Skip to main content
back to agenda
on this page

B-Armor: real time "browser-in-the-browser" attack detection

  • 14:00
  • Thu
  • 16 Nov
Arsenal 3


Today's phishing attacks develop continuously, till they reached the newly discovered attack named Browser-in-the-Browse. It is designed in a way that is hard to detect, and it deceives the user. This type of phishing attack is mainly used to steal user’s credentials using a single sign-on that appears within a pop-up webpage, where its URL looks correct and safe to the victim. Moreover, content page URLs display correct addresses when users hover the mouse over the webpage content links.

After the literature reviews, it was found that no solution has been discovered for this type of attack till now. This session proposes the “B-Armor” solution, a real-time plug-in that can detect Browser-in-the-Browser attacks. The proposed solution relies on four significant indicators, and it calculates the final security percentage of the webpage to provide the proper alert to the user.

In this session, the proposed solution is explained and discussed extensively in more detail.