Identifying and combating cyber-threats in the field of online banking

This thesis has been carried out in the industrial environment external to the University, as an industrial PhD. The results of this PhD have been tested, validated, and implemented in the production environment of Caixabank and have been used as models for others who have followed the same ideas. The most burning threats against banks throughout the Internet environment are based on software tools developed by criminal groups, applications running on web environment either on the computer of the victim (Malware) or on their mobile device itself through downloading rogue applications (fake app's with Malware APP). Method of the thesis has been used is an approximation of qualitative exploratory research on the problem, the answer to this problem and the use of preventive methods to this problem like used authentication systems. This method is based on samples, events, surveys, laboratory tests, experiments, proof of concept; ultimately actual data that has been able to deduce the thesis proposal, using both laboratory research and grounded theory methods of data pilot experiments conducted in real environments. I've been researching the various aspects related to e-crime following a line of research focusing on intrinsically related topics: - The methods, means and systems of attack: Malware, Malware families of banker Trojans, Malware cases of use, Zeus as case of use. - The fixed platforms, mobile applications and as a means for malware attacks. - forensic methods to analyze the malware and infrastructure attacks. - Continuous improvement of methods of authentication of customers and users as a first line of defense anti- malware. - Using biometrics as innovative factor authentication.The line investigating Malware and attack systems intrinsically is closed related to authentication methods and systems to infect customer (executables, APP's, etc.), because the main purpose of malware is precisely steal data entered in the "logon "authentication system, to operate and thus, fraudulently, steal money from online banking customers. Experiments in the Malware allowed establishing a new method of decryption establishing guidelines to combat its effects describing his fraudulent scheme and operation infection. I propose a general methodology to break the encryption communications malware (keystream), extracting the system used to encrypt such communications and a general approach of the Keystream technique. We show that this methodology can be used to respond to the threat of Zeus and finally provide lessons learned highlighting some general principles of Malware (in general) and in particular proposing Zeus Cronus, an IDS that specifically seeks the Zeus malware, testing it experimentally in a network production and providing an effective skills to combat the Malware are discussed. The thesis is a research interrelated progressive evolution between malware infection systems and authentication methods, reflected in the research work cumulatively, showing an evolution of research output and looking for a progressive improvement of methods authentication and recommendations for prevention and preventing infections, a review of the main app stores for mobile financial services and a proposal to these stores. The most common methods eIDAMS (authentication methods and electronic identification) implemented in Europe and its robustness are analyzed. An analysis of adequacy is presented in terms of efficiency, usability, costs, types of operations and segments including possibilities of use as authentication method with biometrics as innovation.Este trabajo de tesis se ha realizado en el entorno industrial externo a la Universidad como un PhD industrial Los resultados de este PhD han sido testeados, validados, e implementados en el entorno de producción de Caixabank y han sido utilizados como modelos por otras que han seguido las mismas ideas. Las amenazas más candentes contra los bancos en todo el entorno Internet, se basan en herramientas software desarrolladas por los grupos delincuentes, aplicaciones que se ejecutan tanto en entornos web ya sea en el propio ordenador de la víctima (Malware) o en sus dispositivos móviles mediante la descarga de falsas aplicaciones (APP falsa con Malware). Como método se ha utilizado una aproximación de investigación exploratoria cualitativa sobre el problema, la respuesta a este problema y el uso de métodos preventivos a este problema a través de la autenticación. Este método se ha basado en muestras, hechos, encuestas, pruebas de laboratorio, experimentos, pruebas de concepto; en definitiva datos reales de los que se ha podido deducir la tesis propuesta, utilizando tanto investigación de laboratorio como métodos de teoría fundamentada en datos de experimentos pilotos realizados en entornos reales. He estado investigando los diversos aspectos relacionados con e-crime siguiendo una línea de investigación focalizada en temas intrínsecamente relacionadas: - Los métodos, medios y sistemas de ataque: Malware, familias de Malware de troyanos bancarios, casos de usos de Malware, Zeus como caso de uso. - Las plataformas fijas, los móviles y sus aplicaciones como medio para realizar los ataques de Malware. - Métodos forenses para analizar el Malware y su infraestructura de ataque. - Mejora continuada de los métodos de autenticación de los clientes y usuarios como primera barrera de defensa anti- malware. - Uso de la biometría como factor de autenticación innovador. La línea investiga el Malware y sus sistemas de ataque intrínsecamente relacionada con los métodos de autenticación y los sistemas para infectar al cliente (ejecutables, APP's, etc.) porque el objetivo principal del malware es robar precisamente los datos que se introducen en el "logon" del sistema de autenticación para operar de forma fraudulenta y sustraer así el dinero de los clientes de banca electrónica. Los experimentos realizados en el Malware permitieron establecer un método novedoso de descifrado que estableció pautas para combatir sus efectos fraudulentos describiendo su esquema de infección y funcionamiento Propongo una metodología general para romper el cifrado de comunicaciones del malware (keystream) extrayendo el sistema utilizado para cifrar dichas comunicaciones y una generalización de la técnica de Keystream. Se demuestra que esta metodología puede usarse para responder a la amenaza de Zeus y finalmente proveemos lecciones aprendidas resaltando algunos principios generales del Malware (en general) y Zeus en particular proponiendo Cronus, un IDS que persigue específicamente el Malware Zeus, probándolo experimentalmente en una red de producción y se discuten sus habilidades y efectividad. En la tesis hay una evolución investigativa progresiva interrelacionada entre el Malware, sistemas de infección y los métodos de autenticación, que se refleja en los trabajos de investigación de manera acumulativa, mostrando una evolución del output de investigación y buscando una mejora progresiva de los métodos de autenticación y de la prevención y recomendaciones para evitar las infecciones, una revisión de las principales tiendas de Apps para servicios financieros para móviles y una propuesta para estas tiendas. Se analizan los métodos más comunes eIDAMS (Métodos de Autenticación e Identificación electrónica) implementados en Europa y su robustez y presentamos un análisis de adecuación en función de eficiencia, usabilidad, costes, tipos de operación y segmentos incluyendo un análisis de posibilidades con métodos biométricos como innovación.Postprint (published version

Selected Computing Research Papers Volume 1 June 2012

An Evaluation of Anti-phishing Solutions (Arinze Bona Umeaku) ..................................... 1 A Detailed Analysis of Current Biometric Research Aimed at Improving Online Authentication Systems (Daniel Brown) .............................................................................. 7 An Evaluation of Current Intrusion Detection Systems Research (Gavin Alexander Burns) .................................................................................................... 13 An Analysis of Current Research on Quantum Key Distribution (Mark Lorraine) ............ 19 A Critical Review of Current Distributed Denial of Service Prevention Methodologies (Paul Mains) ............................................................................................... 29 An Evaluation of Current Computing Methodologies Aimed at Improving the Prevention of SQL Injection Attacks in Web Based Applications (Niall Marsh) .............. 39 An Evaluation of Proposals to Detect Cheating in Multiplayer Online Games (Bradley Peacock) ............................................................................................................... 45 An Empirical Study of Security Techniques Used In Online Banking (Rajinder D G Singh) .......................................................................................................... 51 A Critical Study on Proposed Firewall Implementation Methods in Modern Networks (Loghin Tivig) .................................................................................................... 5

An empiric path towards fraud detection and protection for NFC-enabled mobile payment system

The synthesis of NFC technology accompanying mobile payment is a state-of-the-art resolution for payment users. In view of rapid development in electronic payment system there is rise in fraudulent activity in banking transactions associated with credit cards and card-not-present transaction. M-Commerce aid the consumers and helps to bestow real-time information in payment system. Due to the familiarization of m-commerce there is cogent increase in the number of fraudulent activities, emerging in billions of dollar loss every year worldwide. To absolute the security breaches, payment transactions could be confined by considering various parameters like user and device authentication, consumer behavior pattern, geolocation and velocity. In this paper we formally assay NFC-enabled mobile payment fraud detection ecosystem using score-based evaluation method. The fraud detection ecosystem will provide a solution based on transaction risk-modeling, scoring transaction, business rule-based, and cross-field referencing. The score-based evaluation method will analyze the transaction and reckon every transaction for fraud risk and take pertinent decision

Protecting the infrastructure: 3rd Australian information warfare & security conference 2002

The conference is hosted by the We-B Centre (working with a-business) in the School of Management Information System, the School of Computer & Information Sciences at Edith Cowan University. This year\u27s conference is being held at the Sheraton Perth Hotel in Adelaide Terrace, Perth. Papers for this conference have been written by a wide range of academics and industry specialists. We have attracted participation from both national and international authors and organisations. The papers cover many topics, all within the field of information warfare and its applications, now and into the future. The papers have been grouped into six streams: • Networks • IWAR Strategy • Security • Risk Management • Social/Education • Infrastructur

An empiric path towards fraud detection and protection for NFC-enabled mobile payment system

The synthesis of NFC technology accompanying mobile payment is a state-of-the-art resolution for payment users. In view of rapid development in electronic payment system there is rise in fraudulent activity in banking transactions associated with credit cards and card-not-present transaction. M-Commerce aid the consumers and helps to bestow real-time information in payment system. Due to the familiarization of m-commerce there is cogent increase in the number of fraudulent activities, emerging in billions of dollar loss every year worldwide. To absolute the security breaches, payment transactions could be confined by considering various parameters like user and device authentication, consumer behavior pattern, geolocation and velocity. In this paper we formally assay NFC-enabled mobile payment fraud detection ecosystem using score-based evaluation method. The fraud detection ecosystem will provide a solution based on transaction risk-modeling, scoring transaction, business rule-based, and cross-field referencing. The score-based evaluation method will analyze the transaction and reckon every transaction for fraud risk and take pertinent decision. Copyright © 2019 Universitas Ahmad Dahlan. All rights reserved

An investigation into the usability and acceptability of multi-channel authentication to online banking users in Oman

Authentication mechanisms provide the cornerstone for security for many distributed systems, especially for increasingly popular online applications. For decades, widely used, traditional authentication methods included passwords and PINs that are now inadequate to protect online users and organizations from ever more sophisticated attacks. This study proposes an improvement to traditional authentication mechanisms. The solution introduced here includes a one-time-password (OTP) and incorporates the concept of multiple levels and multiple channels – features that are much more successful than traditional authentication mechanisms in protecting users' online accounts from being compromised. This research study reviews and evaluates current authentication classes and mechanisms and proposes an authentication mechanism that uses a variety of techniques, including multiple channels, to resist attacks more effectively than most commonly used mechanisms. Three aspects of the mechanism were evaluated: 1. The security of multi-channel authentication (MCA) was evaluated in theoretical terms, using a widely accepted methodology. 2. The usability was evaluated by carrying out a user study. 3. Finally, the acceptability thereof was evaluated by asking the participants in study (2) specific questions which aligned with the technology acceptance model (TAM). The study’s analysis of the data, gathered from online questionnaires and application log tables, showed that most participants found the MCA mechanism superior to other available authentication mechanisms and clearly supported the proposed MCA mechanism and the benefits that it provides. The research presents guidelines on how to implement the proposed mechanism, provides a detailed analysis of its effectiveness in protecting users' online accounts against specific, commonly deployed attacks, and reports on its usability and acceptability. It represents a significant step forward in the evolution of authentication mechanisms meeting the security needs of online users while maintaining usability