@conference {Zouina20171615, title = {An aspiring solution to the MITM bootstrap vulnerability}, booktitle = {Proceedings of the 29th International Business Information Management Association Conference - Education Excellence and Innovation Management through Vision 2020: From Regional Development Sustainability to Global Economic Growth}, year = {2017}, note = {cited By 0}, pages = {1615-1622}, abstract = {The proposed work falls within the context of improving data security for m-commerce (mobile commerce) systems. In this context we have placed under the light some flaws encountered in HTTPS (Hypertext Transfer Protocol Secure) the most used m-commerce protocol, particularly the man in the middle attack, shortly MITM. The man in the middle attack is an active listening attack; the idea of this attack is to target the handshake phase of the HTTPS protocol which is the transition from a non-secure connection to a secure connection in our case HTTP (Hypertext Transfer Protocol) to HTTPS. This paper proposes a solution to fix those flaws based on the upgrade of HSTS (HTTP Strict Transport Security) standard handshake sequence using the DNSSEC standard (Domain Name System Security Extensions).}, url = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-85029759601\&partnerID=40\&md5=963ec95920c1fef56bbbb9224b5f2501}, author = {Zouina, M. and Outtaj, B.} } @article {Zouina2017, title = {A novel lightweight URL phishing detection system using SVM and similarity index}, journal = {Human-centric Computing and Information Sciences}, volume = {7}, number = {1}, year = {2017}, note = {cited By 1}, abstract = {The phishing is a technique used by cyber-criminals to impersonate legitimate websites in order to obtain personal information. This paper presents a novel lightweight phishing detection approach completely based on the URL (uniform resource locator). The mentioned system produces a very satisfying recognition rate which is 95.80\%. This system, is an SVM (support vector machine) tested on a 2000 records data-set consisting of 1000 legitimate and 1000 phishing URLs records. In the literature, several works tackled the phishing attack. However those systems are not optimal to smartphones and other embed devices because of their complex computing and their high battery usage. The proposed system uses only six URL features to perform the recognition. The mentioned features are the URL size, the number of hyphens, the number of dots, the number of numeric characters plus a discrete variable that correspond to the presence of an IP address in the URL and finally the similarity index. Proven by the results of this study the similarity index, the feature we introduce for the first time as input to the phishing detection systems improves the overall recognition rate by 21.8\%. {\textcopyright} 2017, The Author(s).}, doi = {10.1186/s13673-017-0098-1}, url = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-85020465562\&doi=10.1186\%2fs13673-017-0098-1\&partnerID=40\&md5=8781f2d95cd57e8104c9158ba92a38dd}, author = {Zouina, M. and Outtaj, B.} }