Securing User Input as a Defense Against MitB

摘要: In MitB is a sophisticated form of attack wherein Trojan or bot embedded in the browser steals and tampers with legitimate user data. Online banking websites have all along been favourite playground for these bots. While most sites employ multi-factor authentication, one-time pads transactions, even presence Secure Sockets Layer channel they are still not resilient against attacks. This paper demonstrates how vulnerable our web accounts to using two significant real life examples - Gmail account secured Google's 2-step verification an online transaction. The also talks about defending by identifying securing inputs system that will be weakest link device transaction authorization chain. nature this such happen so silently, may notice any malicious activity simply disregard unnatural behaviour as oversight on part himself technical difficulty. Hence, what reiterates that, engineers software systems, security has enforced end when required must left option tech savvy users alone.