{"id":"https://openalex.org/W4309375085","doi":"https://doi.org/10.1109/cns56114.2022.9947253","title":"A User-Friendly Two-Factor Authentication Method against Real-Time Phishing Attacks","display_name":"A User-Friendly Two-Factor Authentication Method against Real-Time Phishing Attacks","publication_year":2022,"publication_date":"2022-10-03","ids":{"openalex":"https://openalex.org/W4309375085","doi":"https://doi.org/10.1109/cns56114.2022.9947253"},"language":"en","primary_location":{"id":"doi:10.1109/cns56114.2022.9947253","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns56114.2022.9947253","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://scholarsphere.psu.edu/resources/e030cd74-1a2a-42bd-b76c-2cacea09aaaa/downloads/22058","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090762232","display_name":"Yuanyi Sun","orcid":null},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yuanyi Sun","raw_affiliation_strings":["School of EECS, The Pennsylvania State University,University Park,PA,16802"],"affiliations":[{"raw_affiliation_string":"School of EECS, The Pennsylvania State University,University Park,PA,16802","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101952501","display_name":"Sencun Zhu","orcid":"https://orcid.org/0000-0002-1047-7967"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sencun Zhu","raw_affiliation_strings":["School of EECS, The Pennsylvania State University,University Park,PA,16802"],"affiliations":[{"raw_affiliation_string":"School of EECS, The Pennsylvania State University,University Park,PA,16802","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101811427","display_name":"Yan Zhao","orcid":"https://orcid.org/0000-0002-2223-9704"},"institutions":[{"id":"https://openalex.org/I4210128605","display_name":"Shape Memory Medical (United States)","ror":"https://ror.org/0348zy043","country_code":"US","type":"company","lineage":["https://openalex.org/I4210128605"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yan Zhao","raw_affiliation_strings":["Shape Security,Santa Clara,CA","Shape Security, Santa Clara, CA"],"affiliations":[{"raw_affiliation_string":"Shape Security,Santa Clara,CA","institution_ids":["https://openalex.org/I4210128605"]},{"raw_affiliation_string":"Shape Security, Santa Clara, CA","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101889206","display_name":"Pengfei Sun","orcid":"https://orcid.org/0000-0002-9719-8900"},"institutions":[{"id":"https://openalex.org/I4210128605","display_name":"Shape Memory Medical (United States)","ror":"https://ror.org/0348zy043","country_code":"US","type":"company","lineage":["https://openalex.org/I4210128605"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pengfei Sun","raw_affiliation_strings":["Shape Security,Santa Clara,CA","Shape Security, Santa Clara, CA"],"affiliations":[{"raw_affiliation_string":"Shape Security,Santa Clara,CA","institution_ids":["https://openalex.org/I4210128605"]},{"raw_affiliation_string":"Shape Security, Santa Clara, CA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5090762232"],"corresponding_institution_ids":["https://openalex.org/I130769515"],"apc_list":null,"apc_paid":null,"fwci":1.8181,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.88571051,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"91","last_page":"99"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9930999875068665,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8437977433204651},{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.7618613243103027},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.6087294220924377},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5421487092971802},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5408812165260315},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.537721574306488},{"id":"https://openalex.org/keywords/keystroke-logging","display_name":"Keystroke logging","score":0.4883210361003876},{"id":"https://openalex.org/keywords/chip-authentication-program","display_name":"Chip Authentication Program","score":0.464895635843277},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.42304015159606934},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.24073275923728943},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.14122983813285828},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.12388718128204346}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8437977433204651},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.7618613243103027},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.6087294220924377},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5421487092971802},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5408812165260315},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.537721574306488},{"id":"https://openalex.org/C161615301","wikidata":"https://www.wikidata.org/wiki/Q309396","display_name":"Keystroke logging","level":2,"score":0.4883210361003876},{"id":"https://openalex.org/C142124187","wikidata":"https://www.wikidata.org/wiki/Q5101471","display_name":"Chip Authentication Program","level":5,"score":0.464895635843277},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.42304015159606934},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.24073275923728943},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.14122983813285828},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.12388718128204346}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/cns56114.2022.9947253","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns56114.2022.9947253","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},{"id":"pmh:oai:scholarsphere.psu.edu:5e7fde10-802c-431f-872a-b922450a97cd","is_oa":true,"landing_page_url":"https://scholarsphere.psu.edu/resources/5e7fde10-802c-431f-872a-b922450a97cd","pdf_url":"https://scholarsphere.psu.edu/resources/e030cd74-1a2a-42bd-b76c-2cacea09aaaa/downloads/22058","source":{"id":"https://openalex.org/S4306401507","display_name":"ScholarSphere (Penn State Libraries)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I3130638595","host_organization_name":"Pangasinan State University","host_organization_lineage":["https://openalex.org/I3130638595"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"}],"best_oa_location":{"id":"pmh:oai:scholarsphere.psu.edu:5e7fde10-802c-431f-872a-b922450a97cd","is_oa":true,"landing_page_url":"https://scholarsphere.psu.edu/resources/5e7fde10-802c-431f-872a-b922450a97cd","pdf_url":"https://scholarsphere.psu.edu/resources/e030cd74-1a2a-42bd-b76c-2cacea09aaaa/downloads/22058","source":{"id":"https://openalex.org/S4306401507","display_name":"ScholarSphere (Penn State Libraries)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I3130638595","host_organization_name":"Pangasinan State University","host_organization_lineage":["https://openalex.org/I3130638595"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4309375085.pdf"},"referenced_works_count":16,"referenced_works":["https://openalex.org/W1498527206","https://openalex.org/W1534216444","https://openalex.org/W1955134710","https://openalex.org/W1989085188","https://openalex.org/W1990556702","https://openalex.org/W2059201166","https://openalex.org/W2083055907","https://openalex.org/W2166731089","https://openalex.org/W2756169798","https://openalex.org/W2945441410","https://openalex.org/W2963037989","https://openalex.org/W4293584584","https://openalex.org/W6640709003","https://openalex.org/W6647788444","https://openalex.org/W6647927487","https://openalex.org/W6750227808"],"related_works":["https://openalex.org/W2320589413","https://openalex.org/W2065920179","https://openalex.org/W2889672494","https://openalex.org/W2277743221","https://openalex.org/W2943527182","https://openalex.org/W2886761711","https://openalex.org/W2278696264","https://openalex.org/W1483112216","https://openalex.org/W3129147562","https://openalex.org/W2370466952"],"abstract_inverted_index":{"Today,":[0],"two-factor":[1],"authentication":[2,121],"(2FA)":[3],"is":[4,97,144,186,213],"a":[5,59,86,100,104,149,163,167,220],"widely":[6],"implemented":[7],"mechanism":[8],"to":[9,27,90,98,102,198],"counter":[10,91],"phishing":[11,30,45,60],"attacks.":[12,80,93],"Although":[13],"much":[14],"effort":[15],"has":[16,47,203],"been":[17],"investigated":[18],"in":[19,114,178],"2FA,":[20],"most":[21],"2FA":[22,72,88,200],"systems":[23],"are":[24],"still":[25],"vulnerable":[26],"carefully":[28],"designed":[29],"attacks,":[31],"and":[32,138,174],"some":[33],"even":[34,51],"request":[35,99],"special":[36,208],"hardware,":[37],"which":[38],"limits":[39],"their":[40],"wide":[41],"deployment.":[42],"Recently,":[43],"real-time":[44],"(RTP)":[46],"made":[48],"the":[49,66,107,111,115,119,128,142,154,216],"situation":[50],"worse":[52],"because":[53],"an":[54,158,187],"adversary":[55,159],"can":[56,73],"effortlessly":[57],"establish":[58],"website":[61,147,165],"without":[62],"any":[63],"background":[64],"of":[65,106],"web":[67,108,124],"page":[68],"design":[69],"technique.":[70],"Traditional":[71],"be":[74],"easily":[75],"bypassed":[76],"by":[77],"such":[78],"RTP":[79,92,155],"In":[81],"this":[82,146],"work,":[83],"we":[84],"propose":[85],"novel":[87],"system":[89,173],"The":[94,123,181],"main":[95],"idea":[96],"user":[101,143],"take":[103],"photo":[105],"browser":[109],"with":[110,166,190],"domain":[112,129],"name":[113,130],"address":[116],"bar":[117],"as":[118],"2nd":[120],"factor.":[122],"server":[125],"side":[126,218],"extracts":[127],"information":[131],"based":[132],"on":[133,215],"Optical":[134],"Character":[135],"Recognition":[136],"(OCR),":[137],"then":[139],"determines":[140],"if":[141],"visiting":[145],"or":[148,210],"fake":[150,164],"one,":[151],"thus":[152],"defeating":[153],"attacks":[156],"where":[157],"must":[160],"set":[161],"up":[162],"different":[168],"domain.":[169],"We":[170,193],"prototyped":[171],"our":[172],"evaluated":[175],"its":[176],"performance":[177],"various":[179],"environments.":[180],"results":[182],"showed":[183,195],"that":[184,196],"PhotoAuth":[185,202],"effective":[188],"technique":[189],"good":[191],"scalability.":[192],"also":[194],"compared":[197],"other":[199],"systems,":[201],"several":[204],"advantages,":[205],"especially":[206],"no":[207],"hardware":[209],"software":[211],"support":[212],"needed":[214],"client":[217],"except":[219],"phone,":[221],"making":[222],"it":[223],"readily":[224],"deployable.":[225]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}