Skip to main content
Log in

An effective security assessment approach for Internet banking services via deep analysis of multimedia data

  • Special Issue Paper
  • Published:
Multimedia Systems Aims and scope Submit manuscript

Abstract

With the emergence of cyber technology, the biggest evolution has been observed in the use of Internet for financial purposes, in particular for the Internet banking sector. However, with the increase in the number of Internet banking users, many security issues have been discovered. In the recent past, there have been many successful cyber-attacks on the Internet banking services (IBS) throughout the world. There exists a huge amount of various data about the security of the banking systems, however, proper analysis of such data using various learning techniques is needed for security assessment. In this research work, we aim to assess the security of IBS by developing a framework based on deep analysis of big data (available in various formats) and the existing security requirements of the country. We propose a framework consisting of 93 data categories to assess the security of the IBS. We evaluate our proposed approach on a case study consisting of the banks providing IBS in Pakistan. A total of 21 Pakistani banks providing Internet banking services are analyzed thoroughly using our proposed framework. The result uncovered many deficiencies in the Internet banking services of the analyzed banks. All these deficiencies are conveyed to the respective banks for verification and helping them to take corrective measures. In addition, a comprehensive set of security recommendations is developed for the banks, their customers and the regularity authority for improving Internet banking security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Hamid, M.R.A., Amin, H., Lada, S., Ahmad, N.: A comparative analysis of Internet banking in Malaysia and Thailand. J. Internet Bus. 4, 1–19 (2007)

    Google Scholar 

  2. Furst, K., Lang, W.W., Nolle, D.E.: Internet banking. J Financ Servi Res 22, 95–117 (2002)

    Article  Google Scholar 

  3. Suganthi, R., Balachandher, K.G., Balachandran, S.: Internet banking patronage: an empirical investigation of malaysia. J. Internet Bank. Commerc. 6(1), 20–32 (2001)

    Google Scholar 

  4. Sathye, M.: Adoption of Internet banking by Australian consumers: an empirical investigation. Int J Bank Market 17, 324–334 (1999). https://doi.org/10.1108/02652329910305689

    Article  Google Scholar 

  5. Hutchinson, D., Warren, M.: Security for Internet banking: a framework. Logist Inform Manag 16, 64–73 (2003). https://doi.org/10.1108/09576050310453750

    Article  Google Scholar 

  6. BBC BBC. https://www.bbc.com/news/technology-37896273. Accessed 2 Apr 2019

  7. SCRIBD. https://www.scribd.com/document/321800525/2016-Bangladesh-Bank-heist-docx. Accessed 2 Apr 2019

  8. The Times of India. https://timesofindia.indiatimes.com/business/india-business. Accessed 2 Apr 2019

  9. PakCERT. https://www.pakcert.org. Accessed 3 Apr 2019

  10. State Bank of Pakistan. https://www.sbp.org.pk/psd/2015/C3-Annexure-A.pdf . Accessed 15 Apr 2019

  11. New York State Department. https://www.dfs.ny.gov/docs/legal/regulations/. Accessed 21 Apr 2019

  12. Frust, K., Lang, W.W., Nolle. D.E.: Internet Banking: Developments and Prospects (September 1, 2000). Office of the Comptroller of the Currency Economic and Policy Analysis Working Paper No. 2000-9. https://ssrn.com/abstract=1988503 (2000)

  13. Li, S., Ekberg, P., Morina, G.: Online banking access system: Principles behind choices and further development, seen from a managerial perspective [Internet] [Dissertation]. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-984 (2007)

  14. RSA. In: RSA 2010 global consumer security survey. https://www.rsa.com. Accessed 1 Apr 2019

  15. Shiraz, M., Boroumand, L., Gani, A., Khan, S.: An improved port knocking authentication framework for mobile cloud computing. Malaysian J Comput Sci 32, 269–283 (2019)

    Article  Google Scholar 

  16. Khan, S., Shiraz, M., Boroumand, L., et al.: Towards port-knocking authentication methods for mobile cloud computing. J Netw Comput App 97, 66–78 (2017)

    Article  Google Scholar 

  17. Iqbal, S., Kiah, M.L.M., Dhaghighi, B., et al.: On cloud security attacks: a taxonomy and intrusion detection and prevention as a service. J Netw Comput App 74, 98–120 (2016)

    Article  Google Scholar 

  18. Iqbal, S., Kiah, M.L.M., Anuar, N.B., et al.: Service delivery models of cloud computing: security issues and open challenges. Secur Commun Netw 9, 4726–4750 (2016)

    Article  Google Scholar 

  19. Jan S, Nguyen CD, Briand L (2015) Known XML Vulnerabilities Are Still a Threat to Popular Parsers and Open Source Systems. In: Proceedings - 2015 IEEE International Conference on Software Quality, Reliability and Security, QRS 2015. IEEE, pp 233–241

  20. Jan S, Nguyen CD, Briand LC (2016) Automated and effective testing of web services for XML injection attacks. In: ISSTA 2016 - Proceedings of the 25th International Symposium on Software Testing and Analysis. pp 12–23

  21. Jan S, Nguyen CD, Arcuri A, Briand L (2017) A Search-Based Testing Approach for XML Injection Vulnerabilities in Web Applications. In: Proceedings - 10th IEEE International Conference on Software Testing, Verification and Validation, ICST 2017. Institute of Electrical and Electronics Engineers Inc., pp 356–366

  22. Jan, S., Panichella, A., Arcuri, A., Briand, L.: Search-based multi-vulnerability testing of XML injections in web applications. Empirical Softw Eng 24, 3696–3729 (2019). https://doi.org/10.1007/s10664-019-09707-8

    Article  Google Scholar 

  23. Hole, K.J., Moen, V., Tjostheim, T.: Case study: online banking security. IEEE Secur Priv 4, 14–20 (2006). https://doi.org/10.1109/MSP.2006.36

    Article  Google Scholar 

  24. Subsorn, P., Limwiriyakul, S.: A comparative analysis of the security of internet banking in Australia: A customer perspective. In: Proceedings of the 2nd International Cyber Resilience Conference. Perth, Western Australia, pp 70–83 (2011)

  25. Subsorn, P., Limwiriyakul, S.: A comparative analysis of internet banking security in Thailand: a customer perspective. Procedia Eng 32, 260–272 (2012). https://doi.org/10.1016/j.proeng.2012.01.1266

    Article  Google Scholar 

  26. Subsorn, P., Limwiriyakul, S.: An analysis of internet banking security of foreign subsidiary banks in Australia: a customer perspective. Int J Comput Sci Issues (IJCSI) 9, 8 (2012)

    Google Scholar 

  27. Limwiriyakul S, Subsorn P (2012) A customer perspective investigation on internet banking security of licensed banks in Hong Kong. In: Proceedings of the International Conference on Security and Management (SAM). Las Vegas, USA

  28. Subsorn P, Limwiriyakul S (2012) A case study of internet banking security of Mainland Chinese Banks: A customer perspective. In: 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks. IEEE, pp 189–195

  29. Subsorn, P., Limwiriyakul, S.: An investigation of internet banking security of selected licensed banks in Vietnam. Walailak J Sci Technol (WJST) 13, 411–432 (2016)

    Google Scholar 

  30. Yusuf, S.E.: An empirical analysis of security on nigerian’s internet banking platform: an end user’s perspective. Int J Comput App Technol Res 4, 823–828 (2015). https://doi.org/10.7753/ijcatr0411.1008

    Article  Google Scholar 

  31. Mueni, M.F., Muchiri, M.G.: An assessment framework for Internet banking system reliability. Int. J. Technol. Comput. Sci. Eng. 1(3), 88–100 (2014)

    Google Scholar 

  32. Wazid, M., Zeadally, S., Das, A.K.: Mobile banking: evolution and threats: malware threats and security solutions. IEEE Consumer Electron Mag 8, 56–60 (2019)

    Article  Google Scholar 

  33. Nie J, Hu X (2008) Mobile banking information security and protection methods. In: 2008 International Conference on Computer Science and Software Engineering. IEEE, pp 587–590

  34. Manohar, A.L., Yau, K.L., Ling, M.H., Khan, S.: A security-enhanced cluster size adjustment scheme for cognitive radio networks. IEEE Access 13(7), 117–130 (2018)

    Google Scholar 

  35. Jan, S., Panichella, A., Arcuri, A., Briand, L.: Automatic generation of tests to exploit XML injection vulnerabilities in web applications. IEEE Trans Software Eng 45(4), 335–362 (2017)

    Article  Google Scholar 

  36. Ahmad, A., Din, S., Paul, A., Jeon, G., Aloqaily, M., Ahmad, M.: Real-time route planning and data dissemination for urban scenarios using the internet of things. IEEE Wirel Commun 26(6), 50–55 (2019)

    Article  Google Scholar 

  37. Ullaha, H., Islam, N., Jan, Z., Farman, H., Jan, B., Jeon, G., Ahmad, A.: Optic disc segmentation and classification in color fundus images: a resource-aware healthcare service in smart cities. J Ambient Intell Humanized Comput 30, 1–3 (2018)

    Google Scholar 

  38. Ahmad, A., Khan, M., Paul, A., Din, S., Rathore, M.M., Jeon, G., Choi, G.S.: Toward modeling and optimization of features selection in Big Data based social Internet of Things. Futur Gener Comput Syst 1(82), 715–726 (2018)

    Article  Google Scholar 

  39. Ahmad, A., Cuomo, S., Wu, W., Jeon, G.: Intelligent algorithms and standards for interoperability in internet of things. Futur Gener Comput Syst 92, 1187–1191 (2019)

    Article  Google Scholar 

  40. Khan, M., Din, S., Gohar, M., Ahmad, A., Cuomo, S., Piccialli, F., Jeon, G.: Enabling multimedia aware vertical handover management in internet of things based heterogeneous wireless networks. Multimed Tools App 76(24), 25919–25941 (2017)

    Article  Google Scholar 

  41. Ahmad, A., Paul, A., Din, S., Rathore, M.M., Choi, G.S., Jeon, G.: Multilevel data processing using parallel algorithms for analyzing big data in high-performance computing. Int J Parallel Prog. 46(3), 508–527 (2018)

    Article  Google Scholar 

  42. Rathore, M.M., Son, H., Ahmad, A., Paul, A., Jeon, G.: Real-time big data stream processing using GPU with spark over hadoop ecosystem. Int J Parallel Prog. 46(3), 630–646 (2018)

    Article  Google Scholar 

  43. Rahman, S., Masood, F., Khan, K.W.U., Khan, N., Khan, F.Q., Tsarmirsis, G., Jan, S., Ashraf, M.: A novel approach of image steganography for secure communication based on LSB substitution technique. CMC-Comput Mater Continua 64(1), 31–61 (2020)

    Article  Google Scholar 

  44. Ishaque, M., Khan, F.Q., Sattar, S.A.: Investigation of steganalysis algorithms for multiple cover media. Ubiquitous Comput Commun J 6(5), 9–20 (2011)

    Google Scholar 

  45. Demšar, J.: Statistical comparisons of classifiers over multiple data sets. J Mach Learn Res 7, 1–30 (2006)

    MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

This research work is based on the MS thesis of Sana Khattak (first author) carried out at the department of Computer Science and Information Technology, University of Engineering & Technology, Peshawar, Pakistan, and submitted to Higher Education Commission (HEC) Pakistan.

Funding

This research is funded by the Higher Education Commission (HEC), Pakistan, through its initiative of National Center for Cyber Security for the affiliated Security Testing- Innovative Secured Systems Lab (ISSL) established at University of Engineering & Technology (UET) Peshawar, Grant No: 2(1078)/HEC/M&E/2018/707.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Sadeeq Jan.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Khattak, S., Jan, S., Ahmad, I. et al. An effective security assessment approach for Internet banking services via deep analysis of multimedia data. Multimedia Systems 27, 733–751 (2021). https://doi.org/10.1007/s00530-020-00680-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00530-020-00680-7

Keywords

Navigation