Skip to main content

Boosting usability for Protecting Online Banking Applications Against APTs

Alhanahnah, Mohannad and Chadwick, David (2016) Boosting usability for Protecting Online Banking Applications Against APTs. In: Amman, Jordan, ed. 2016 Cybersecurity and Cyberforensics Conference (CCC). IEEE, pp. 70-76. ISBN 978-1-5090-2658-6. (doi:10.1109/CCC.2016.13) (KAR id:59903)

Abstract

With the advent of Advanced Persistent Threats (APTs) and exploits such as Eurograbber, we can no longer trust the user's PC or mobile phone to be honest in their transactions with banks. This paper reviews the current state of the art in protecting PCs from malware and APTs that can modify banking transactions, and identifies their strengths and weaknesses. It then proposes an enhanced USB device based on speech and vision. User trials with a software prototype show that such a device is both user friendly and that users are less susceptible to accepting subtly modified transaction with this device than with other vision only USB devices. Since human factors are usually the weakest point in the security chain, and are often the way that APT actors perform their attacks, the focus of the proposed solution is on improving the usability of existing USB devices. However the device is still not failsafe, and therefore may not be as preferable as Sm@rt TAN-plus that is currently used by many German banks.

Item Type: Book section
DOI/Identification number: 10.1109/CCC.2016.13
Uncontrolled keywords: Advanced Persistent Threats, Banking Transactions; Transaction Authentication Number; usability;
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: David Chadwick
Date Deposited: 17 Jan 2017 20:46 UTC
Last Modified: 16 Feb 2021 13:41 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/59903 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.