Home // SECURWARE 2022, The Sixteenth International Conference on Emerging Security Information, Systems and Technologies // View article

Phishing Resistant Systems: A Literature Review

Authors:
Jonathan Luckett

Keywords: phishing; phishing-resistant; FIDO; SPK; DKIM; DMARC; Defender

Abstract:
Phishing is one of the leading cyber attack vectors against businesses and consumers. President Biden signed an Executive Order on Improving the Nation’s Cybersecurity in May of 2021. The Administration followed up with Memorandum M-22-09, which in addition to laying out a Zero Trust strategy for the federal government to follow, also provides special emphasis on phishing resistant systems such as MFA. This paper provides a literature review of phishing resistant systems and covers Microsoft solutions for the enterprise, eliminating passwords as specified in the Web Authentication API and FIDO 2 standards. Research into how threat actors accomplish phishing schemes is examined, along with email authentication (Sender Policy Framework, SPK; Domain Key Identified Mail (DKIM); and the Domain-Based Message Authentication, Reporting and Conformance (DMARC) standard). Browser-based detection systems are also reviewed, along with phishing intelligence databases that developers can integrate into their applications.

Pages: 9 to 14

Copyright: Copyright (c) IARIA, 2022

Publication date: October 16, 2022

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-68558-007-0

Location: Lisbon, Portugal

Dates: from October 16, 2022 to October 20, 2022