Development of recommendations for minimizing the risks of account hacking on the basis of analysis of the most common hacking methods

Коршун, Наталія Володимирівна and Літвінчук, Ірина Сергіївна and Корчомний, Руслан Олександрович and Борисов, Ігор Володимирович (2021) Development of recommendations for minimizing the risks of account hacking on the basis of analysis of the most common hacking methods Кібербезпека: освіта, наука, техніка (4(12)). pp. 163-171.

[thumbnail of N_Korshun_I_Litvinchuk_R_Korchomnyi_I_Borysov_CEST_12.pdf] Text
N_Korshun_I_Litvinchuk_R_Korchomnyi_I_Borysov_CEST_12.pdf - Published Version

Download (1MB)

Abstract

With the spread of the Internet, social networks, messengers, etc. and their penetration into all spheres of life of the modern individual, the number of attempts to obtain unauthorized access to personal information of users is increasing. Accounts are the most vulnerable target for hacking. Among the most common types of attacks - phishing, theft of cookies, use of keyloggers, brute force. Social engineering techniques have become very popular among attackers. Using a password in the form of a set of letters, numbers, and special characters is no longer sufficient to provide the required level of account security. The introduction of combined systems increases the number of identification features and increases data security. Systems based on contactless smart cards, USB keys, hybrid smart cards, bioelectronic systems can be used as additional protection mechanisms. One of the main recommendations for avoiding the consequences of fraudulent actions is double or multifactor authentication to verify the identity of the client (requiring users to provide data, such as a password, using other factors, such as a text message / SMS code or fingerprints). Multi-factor authentication should be used on all available Internet services, where possible, to ensure an acceptable level of security. There are two main types of multifactor authentication: the MFA application, an authentication process that is activated when a user tries to access one or more applications, and the MFA device, an authentication process that immediately activates the MFA at the login point. One of the most common authentication factors is the phone number. Email codes, text tokens, biometric verification, hardware tokens, security issues (secret issues) and more are also used.

Item Type: Article
Uncontrolled Keywords: multifactor authentication; phishing; password protection; biometric authentication
Subjects: Статті у наукометричних базах > Index Copernicus
Статті у журналах > Фахові (входять до переліку фахових, затверджений МОН)
Divisions: Факультети > Факультет інформаційних технологій та управління > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Depositing User: Наталія Володимирівна Коршун
Date Deposited: 18 Nov 2021 08:33
Last Modified: 18 Nov 2021 08:33
URI: https://elibrary.kubg.edu.ua/id/eprint/38750

Actions (login required)

View Item View Item