In the recent years, there has been a tremendous rise in online banking transactions. Some of the major factors contributing to this growth are - easy availability of higher bandwidth internet connections at low cost and ease of online transactions compared to the traditional banking methods. Also, this field has attracted the cybercriminals to take advantage of the loopholes in the process of online transaction. One of the most advanced threats today is the Man In The Browser (MitB) attack. MitB attack deploys a Trojan in the browser of the user and then steals the credentials of the user to initiate a transaction for transferring the money in a mule account. All this happens without any notice to bank or the user. MitB attack defeats the traditional two factor authentication currently used by the banks to authenticate the identity of the user performing the transaction. This paper presents a new framework for enhancing authentication during an online transaction to tackle the problem of MitB attack.
[1]
Anil K. Jain,et al.
Text information extraction in images and video: a survey
,
2004,
Pattern Recognit..
[2]
Robert H. Deng,et al.
A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems
,
2011,
IEEE Transactions on Parallel and Distributed Systems.
[3]
Shujun Li,et al.
Breaking e-banking CAPTCHAs
,
2010,
ACSAC '10.
[4]
Campus Universitário,et al.
A FORMAL CLASSIFICATION OF INTERNET BANKING ATTACKS AND VULNERABILITIES
,
2011
.
[5]
Kevin Curran,et al.
Man in the Browser Attacks
,
2012,
Int. J. Ambient Comput. Intell..
[6]
John Langford,et al.
Telling humans and computers apart automatically
,
2004,
CACM.