Combating Phishing Through Zero-Knowledge Authentication

Show full item record

Title: Combating Phishing Through Zero-Knowledge Authentication
Author: Knickerbocker, Paul, 1980-
Abstract: Phishing is a type of Internet fraud that uses deceptive websites to trick users into revealing sensitive information. Despite the availability of numerous tools designed to detect phishing, it remains a steadily growing threat. The failure of current anti-phishing solutions is largely due to their focus on detecting phishing rather than addressing phishing's root cause: insecure web authentication. Using a combination of the zero-knowledge mechanism and two-factor authentication I present ZeKo, an authentication mechanism that is immune from phishing attacks, cryptanalysis and man-in-the-middle attacks. ZeKo takes into account the psychological behavior of users and remains secure even when the user is deceived. The proposed system not only prevents phishing attacks but also has considerable benefits over traditional authentication mechanisms, making it well suited for a wide range of applications.
Description: x, 62 p. A print copy of this thesis is available through the UO Libraries. Search the library catalog for the location and call number.
URI: http://hdl.handle.net/1794/7891
Date: 2008-06


Files in this item

Files Size Format View Description
Knickerbocker_Paul_MS_spring2008.pdf 726.7Kb PDF View/Open thesis

This item appears in the following Collection(s)

Show full item record