Open access
Author
Date
2011-12Type
- Master Thesis
ETH Bibliography
yes
Altmetrics
Abstract
The CREALOGIX E-Banking AG develops and distributes the CLX.E-Banking system, an online banking system used by several domestic and international banking institutions. The goal of this thesis was to design and implement two extensions to the system, a forensic analysis tool and an additional security system. <br/><br/> A forensic analysis tool is required to monitor the interactions between the e-banking system and its customers. It enables the system administrator to look at the details of each interaction, which is required to perform an investigation of an attack or any other fraudulent or suspicious behaviour that has been reported by a customer, a bank employee or a security system. The system has an asynchronous background task collecting all available data, a filter mechanism discarding not required parts and a GUI integrated into the administration interface of the e-banking system that presents the details of each interaction to the administrator. <br/><br/> The additional security system is designed to analyse the behaviour of each customer and detect deviations in the behaviour that point towards an attack. The system describes the behaviour as a set of aspects, each consisting of several properties. The value of each property is constantly checked for its legitimacy. A set of rules determines if an illegitimate value is to be considered an attack, and if so, how the system should react. <br/><br/> The results of the thesis show the need to have such a security system. It is able to detect a number of different types of attacks, some of which could not be detected without it. The fact that this can be achieved without exhausting the system's full potential shows how powerful this approach to a security system is. Show more
Permanent link
https://doi.org/10.3929/ethz-a-006890709Publication status
publishedPublisher
Eidgenössische Technische Hochschule Zürich, Department of Computer ScienceSubject
BUSINESS INFORMATION SYSTEMS; BETRIEBLICHE INFORMATIONSSYSTEME; ELECTRONIC BANKINGOrganisational unit
02150 - Dep. Informatik / Dep. of Computer Science03506 - Alonso, Gustavo / Alonso, Gustavo
More
Show all metadata
ETH Bibliography
yes
Altmetrics