Related papers: Decryptable to Your Eyes: Visualization of Securit…
This paper describes the process of developing data visualisations to enhance a commercial software platform for combating insider threat, whose existing UI, while perfectly functional, was limited in its ability to allow analysts to easily…
This paper proposes a novel visual model for web applications security monitoring. Although an automated intrusion detection system can shield a web application from common attacks, it usually cannot detect more complicated break-ins. So, a…
Nowadays, user authentication is one of the important topics in information security. Strong textbased password schemes could provide with certain degree of security. However, the fact that strong passwords are difficult to memorize often…
Security of an information system is only as strong as its weakest element. Popular elements of such system include hardware, software, network and people. Current approaches to computer security problems usually exclude people in their…
The design and verification of cryptographic protocols is a notoriously difficult task, even in symbolic models which take an abstract view of cryptography. This is mainly due to the fact that protocols may interact with an arbitrary…
Graphical user interface testing is significantly challenging, and automating it even more so. Test-driven development is impractical: it generally requires an initial implementation of the GUI to generate golden images or to construct…
Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into…
Cryptocurrency wallets have become the primary gateway to decentralized applications, yet users often face significant difficulty in discerning what a wallet signature actually does or entails. Prior work has mainly focused on mitigating…
Passwords are a good idea, in theory. They have the potential to act as a fairly strong gateway. In practice though, passwords are plagued with problems. They are (1) easily shared, (2) trivial to observe and (3) maddeningly elusive when…
Today, there is a plethora of software security tools employing visualizations that enable the creation of useful and effective interactive security analyst dashboards. Such dashboards can assist the analyst to understand the data at hand…
We propose a methodology for verifying security properties of network protocols at design level. It can be separated in two main parts: context and requirements analysis and informal verification; and formal representation and procedural…
Choosing authentication schemes for a specific purpose is challenging for service providers, developers, and researchers. Previous ratings of technical and objective aspects showed that available schemes all have strengths and limitations.…
A secure human identification protocol aims at authenticating human users to a remote server when even the users' inputs are not hidden from an adversary. Recently, the authors proposed a human identification protocol in the RSA Conference…
Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have…
Biometrics deal with automated methods of identifying a person or verifying the identity of a person based on physiological or behavioral characteristics. Visual cryptography is a secret sharing scheme where a secret image is encrypted into…
Phishing is a prevalent cyberattack that uses look-alike websites to deceive users into revealing sensitive information. Numerous efforts have been made by the Internet community and security organizations to detect, prevent, or train users…
Malware, a persistent cybersecurity threat, increasingly targets interconnected digital systems such as desktop, mobile, and IoT platforms through sophisticated attack vectors. By exploiting these vulnerabilities, attackers compromise the…
The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide…
We have designed and developed a simple, visual, and narrative K-12 cybersecurity curriculum leveraging the Scratch programming platform to demonstrate and teach fundamental cybersecurity concepts such as confidentiality, integrity…
Today, permissioned blockchains are being adopted by large organizations for business critical operations. Consequently, they are subject to attacks by malicious actors. Researchers have discovered and enumerated a number of attacks that…