Related papers: Draw a line on your PDA to authenticate
Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…
In order to receive personalized services, individuals share their personal data with a wide range of service providers, hoping that their data will remain confidential. Thus, in case of an unauthorized distribution of their personal data…
A crucial technical challenge for cybercriminals is to keep control over the potentially millions of infected devices that build up their botnets, without compromising the robustness of their attacks. A single, fixed C&C server, for…
Cloud computing is drastically growing technology which provides an on-demand software, hardware, infrastructure and data storage as services. This technology is used worldwide to improve the business infrastructure and performance.…
Presentation Attack Detection (PAD) systems are usually designed independently of the fingerprint verification system. While this can be acceptable for use cases where specific user templates are not predetermined, it represents a missed…
Part of what makes the web successful is that anyone can publish content and browsers maintain certain safety guarantees. For example, it's safe to travel between links and make other trust decisions on the web because users can always…
In this paper, we use the ten security requirements proposed by Liao et al. for a smart card based authentication protocol to examine five recent work in this area. After analyses, we found that the protocols of Juang et al.'s , Hsiang et…
Mobile devices store a diverse set of private user data and have gradually become a hub to control users' other personal Internet-of-Things devices. Access control on mobile devices is therefore highly important. The widely accepted…
We propose a two-factor authentication (2FA) mechanism called 2D-2FA to address security and usability issues in existing methods. 2D-2FA has three distinguishing features: First, after a user enters a username and password on a login…
Password managers encourage users to generate passwords to improve their security. However, research has shown that users avoid generating passwords, often giving the rationale that it is difficult to enter generated passwords on devices…
We introduce GOTCHAs (Generating panOptic Turing Tests to Tell Computers and Humans Apart) as a way of preventing automated offline dictionary attacks against user selected passwords. A GOTCHA is a randomized puzzle generation protocol,…
System passwords serve as critical credentials for user authentication and access control when logging into operating systems or applications. Upon entering a valid password, users pass verification to access system resources and execute…
In spite of existence of many standard security mechanisms for ensuring secure e-Commerce business, users still fall prey for online attacks. One such simple but powerful attack is 'Phishing'. Phishing is the most alarming threat in the…
In recent years the amount of secure information being stored on mobile devices has grown exponentially. However, current security schemas for mobile devices such as physiological biometrics and passwords are not secure enough to protect…
The conventional device authentication of wireless networks usually relies on a security server and centralized process, leading to long latency and risk of single-point of failure. While these challenges might be mitigated by collaborative…
This paper proposes a novel remote user authentication scheme using smart cards which allows both the authentication server (AS) and the user to verify authenticity of each other. Our scheme is efficient enough to resist the known attacks…
Today, two-factor authentication (2FA) is a widely implemented mechanism to counter phishing attacks. Although much effort has been investigated in 2FA, most 2FA systems are still vulnerable to carefully designed phishing attacks, and some…
The rapid advancement of generative AI has underscored the critical need for identifying image ownership and protecting copyrights. This makes post-processing image watermarking an essential tool -- it involves embedding a specific…
Nowadays, traditional authentication methods are vulnerable to face attacks that are often based on inherent security issues. Professional attackers leverage adversarial offenses on the security holes. Biometrics has intrinsic advantages to…
In this paper, we analyze the security of an RFID authentication protocol proposed by Liu and Bailey [1], called Privacy and Authentication Protocol (PAP), and show its vulnerabilities and faulty assumptions. PAP is a privacy and…