'Cookie dynamic' - new anti-phishing security solution

Picture 1 of 'Cookie dynamic' - new anti-phishing security solution Scientists at Indiana State University of Information Technology have successfully developed a new security technique that provides stronger protection against electronic attacks and cybercrime.

Electronic security expert Markus Jakobsson and RavenWhite - a newly established company in which Jakobsson is a founding member - successfully developed "dynamic cookies". This is a new security solution designed to combat phishing attacks such as pharming or stealing personal information.

" There is not yet any reliable commercial tool to protect users from such attacks ," Jakobsson said. " We believe that 'dynamic cookies' can do that ."

'Dynamic cookies' can be applied in some cases where traditional cookies cannot function properly. Jakobsson's invention can not only help protect us from known phishing attacks or theft of personal information but also new attack threats similar to attacks. The work was discovered by Mark Meiss and Alex Tsow - two graduate students in computer science at Indiana State University of Information Technology.

Meiss discovered a technique that allowed a malicious attacker to break into most Wi-Fi connections for the purpose of redirecting users to a site completely different from the site they wanted to visit. counter. Meiss has also demonstrated the practicality of this technique at a hotspot point near a huge location.

" There is no specific solution to help users identify the attacks that are taking place, " Meiss explained. " You may not be sure that you are accessing the bank website where you are depositing, even though the site looks like it. There is no way we can distinguish it ."

Meanwhile, Tsow discovered that user-oriented sets could also be used to redirect users to a site other than the site the user wants to access. Tsow demonstrated this technique by opening the browser to enter eBay's address but the browser returned the site of Anti-Phishing Working Group.

" In the actual attack the user will be redirected to a site identical to the site they want to visit. But surely the site is operated by malicious attackers to steal a good username. User's bank account password , "Tsow said.

Jakobsson said that "dynamic cookies" could completely protect users from attacks or phishing attacks . for the purpose of online fraud.

RavenWhite believes that basic technologies will not be able to protect end users so the company is developing server technologies to combat increasingly complex attacks.

To learn more about RavenWhite's new technology, you can refer to the documentation here.