Abstract: The invention provides a method and system for dynamically generating a hint to recall a password for a user account of a user. The method for dynamically generating the hint to recall the password for the user account of the user includes the steps of receiving the password for the user account while the user inputs the password field of a login page. The password comprises a plurality of characters. The method, then, converts the password from the plain text to a hash value using a hash function. Thereafter, the method performs a modulo operation on the hash value to obtain an index pointing an object within an object library associated with the user. The method, then, displays, the object as the hint. The hint enables the user to create a mental association between the password and the object for the user account.

Abstract: The present disclosure generally relates to information security and, more particularly, to systems and methods of comparative evaluation for phishing mitigation. Evaluating the anti-phishing approaches includes: initiating, on a computing device, a phishing attack; initiating, on the computing device, an anti-phishing approach against the phishing attack; and evaluating, using the computing device, different criteria of the anti-phishing approach to determine an overall effectiveness of the anti-phishing approach by applying a comparative framework of evaluation metrics to the different criteria of the anti-phishing approach.

Abstract: The present disclosure generally relates to information security and, more particularly, to systems and methods implementing color image ray transform (IRT) for detecting phishing web pages. A focus is comparing the features of a questionable website to features of a legitimate website. Detection of a phishing website using color IRT includes: requesting access, on at least one computing device, to a web page having a Universal Resource Locator (URL); comparing, using the at least one computing device, the URL of the requested web page to a reference URL within a database stored in a memory; determining, using the at least one computing device, that the URL of the requested web page matches the reference URL; and generating, using the at least one computing device, a message that the web page is legitimate when there is a match between the URL of the requested web page and the reference URL.

Abstract: The invention provides a method and system for managing a gamified trustee based social authentication to recover an account of a user. The method for managing the gamified trustee based social authentication to recover the account of the user includes the step of registering a plurality of trustees associated with the user. Then, the method receives a vouching request from the user for recovering the account of the user. In response to receiving the vouching request, the method forwards the vouching request to the plurality of trustees for verifying the user for recovering the account. Further, the method rewards at least one trustee of the plurality of trustees in response to the at least one trustee responding to the vouching request.

Abstract: The invention provides a method and system for dynamically generating a hint to recall a password for a user account of a user. The method for dynamically generating the hint to recall the password for the user account of the user includes the steps of receiving the password for the user account while the user inputs the password field of a login page. The password comprises a plurality of characters. The method, then, converts the password from the plain text to a hash value using a hash function. Thereafter, the method performs a modulo operation on the hash value to obtain an index pointing an object within an object library associated with the user. The method, then, displays, the object as the hint. The hint enables the user to create a mental association between the password and the object for the user account.

Abstract: The present disclosure generally relates to information security and, more particularly, to systems and methods of comparative evaluation for phishing mitigation. Evaluating the anti-phishing approaches includes: initiating, on a computing device, a phishing attack; initiating, on the computing device, an anti-phishing approach against the phishing attack; and evaluating, using the computing device, different criteria of the anti-phishing approach to determine an overall effectiveness of the anti-phishing approach by applying a comparative framework of evaluation metrics to the different criteria of the anti-phishing approach.