contents. BBS Software as a Service (SaaS),7. EH introducing aoudco.pu.ing 1. Distinguishing Cloud Types 4. Exploring Contents Preface xvii EH introducing aoudco.pu.ing 1 Web 2.0 and the Cloud 3 Distinguishing Cloud Types 4 Cloud Deployment Models 5 Cloud Service Models 6 Exploring Uses of the Cloud 9 Introducing Scalability

More information

THIS SERVICE LEVEL AGREEMENT DEFINES THE SERVICE LEVELS PROVIDED TO YOU BY THE COMPANY.

THIS SERVICE LEVEL AGREEMENT DEFINES THE SERVICE LEVELS PROVIDED TO YOU BY THE COMPANY. THIS SERVICE LEVEL AGREEMENT DEFINES THE SERVICE LEVELS PROVIDED TO YOU BY THE COMPANY. Capitalized terms used herein but not otherwise defined shall have their respective meanings set forth in the End

More information

A Proposed Architecture of Intrusion Detection Systems for Internet Banking

A Proposed Architecture of Intrusion Detection Systems for Internet Banking A Proposed Architecture of Intrusion Detection Systems for Internet Banking A B S T R A C T Pritika Mehra Post Graduate Department of Computer Science, Khalsa College for Women Amritsar, India [email protected]

More information

Masters in Networks and Distributed Systems

Masters in Networks and Distributed Systems Masters in Networks and Distributed Systems Programme Requirements Taught Element, and PG Diploma in Networks and Distributed Systems: 120 credits: IS5101 CS5001 CS5021 CS4103 or CS5023 in total, up to

More information

Measuring Data Quality for Ongoing Improvement

Measuring Data Quality for Ongoing Improvement Measuring Data Quality for Ongoing Improvement A Data Quality Assessment Framework Laura Sebastian-Coleman ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

MEng, BSc Computer Science with Artificial Intelligence

MEng, BSc Computer Science with Artificial Intelligence School of Computing FACULTY OF ENGINEERING MEng, BSc Computer Science with Artificial Intelligence Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give

More information

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2 FAQ WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2 WHAT IS UPTIME AND SPEED MONITORING 2 WHEN I TRY TO SELECT A SERVICE FROM

More information

Contents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers

Contents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers Contents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers 1 Introduction 2 Essential Concepts 3 Servers, Services, and Clients 3

More information

C ONTENTS. Acknowledgments

C ONTENTS. Acknowledgments kincaidtoc.fm Page vii Friday, September 20, 2002 1:25 PM C ONTENTS Preface Acknowledgments xxi xxvii Part 1 CRM: Is It Right for Your Company? 1 Chapter 1 Commerce in the 21st Century 3 1.1 Understanding

More information

No. 30 February 16, 2016. The President

No. 30 February 16, 2016. The President Vol. 81 Tuesday, No. 30 February 16, 2016 Part IV The President Executive Order 13719 Establishment of the Federal Privacy Council: Republication VerDate Sep2014 16:34 Feb 12, 2016 Jkt 238001 PO 00000

More information

Learn AX: A Beginner s Guide to Microsoft Dynamics AX. Managing Users and Role Based Security in Microsoft Dynamics AX 2012. Dynamics101 ACADEMY

Learn AX: A Beginner s Guide to Microsoft Dynamics AX. Managing Users and Role Based Security in Microsoft Dynamics AX 2012. Dynamics101 ACADEMY Learn AX: A Beginner s Guide to Microsoft Dynamics AX Managing Users and Role Based Security in Microsoft Dynamics AX 2012 About.com is a Rand Group Knowledge Center intended to provide our clients, and

More information

Data Mining: Concepts and Techniques. Jiawei Han. Micheline Kamber. Simon Fräser University К MORGAN KAUFMANN PUBLISHERS. AN IMPRINT OF Elsevier

Data Mining: Concepts and Techniques. Jiawei Han. Micheline Kamber. Simon Fräser University К MORGAN KAUFMANN PUBLISHERS. AN IMPRINT OF Elsevier Data Mining: Concepts and Techniques Jiawei Han Micheline Kamber Simon Fräser University К MORGAN KAUFMANN PUBLISHERS AN IMPRINT OF Elsevier Contents Foreword Preface xix vii Chapter I Introduction I I.

More information

Biometric Recognition s Role in Identity Management

Biometric Recognition s Role in Identity Management Biometric Recognition s Role in Identity Management Elisa Bertino CS Department CERIAS Purdue University [email protected] Dr. Elisa Bertino 1 What is Digital Identity? Digital Identity: Digital identity

More information

Cisco ASA 5500 Series Content Security Edition for the Enterprise

Cisco ASA 5500 Series Content Security Edition for the Enterprise Cisco ASA 5500 Series Content Security Edition for the Enterprise Viruses and other malicious code can overwhelm your IT resources, disrupting business operations and impacting business transactions. The

More information
2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information