{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T17:34:11Z","timestamp":1743096851402,"version":"3.40.3"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030493356"},{"type":"electronic","value":"9783030493363"}],"license":[{"start":{"date-parts":[[2020,8,13]],"date-time":"2020-08-13T00:00:00Z","timestamp":1597276800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,8,13]],"date-time":"2020-08-13T00:00:00Z","timestamp":1597276800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-49336-3_40","type":"book-chapter","created":{"date-parts":[[2020,8,12]],"date-time":"2020-08-12T12:05:28Z","timestamp":1597233928000},"page":"409-418","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Survey on Countermeasures Against Man-in-the-Browser Attacks"],"prefix":"10.1007","author":[{"given":"Sampsa","family":"Rauti","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,8,13]]},"reference":[{"key":"40_CR1","doi-asserted-by":"crossref","unstructured":"Almeshekah, M.H., Atallah, M.J., Spafford, E.H.: Enhancing passwords security using deceptive covert communication. In: IFIP International Information Security and Privacy Conference, pp. 159\u2013173. Springer, Cham (2015)","DOI":"10.1007\/978-3-319-18467-8_11"},{"key":"40_CR2","doi-asserted-by":"crossref","unstructured":"Biedermann, S., Ruppenthal, T., Katzenbeisser, S.: Data-centric phishing detection based on transparent virtualization technologies. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust, pp. 215\u2013223. IEEE (2014)","DOI":"10.1109\/PST.2014.6890942"},{"key":"40_CR3","first-page":"1","volume-title":"In: Nordic Conference on Secure IT Systems","author":"A Blom","year":"2012","unstructured":"Blom, A., de Koning Gans, G., Poll, E., De Ruiter, J., Verdult, R.: Designed to fail: a USB-connected reader for online banking. In: Nordic Conference on Secure IT Systems, pp. 1\u201316. Springer, Cham (2012)"},{"key":"40_CR4","doi-asserted-by":"crossref","unstructured":"Buescher, A., Leder, F., Siebert, T.: Banksafe information stealer detection inside the web browser. In: International Workshop on Recent Advances in Intrusion Detection, pp. 262\u2013280. Springer, Cham (2011)","DOI":"10.1007\/978-3-642-23644-0_14"},{"key":"40_CR5","doi-asserted-by":"crossref","unstructured":"Chow, Y.W., Susilo, W., Yang, G., Au, M.H., Wang, C.: Authentication and transaction verification using QR codes with a mobile device. In: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, pp. 437\u2013451. Springer, Cham (2016)","DOI":"10.1007\/978-3-319-49148-6_36"},{"key":"40_CR6","doi-asserted-by":"crossref","first-page":"365","DOI":"10.1007\/978-3-662-45472-5_24","volume-title":"Financial Cryptography and Data Security","author":"A Dmitrienko","year":"2014","unstructured":"Dmitrienko, A., Liebchen, C., Rossow, C., Sadeghi, A.R.: On the (in)security of mobile two-factor authentication. In: Christin, N., Safavi-Naini, R. (eds.) Financial Cryptography and Data Security, pp. 365\u2013383. Springer, Heidelberg (2014)"},{"issue":"1","key":"40_CR7","doi-asserted-by":"publisher","first-page":"29","DOI":"10.4018\/jaci.2012010103","volume":"4","author":"T Dougan","year":"2012","unstructured":"Dougan, T., Curran, K.: Man in the browser attacks. Int. J. Ambient Comput. Intell. (IJACI) 4(1), 29\u201339 (2012)","journal-title":"Int. J. Ambient Comput. Intell. (IJACI)"},{"key":"40_CR8","unstructured":"Entrust: Defeating man-in-the-browser malware \u2013 how to prevent the latest malware attacks against consumer and corporate banking. White paper (2014)"},{"key":"40_CR9","doi-asserted-by":"crossref","unstructured":"Garcia-Cervigon, M., Llin\u00e0s, M.M.: Browser function calls modeling for banking malware detection. In: 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS), pp. 1\u20137. IEEE (2012)","DOI":"10.1109\/CRISIS.2012.6378950"},{"key":"40_CR10","unstructured":"Gezer, A., Warner, G., Wilson, C., Shrestha, P.: A flow-based approach for trickbot banking trojan detection. Comput. Secur. 84, 179\u2013192 (2019)"},{"key":"40_CR11","doi-asserted-by":"crossref","unstructured":"Goyal, P., Bansal, N., Gupta, N.: Averting man in the browser attack using user-specific personal images. In: 3rd IEEE International Advance Computing Conference (IACC), pp. 1283\u20131286. IEEE (2013)","DOI":"10.1109\/IAdCC.2013.6514413"},{"key":"40_CR12","doi-asserted-by":"crossref","unstructured":"Guha, A., Fredrikson, M., Livshits, B., Swamy, N.: Verified security for browser extensions. In: IEEE Symposium on Security and Privacy. IEEE 2011, pp. 115\u2013130 (2011)","DOI":"10.1109\/SP.2011.36"},{"key":"40_CR13","unstructured":"G\u00fchring, P.: Concepts against man-in-the-browser attacks. Technical report (2006)"},{"key":"40_CR14","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1016\/j.cose.2015.07.004","volume":"55","author":"Y Jia","year":"2015","unstructured":"Jia, Y., Chen, Y., Dong, X., Saxena, P., Mao, J., Liang, Z.: Man-in-the-browser-cache: persisting https attacks via browser cache poisoning. Comput. Secur. 55, 62\u201380 (2015)","journal-title":"Comput. Secur."},{"key":"40_CR15","doi-asserted-by":"crossref","unstructured":"Konoth, R.K., van\u00a0der Veen, V., Bos, H.: How anywhere computing just killed your phone-based two-factor authentication. In: International Conference on Financial Cryptography and Data Security, pp. 405\u2013421. Springer, Cham (2016)","DOI":"10.1007\/978-3-662-54970-4_24"},{"key":"40_CR16","unstructured":"Liu, L., Zhang, X., Yan, G., Chen, S., et\u00a0al.: Chrome extensions: threat analysis and countermeasures. In: NDSS (2012)"},{"key":"40_CR17","doi-asserted-by":"crossref","unstructured":"Marouf, S., Shehab, M.: Towards improving browser extension permission management and user awareness. In: 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), pp. 695\u2013702. IEEE (2012)","DOI":"10.4108\/icst.collaboratecom.2012.250642"},{"key":"40_CR18","unstructured":"Nor, F.B.M., Jalil, K.A., et\u00a0al.: An enhanced remote authentication scheme to mitigate man-in-the-browser attacks. In: Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), pp. 271\u2013276. IEEE (2012)"},{"key":"40_CR19","doi-asserted-by":"crossref","unstructured":"Rauti, S., Lepp\u00e4nen, V.: Man-in-the-browser attacks in modern web browsers. In: Emerging Trends in ICT Security, pp. 469\u2013480. Elsevier (2014)","DOI":"10.1016\/B978-0-12-411474-6.00028-1"},{"key":"40_CR20","doi-asserted-by":"crossref","unstructured":"Rauti, S., Parisod, H., Aromaa, M., Salanter\u00e4, S., Hyrynsalmi, S., Lahtiranta, J., Smed, J., Lepp\u00e4nen, V.: A proxy-based security solution for web-based online ehealth services. In: International Conference on Well-Being in the Information Society, pp. 168\u2013176. Springer, Cham (2014)","DOI":"10.1007\/978-3-319-10211-5_17"},{"issue":"4","key":"40_CR21","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1504\/IJITST.2012.054058","volume":"4","author":"M Rautila","year":"2012","unstructured":"Rautila, M., Suomalainen, J.: Secure inspection of web transactions. Int. J. Internet Technol. Secur. Trans. 4(4), 253\u2013271 (2012)","journal-title":"Int. J. Internet Technol. Secur. Trans."},{"key":"40_CR22","doi-asserted-by":"crossref","unstructured":"Ronchi, C., Zakhidov, S.: Hardened client platforms for secure internet banking. In: ISSE 2008 Securing Electronic Business Processes, pp. 367\u2013379. Springer, Cham (2009)","DOI":"10.1007\/978-3-8348-9283-6_39"},{"key":"40_CR23","unstructured":"SafeNet: Safenet etoken 3500 (2011). https:\/\/www.pronew.com.tw\/download\/doc\/eToken3500_PB_(EN)_web.pdf"},{"issue":"12","key":"40_CR24","first-page":"1","volume":"3","author":"A Saisudheer","year":"2013","unstructured":"Saisudheer, A., Tech, M.: Smart phone as software token for generating digital signature code for signing in online banking transaction. Int. J. Comput. Eng. Sci. 3(12), 1\u20134 (2013)","journal-title":"Int. J. Comput. Eng. Sci."},{"key":"40_CR25","unstructured":"St\u00e5hlberg, M.: The trojan money spinner. In: Virus Bulletin Conference, vol.\u00a04 (2007)"},{"issue":"3","key":"40_CR26","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/s11416-007-0078-5","volume":"4","author":"M Ter Louw","year":"2008","unstructured":"Ter Louw, M., Lim, J.S., Venkatakrishnan, V.N.: Enhancing web browser security against malware extensions. J. Comput. Virol. 4(3), 179\u2013195 (2008)","journal-title":"J. Comput. Virol."},{"key":"40_CR27","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10207-019-00442-1","volume":"18","author":"E Toreini","year":"2019","unstructured":"Toreini, E., Shahandashti, S.F., Mehrnezhad, M., Hao, F.: Domtegrity: ensuring web page integrity against malicious browser extensions. Int. J. Inf. Secur. 18, 1\u201314 (2019)","journal-title":"Int. J. Inf. Secur."},{"key":"40_CR28","unstructured":"Tsai, K.: Addressing new NIST authentication guidelines with symantec VIP (2016). https:\/\/www.symantec.com\/connect\/blogs\/addressing-new-nist-authentication-guidelines-symantec-vip"},{"key":"40_CR29","doi-asserted-by":"crossref","unstructured":"Tsuchiya, T., Fujita, M., Takahashi, K., Kato, T., Magata, F., Teshigawara, Y., Sasaki, R., Nishigaki, M.: Secure communication protocol between a human and a bank server for preventing man-in-the-browser attacks. In: International Conference on Human Aspects of Information Security, Privacy, and Trust, pp. 77\u201388. Springer, Cham (2016)","DOI":"10.1007\/978-3-319-39381-0_8"},{"key":"40_CR30","unstructured":"Utakrit, N.: Review of browser extensions, a man-in-the-browser phishing techniques targeting bank customers (2009)"},{"key":"40_CR31","doi-asserted-by":"crossref","unstructured":"Van\u00a0Acker, S., Nikiforakis, N., Desmet, L., Piessens, F., Joosen, W.: Monkey-in-the-browser: malware and vulnerabilities in augmented browsing script markets. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 525\u2013530. ACM (2014)","DOI":"10.1145\/2590296.2590311"},{"key":"40_CR32","doi-asserted-by":"crossref","unstructured":"Wang, L., Xiang, J., Jing, J., Zhang, L.: Towards fine-grained access control on browser extensions. In: International Conference on Information Security Practice and Experience, pp. 158\u2013169. Springer, Cham (2012)","DOI":"10.1007\/978-3-642-29101-2_11"},{"key":"40_CR33","doi-asserted-by":"crossref","unstructured":"Weigold, T., Kramp, T., Hermann, R., H\u00f6ring, F., Buhler, P., Baentsch, M.: The Zurich trusted information channel\u2013an efficient defence against man-in-the-middle and malicious software attacks. In: International Conference on Trusted Computing, pp. 75\u201391. Springer, Cham (2008)","DOI":"10.1007\/978-3-540-68979-9_6"},{"issue":"2","key":"40_CR34","doi-asserted-by":"publisher","first-page":"137","DOI":"10.4018\/IJDCF.2018040108","volume":"10","author":"P Zhang","year":"2018","unstructured":"Zhang, P., He, Y., Chow, K.: Fraud track on secure electronic check system. Int. J. Digital Crime Forensics 10(2), 137\u2013144 (2018)","journal-title":"Int. J. Digital Crime Forensics"}],"container-title":["Advances in Intelligent Systems and Computing","Hybrid Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-49336-3_40","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,5]],"date-time":"2023-10-05T17:15:43Z","timestamp":1696526143000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-49336-3_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,13]]},"ISBN":["9783030493356","9783030493363"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-49336-3_40","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2020,8,13]]},"assertion":[{"value":"13 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"HIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Hybrid Intelligent Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sehore","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"his2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.mirlabs.net\/his19\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}