- 【Updated on May 12, 2025】 Integration of CiNii Dissertations and CiNii Books into CiNii Research
- Trial version of CiNii Research Knowledge Graph Search feature is available on CiNii Labs
- 【Updated on June 30, 2025】Suspension and deletion of data provided by Nikkei BP
- Regarding the recording of “Research Data” and “Evidence Data”
Secure Communications Protocol Between Humans and a Bank Server to Prevent Man In The Browser Attack
Bibliographic Information
- Other Title
-
- Man In The Browser攻撃対策を実現する人間・サーバ間のセキュア通信プロトコル
Search this article
Description
Man In The Browser Attack (MITB attack) is caused by malware that infects a web browser, hence conventional secure communication channels between a machine (web browser) and a machine (bank sever) such as SSL cannot prevent the attack. In this paper, we propose new approach to prevent MITB attack, which is constructing secure communication channels between a machine (web browser) and a human (end user). Our approach uses the user as a computational resource and he/she has to process an end side of the channel. Developing a challenge and response protocol which achieves the proposed channel, we conduct safety evaluation of the protocol. Its result shows that the protocol works safety under the assumption that the bank server sends a "challenge which malware in the browser cannot tap" to the user. Sending the challenge is feasible by applying CAPTCHA technology.
Journal
-
- IPSJ SIG Notes
-
IPSJ SIG Notes 2015 (22), 1-9, 2015-05-14
Information Processing Society of Japan (IPSJ)
- Tweet
Keywords
Details 詳細情報について
-
- CRID
- 1573950402642629504
-
- NII Article ID
- 110009900773
-
- NII Book ID
- AA11235941
-
- ISSN
- 09196072
-
- Text Lang
- ja
-
- Data Source
-
- CiNii Articles