Related papers: Pitfalls in Designing Zero-Effort Deauthentication…
Password authentication is a weak point for security as passwords are easily stolen and a user may ignore the security by using a simple password. Therefore, services increasingly demand a second factor. While this may enhance security, it…
Machine unlearning has emerged as a key component in ensuring ``Right to be Forgotten'', enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set…
Password users frequently employ passwords that are too simple, or they just reuse passwords for multiple websites. A common complaint is that utilizing secure passwords is too difficult. One possible solution to this problem is to use a…
Many password alternatives for web authentication proposed over the years, despite having different designs and objectives, all predominantly rely on the knowledge of some secret. This motivates us, herein, to provide the first detailed…
Benefiting from its superior feature learning capabilities and efficiency, deep hashing has achieved remarkable success in large-scale image retrieval. Recent studies have demonstrated the vulnerability of deep hashing models to backdoor…
Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…
Shoulder surfing is an attack vector widely recognized as a real threat - enough to warrant researchers dedicating a considerable effort toward designing novel authentication methods to be shoulder surfing resistant. Despite a multitude of…
Deep neural networks (DNNs) are vulnerable to backdoor attacks, where the adversary manipulates a small portion of training data such that the victim model predicts normally on the benign samples but classifies the triggered samples as the…
User errors while performing security-critical tasks can lead to undesirable or even disastrous consequences. One major factor influencing mistakes and failures is complexity of such tasks, which has been studied extensively in prior…
Keystroke timing based active authentication systems are conceptually attractive because: (i) they use the keyboard as the sensor and are not hardware-cost prohibitive, and (ii) they use the keystrokes generated from normal usage of…
Recently, the practical needs of ``the right to be forgotten'' in federated learning gave birth to a paradigm known as federated unlearning, which enables the server to forget personal data upon the client's removal request. Existing…
The proliferation of malicious deepfake applications has ignited substantial public apprehension, casting a shadow of doubt upon the integrity of digital media. Despite the development of proficient deepfake detection mechanisms, they…
We propose a general way of constructing zero-knowledge authentication schemes from actions of a semigroup on a set, without exploiting any specific algebraic properties of the set acted upon. Then we give several concrete realizations of…
Deep neural networks have been demonstrated to be vulnerable to backdoor attacks. Specifically, by injecting a small number of maliciously constructed inputs into the training set, an adversary is able to plant a backdoor into the trained…
In security-sensitive applications, the success of machine learning depends on a thorough vetting of their resistance to adversarial data. In one pertinent, well-motivated attack scenario, an adversary may attempt to evade a deployed system…
Since the demise of the password was predicted in 2004, different attempts in industry and academia have been made to create an alternative for the use of passwords in authentication, without compromising on security and user experience.…
Presentation Attack Detection (PAD) systems are usually designed independently of the fingerprint verification system. While this can be acceptable for use cases where specific user templates are not predetermined, it represents a missed…
In a backdoor attack, an adversary inserts maliciously constructed backdoor examples into a training set to make the resulting model vulnerable to manipulation. Defending against such attacks typically involves viewing these inserted…
OpenClaw-like agents offer substantial productivity benefits, yet they are insecure by default because they combine untrusted inputs, autonomous action, extensibility, and privileged system access within a single execution loop. We use…
We present in this paper a study on the ability and the benefits of using a keystroke dynamics authentication method for collaborative systems. Authentication is a challenging issue in order to guarantee the security of use of collaborative…