Mitigating real-time phishing in Time-based One-Time Password applications using behavioral analysis

Abstract

Time-based One-Time Password (TOTP) applications enhance online security by providing an additional authentication layer. However, they are vulnerable to real-time phishing attacks, where attackers deceive users into entering their TOTP codes on fraudulent websites. Since TOTP codes are valid for a short duration and cannot be reused, traditional security mechanisms struggle to detect and prevent their misuse in real-time. Attackers can intercept these codes and immediately use them to gain unauthorized access before they expire, bypassing standard authentication defenses. This dissertation presents a behavioral analysis approach to mitigate real-time phishing attacks on TOTP systems. An algorithm was designed to detect suspicious activity by analyzing user behavior patterns, such as login frequency, location, device type, and interaction anomalies. The algorithm flags potential phishing attempts in real-time by establishing a baseline for normal usage and identifying deviations. A proof-of-concept prototype was developed using a data-driven prototyping methodology to validate the effectiveness of this approach. The results confirm that integrating behavioral analysis into TOTP applications provides proactive security by detecting and responding to phishing threats before authentication codes are exploited.

Keywords: Time-based One-Time Passwords, Behavioral Analysis, Real-Time Phishing, Authentication