3rd TIPPI Workshop

Transaction Generators: Rootkits for the Web

Speaker: Collin Jackson, Stanford University

Title: Transaction Generators: Rootkits for the Web

Abstract:
New authentication mechanisms such as one-time passwords and client certificates are now being deployed to combat phishing threats such as phishing and keyloggers. As passwords become harder to steal, keyloggers are evolving into a new strain of identity theft malware: transaction generators that do not steal credentials directly, but rather take over legitimate sessions and stealthily issue real-time transactions without the account holder's knowledge. Transaction authentication using trusted paths can help web sites to defend against these attacks.

Joint work with Dan Boneh and John Mitchell.


Back to TIPPI workshop page