Defeating MageCart Attacks in a NAISS Way

Cătălin Rus; Dipti Sarmah; Mohammed El-Hajj

doi:10.5220/0012079300003555

Defeating MageCart Attacks in a NAISS Way

Cătălin Rus, Dipti Sarmah, Mohammed El-Hajj

2023

Abstract

MageCart attacks pose a security threat to E-commerce platforms by using e-skimmers to steal payment details. Image steganography is used by attackers to conceal e-skimmers, making detection challenging. Existing solutions have limitations, such as incompatibility or insufficient functionality. This research proposes NAISS, a server-side middlebox solution that leverages digital signatures to filter unauthorized images without requiring client-side modifications. The proof-of-concept implementation demonstrates the efficacy of NAISS, filtering 100% of state of the art stegoimages, while indicating areas for further improvement.

Download

Paper Citation

in Harvard Style

Rus C., Sarmah D. and El-Hajj M. (2023). Defeating MageCart Attacks in a NAISS Way. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 691-697. DOI: 10.5220/0012079300003555

in Bibtex Style

@conference{secrypt23,
author={Cătălin Rus and Dipti Sarmah and Mohammed El-Hajj},
title={Defeating MageCart Attacks in a NAISS Way},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={691-697},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012079300003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Defeating MageCart Attacks in a NAISS Way
SN - 978-989-758-666-8
AU - Rus C.
AU - Sarmah D.
AU - El-Hajj M.
PY - 2023
SP - 691
EP - 697
DO - 10.5220/0012079300003555
PB - SciTePress