Anti-Phishing Technology - PowerPoint PPT Presentation

About This Presentation
Title:

Anti-Phishing Technology

Description:

Anti-Phishing Technology. Chokepoints and Countermeasures. Aaron Emigh ... Unmask Deceptive Links P To go to a surprising place via a cloaked URL, click on ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 39
Provided by: aaron141
Category:

less

Transcript and Presenter's Notes

Title: Anti-Phishing Technology


1
Anti-Phishing Technology
  • Chokepoints and Countermeasures

Aaron EmighRadix Labsaaron_at_radixlabs.com
2
A Typical Phishing Email
3
Phishing Information Flow
4
Step 1 Phish Delivery
5
Authentication
6
Reducing False Positives
?
7
Reducing False Positives
8
Image Recognition
  • Simple idea recognize logos

9
Image Recognition
  • Maybe not so simple

10
Image Recognition
  • Fully render, then retrieve sub-images

11
Patching
12
Secure Patch Distribution
13
Secure Patch Activation
14
Automatic Secure Patch Activation
15
Step 2 User Action
16
Education
Why Johnny cant identify phish
17
Personally Identifiable Information
18
Personally Identifiable Information
19
Unmask Deceptive Links
ltPgtTo go to a surprising place via a cloaked URL,
click on ltA HREF"http//security.ebay.com_at_phisher
.com"gtthis link.lt/Agt ltPgtTo go to a surprising
place via a cloaked URL with a password, click
on ltA HREF"http//security.ebay.compassword_at_phis
her.com"gtthis link.lt/Agt ltPgtTo go to a surprising
place via an open redirect, click on ltA
HREF"http//redirect.ebaysecurity.com?urlphisher
.com"gtthis link.lt/Agt ltPgtTo go to a surprising
place via misleading link, click on ltA
HREF"http//phisher.com"gthttp//security.ebay.com
.lt/Agt
20
Unmask Deceptive Links
ltPgtTo go to a surprising place via a cloaked URL,
click on ltA HREF"http//security.ebay.com_at_phisher
.com"gtthis link.lt/Agt ltPgtTo go to a surprising
place via a cloaked URL with a password, click
on ltA HREF"http//security.ebay.compassword_at_phis
her.com"gtthis link.lt/Agt ltPgtTo go to a surprising
place via an open redirect, click on ltA
HREF"http//redirect.ebaysecurity.com?urlphisher
.com"gtthis link.lt/Agt ltPgtTo go to a surprising
place via misleading link, click on ltA
HREF"http//phisher.com"gthttp//security.ebay.com
.lt/Agt
21
Interfere With Navigation
22
Detecting DNS Poisoning
23
Steps 2 and 4 Information Sharing
24
Its the metadata, stupid!
25
Step 4 Transmitting data
26
Little Brother is Watching
27
Step 4 Variant Cross-Site Scripting
28
Cross-Site Scripting Countermeasure
29
Steps 4 and 6 Secure Path
30
Secure Path (That Was Then)
Login aaron Password
31
Secure Path (This Is Now)
32
Secure Path (This Is Now)
33
Step 6 Data Without Value
34
Two-Factor Authentication
35
Two-Factor Authentication
36
Password Hashing
37
Policy-based data
38
Aftermath Ex Post Facto Detection
39
Aftermath Information Sharing
40
Conclusions
41
Anti-Phishing Technology
  • Chokepoints and Countermeasures

Aaron EmighRadix Labsaaron_at_radixlabs.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Anti-Phishing Technology" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!