English
Related papers

Related papers: Behavioural Analytics: Beyond Risk-based MFA

200 papers

Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their…

Cryptography and Security · Computer Science 2020-10-16 Andrew Kinai , Fred Otieno , Nelson Bore , Komminist Weldemariam

Risk-based authentication (RBA) extends authentication mechanisms to make them more robust against account takeover attacks, such as those using stolen passwords. RBA is recommended by NIST and NCSC to strengthen password-based…

Cryptography and Security · Computer Science 2023-01-05 Stephan Wiefling , Jan Tolsdorf , Luigi Lo Iacono

Multi-Factor Authentication is intended to strengthen the security of password-based authentication by adding another factor, such as hardware tokens or one-time passwords using mobile apps. However, this increased authentication security…

Cryptography and Security · Computer Science 2023-09-20 Sabrina Amft , Sandra Höltervennhoff , Nicolas Huaman , Alexander Krause , Lucy Simko , Yasemin Acar , Sascha Fahl

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for…

Cryptography and Security · Computer Science 2021-01-22 Vassilis Papaspirou , Leandros Maglaras , Mohamed Amine Ferrag , Ioanna Kantzavelou , Helge Janicke , Christos Douligeris

Risk-based authentication (RBA) aims to strengthen password-based authentication rather than replacing it. RBA does this by monitoring and recording additional features during the login process. If feature values at login time differ…

Cryptography and Security · Computer Science 2021-10-26 Stephan Wiefling , Markus Dürmuth , Luigi Lo Iacono

Biometrics is used to authenticate an individual based on physiological or behavioral traits. Mouse dynamics is an example of a behavioral biometric that can be used to perform continuous authentication as protection against security…

Signal Processing · Electrical Eng. & Systems 2023-12-05 Sultan Almalki , Prosenjit Chatterjee , Kaushik Roy

Despite being more secure and strongly promoted, two-factor (2FA) or multi-factor (MFA) schemes either fail to protect against recent phishing threats such as real-time MITM, controls/relay MITM, malicious browser extension-based phishing…

Cryptography and Security · Computer Science 2024-06-14 Sneha Shukla , Gaurav Varshney , Shreya Singh , Swati Goel

Risk-based Authentication (RBA) is an adaptive security measure that improves the security of password-based authentication by protecting against credential stuffing, password guessing, or phishing attacks. RBA monitors extra features…

Cryptography and Security · Computer Science 2020-09-15 Stephan Wiefling , Tanvi Patil , Markus Dürmuth , Luigi Lo Iacono

To prevent password breaches and guessing attacks, banks increasingly turn to two-factor authentication (2FA), requiring users to present at least one more factor, such as a one-time password generated by a hardware token or received via…

Cryptography and Security · Computer Science 2015-01-20 Kat Krol , Eleni Philippou , Emiliano De Cristofaro , M. Angela Sasse

In the past two decades, the number of mobile products being created by companies has grown exponentially. However, although these devices are constantly being upgraded with the newest features, the security measures used to protect these…

Cryptography and Security · Computer Science 2024-09-04 Laura Pryor , Rushit Dave , Naeem Seliya , Evelyn R Sowells Boone

In the realm of computer security, the importance of efficient and reliable user authentication methods has become increasingly critical. This paper examines the potential of mouse movement dynamics as a consistent metric for continuous…

Artificial Intelligence · Computer Science 2024-03-07 Rushit Dave , Marcho Handoko , Ali Rashid , Cole Schoenbauer

Biometrics technologies are gaining popularity today since they provide more reliable and efficient means of authentication and verification. Keystroke Dynamics is one of the famous biometric technologies, which will try to identify the…

Cryptography and Security · Computer Science 2009-10-06 D. Shanmugapriya , G. Padmavathi

Online services have difficulties to replace passwords with more secure user authentication mechanisms, such as Two-Factor Authentication (2FA). This is partly due to the fact that users tend to reject such mechanisms in use cases outside…

Cryptography and Security · Computer Science 2023-03-23 Vincent Unsel , Stephan Wiefling , Nils Gruschka , Luigi Lo Iacono

Among user authentication methods, behavioural biometrics has proven to be effective against identity theft as well as user-friendly and unobtrusive. One of the most popular traits in the literature is keystroke dynamics due to the large…

Computer Vision and Pattern Recognition · Computer Science 2022-10-05 Giuseppe Stragapede , Paula Delgado-Santos , Ruben Tolosana , Ruben Vera-Rodriguez , Richard Guest , Aythami Morales

Cyber-security analysts face an increasingly large number of alerts received on any given day. This is mainly due to the low precision of many existing methods to detect threats, producing a substantial number of false positives. Usually,…

Cryptography and Security · Computer Science 2022-09-28 Iwona Hawryluk , Henrique Hoeltgebaum , Cole Sodja , Tyler Lalicker , Joshua Neil

Most keystroke dynamics studies have been evaluated using a specific kind of dataset in which users type an imposed login and password. Moreover, these studies are optimistics since most of them use different acquisition protocols, private…

Machine Learning · Computer Science 2012-07-04 Romain Giot , Mohamad El-Abed , Christophe Rosenberger

Authenticated lateral movement via compromised accounts is a common adversarial maneuver that is challenging to discover with signature- or rules-based intrusion detection systems. In this work a behavior-based approach to detecting…

Cryptography and Security · Computer Science 2021-04-30 Brian A. Powell

One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login…

Cryptography and Security · Computer Science 2018-03-07 Abbas Acar , Hidayet Aksu , A. Selcuk Uluagac , Kemal Akkaya

Continuous authentication has been proposed as a complementary security mechanism to password-based authentication for computer devices that are handled directly by humans, such as smart phones. Continuous authentication has some privacy…

Cryptography and Security · Computer Science 2022-09-15 Sigurd Eskeland , Ahmed Fraz Baig

Since the introduction of bcrypt in 1999, adaptive password hashing functions, whereby brute-force resistance increases symmetrically with computational difficulty for legitimate users, have been our most powerful post-breach countermeasure…

Cryptography and Security · Computer Science 2023-08-31 Vivek Nair , Dawn Song