One small step for a man
One Giant leap for the mankind

There is no wealth like Knowledge
                            No Poverty like Ignorance
Journal of Emerging Trends in Computing and Information Sciences Logo

Journal of Emerging Trends in Computing and Information Sciences >> Call for Papers Vol. 8 No. 3, March 2017

Journal of Emerging Trends in Computing and Information Sciences

Web Application Security of Money Transfer Systems

Full Text Pdf Pdf
Author Alaa Hussein Al-hamami, Fadi Ali Oqla Najadat, Mohammed Saad Abdul Wahhab
ISSN 2079-8407
On Pages 365-372
Volume No. 3
Issue No. 3
Issue Date March 01, 2012
Publishing Date March 01, 2012
Keywords SilentBanker; MitM, MitB, WAS; SSL, ST; SA; TA; System.Security.CodeAccessPermission; Encryption/Decryption.


Abstract

Information security science started to play a vital role in our life and became an important issue used for judging on any system about either its success or failure. E-banking applications for transferring money are considered as one of the most important applications that banks nowadays are taking care about; maintaining its process validity and accuracy as a necessity for the health of the transferring process to transfer the correct amount into the right receiver.
E-money transferring process can be attacked by hackers through using different malwares and viruses for changing the transferee information and the transferring amount, one of them called "Silent Banker” and is considered one of the most important threats that appealed a global senior banks’ concern around the world because of its high capability in penetrating the most powerful security banking systems and the ability to use different tools to do so, which cost banks large and painful losses.
This paper proposes a solution to the “SilentBanker” problem through blocking possible security vulnerabilities that SilentBanker can penetrate the security system through. The necessary tests were held through this thesis to prove the validity of the proposed solutions.
Three main phases are presented which are: phase (0): Lock the browser, phase (1): Encryption and phase (2): Decryption; all are combined in order to introduce the best results in preventing the SilentBanker attacks. Results showed that the banking side presents major role in the detection process as checking whether the transfer process was successful so to successfully transfer the amount and without any error through, or to inquire both bank and client sides about the failures if not.  

Back

Seperator
    Journal of Computing | Call for Papers (CFP) | Journal Blog | Journal of Systems and Software | ARPN Journal of Science and Technology | International Journal of Health and Medical Sciences | International Journal of Economics, Finance and Management     
Copyrights
© 2015 Journal of Computing