English
Related papers

Related papers: Shepherd: Enabling Automatic and Large-Scale Login…

200 papers

Ransomware's escalating sophistication necessitates tamper-resistant, off-host detection solutions that capture deep disk activity beyond the reach of a compromised operating system. Existing detection systems use host/kernel signals or…

Cryptography and Security · Computer Science 2026-03-13 Md Raz , Venkata Sai Charan Putrevu , Prashanth Krishnamurthy , Farshad Khorrami , Ramesh Karri

Website Fingerprinting (WFP) uses deep learning models to classify encrypted network traffic to infer visited websites. While historically effective, prior methods fail to generalize to modern web environments. Single-page applications…

Cryptography and Security · Computer Science 2025-09-17 Chuxu Song , Dheekshith Dev Manohar Mekala , Hao Wang , Richard Martin

The widespread usage of password authentication in online websites leads to an ever-increasing concern, especially when considering the possibility for an attacker to recover the user password by leveraging the loopholes in the password…

Cryptography and Security · Computer Science 2018-04-25 Simone Raponi , Roberto Di Pietro

Internet users are vulnerable to privacy attacks despite the use of encryption. Webpage fingerprinting, an attack that analyzes encrypted traffic, can identify the webpages visited by a user in a given website. Recent research works have…

Cryptography and Security · Computer Science 2022-05-31 Gargi Mitra , Prasanna Karthik Vairam , Sandip Saha , Nitin Chandrachoodan , V. Kamakoti

Researchers have extensively explored how password creation policies influence the security and usability of user-chosen passwords, producing evidence-based policy guidelines. However, for web authentication to improve in practice, websites…

Cryptography and Security · Computer Science 2023-09-08 Suood Alroomi , Frank Li

Phishing is the simplest form of cybercrime with the objective of baiting people into giving away delicate information such as individually recognizable data, banking and credit card details, or even credentials and passwords. This type of…

Machine Learning · Computer Science 2019-05-23 Moitrayee Chatterjee , Akbar Siami Namin

With increasing technology developments, there is a massive number of websites with varying purposes. But a particular type exists within this large collection, the so-called phishing sites which aim to deceive their users. The main…

Networking and Internet Architecture · Computer Science 2020-02-19 Almaha Abuzuraiq , Mouhammd Alkasassbeh , Mohammad Almseidin

Phishing remains the most pervasive threat to the Web, enabling large-scale credential theft and financial fraud through deceptive webpages. While recent reference-based and generative-AI-driven phishing detectors achieve strong accuracy,…

Cryptography and Security · Computer Science 2026-03-03 Tailai Song , Pedro Casas , Michela Meo

Model stealing, i.e., unauthorized access and exfiltration of deep learning models, has become one of the major threats. Proprietary models may be protected by access controls and encryption. However, in reality, these measures can be…

Cryptography and Security · Computer Science 2024-05-27 Yuling Cai , Fan Xiang , Guozhu Meng , Yinzhi Cao , Kai Chen

The ubiquity of user accounts in websites and online services makes account hijacking a serious security concern. Although previous research has studied various techniques through which an attacker can gain access to a victim's account,…

Cryptography and Security · Computer Science 2022-05-23 Avinash Sudhodanan , Andrew Paverd

The escalating landscape of cyber threats, characterized by the registration of thousands of new domains daily for large-scale Internet attacks such as spam, phishing, and drive-by downloads, underscores the imperative for innovative…

Cryptography and Security · Computer Science 2024-07-11 Furkan Çolhak , Mert İlhan Ecevit , Hasan Dağ , Reiner Creutzburg

We present AuthREST, an open-source security testing tool targeting broken authentication, one of the most prevalent API security risks in the wild. AuthREST automatically tests web APIs for credential stuffing, password brute forcing, and…

Cryptography and Security · Computer Science 2025-09-15 Davide Corradini , Mariano Ceccato , Mohammad Ghafari

Browser fingerprinting is a pervasive online tracking technique used increasingly often for profiling and targeted advertising. Prior research on the prevalence of fingerprinting heavily relied on automated web crawls, which inherently…

Cryptography and Security · Computer Science 2025-02-04 Meenatchi Sundaram Muthu Selva Annamalai , Igor Bilogrevic , Emiliano De Cristofaro

To encourage users to use stronger and more secure passwords, modern web browsers offer users password management services, allowing users to save previously entered passwords locally onto their hard drives. We present Lupin, a tool that…

Cryptography and Security · Computer Science 2013-09-06 Raul Gonzalez , Eric Y. Chen , Collin Jackson

Vulnerabilities in password managers are unremitting because current designs provide large attack surfaces, both at the client and server. We describe and evaluate Horcrux, a password manager that is designed holistically to minimize and…

Cryptography and Security · Computer Science 2017-10-11 Hannah Li , David Evans

Website Fingerprinting (WFP) has traditionally focused on inferring which website a user visits from encrypted traffic metadata such as packet sizes and timing. In this paper, we identify and quantify a new privacy risk in modern web…

Cryptography and Security · Computer Science 2026-05-18 Chuxu Song , Hao Wang , Richard Martin

Recently, cybersecurity becomes more and more important due to the rapid development of Internet. However, existing methods are in reality highly sensitive to attacks and are far more vulnerable than expected, as they are lack of trustable…

Cryptography and Security · Computer Science 2018-11-28 Yu Han , Zhongru Wang , Qiang Ruan , Binxing Fang

Phishing webpages are continuously polluting the Web. Plenty of countermeasures have been proposed and the most advanced techniques leverage machine-learning methods that infer whether a webpage is benign or not by inspecting its visual…

Cryptography and Security · Computer Science 2026-05-04 Ying Yuan , Cristiano Alex Rado , Giovanni Apruzzese , Mauro Conti , Luigi Vincenzo Mancini

Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5…

Cryptography and Security · Computer Science 2020-06-02 Alessandro Ecclesie Agazzi

Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk, with phishing attacks growing by 40% in a single year. Traditional detection approaches rely on machine learning classifiers or rule-based scanners operating…

Cryptography and Security · Computer Science 2025-06-05 Avihay Cohen