English
Related papers

Related papers: Bernoulli honeywords

200 papers

As network security issues continue gaining prominence, password security has become crucial in safeguarding personal information and network systems. This study first introduces various methods for system password cracking, outlines…

Cryptography and Security · Computer Science 2026-02-11 Jiazhi Mo , Hailu Kuang , Xiaoqi Li

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

Text-based secrets are still the most commonly used authentication mechanism in information systems. IT managers must strike a balance between security and memorability while developing password policies. Initially introduced as more secure…

Cryptography and Security · Computer Science 2021-12-08 Noopa Jagadeesh , Miguel Vargas Martin

With cyber incidents and data breaches becoming increasingly common, being able to predict a cyberattack has never been more crucial. The ability of Network Anomaly Detection Systems (NADS) to identify unusual behavior makes them useful in…

Cryptography and Security · Computer Science 2021-09-09 Sevvandi Kandanaarachchi , Hideya Ochiai , Asha Rao

This paper is concerned with the synthesis of strategies in network systems with active cyber deception. Active deception in a network employs decoy systems and other defenses to conduct defensive planning against the intrusion of malicious…

Computer Science and Game Theory · Computer Science 2020-02-18 Jie Fu , Abhishek N. Kulkarni , Huan Luo , Nandi O. Leslie , Charles A. Kamhoua

Password users frequently employ passwords that are too simple, or they just reuse passwords for multiple websites. A common complaint is that utilizing secure passwords is too difficult. One possible solution to this problem is to use a…

Cryptography and Security · Computer Science 2019-06-04 Elan Rosenfeld , Santosh Vempala , Manuel Blum

This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…

Cryptography and Security · Computer Science 2024-08-14 Andrés Fábrega , Armin Namavari , Rachit Agarwal , Ben Nassi , Thomas Ristenpart

The aim of this work is to study the evolution of password selection among users. We investigate whether users follow best practices when selecting passwords and identify areas in need of improvement. Four distinct publicly-available…

Cryptography and Security · Computer Science 2018-04-12 Theodosis Mourouzis , Kyriacos E. Pavlou , Stylianos Kampakis

The feature diversity of different web systems in page elements, submission contents and return information makes it difficult to detect weak password automatically. To solve this problem, multi-factor correlation detection method as…

Cryptography and Security · Computer Science 2022-10-27 Xiang Long , Yan Huang , Zhendong Liu , Lansheng Han , Haili Sun , Jingyuan He

We present a framework by which websites can coordinate to make it difficult for users to set similar passwords at these websites, in an effort to break the culture of password reuse on the web today. Though the design of such a framework…

Cryptography and Security · Computer Science 2021-03-05 Ke Coby Wang , Michael K. Reiter

Web password recovery, enabling a user who forgets their password to re-establish a shared secret with a website, is very widely implemented. However, use of such a fall-back system brings with it additional vulnerabilities to user…

Cryptography and Security · Computer Science 2018-01-31 Fatma Al Maqbali , Chris J Mitchell

Although sufficient authentication mechanisms were enhanced by the use of two or more factors that resulted in new multi factor authentication schemes, more sophisticated and targeted attacks have shown they are also vulnerable. This…

We introduce password strength information signaling as a novel, yet counter-intuitive, defense mechanism against password cracking attacks. Recent breaches have exposed billions of user passwords to the dangerous threat of offline password…

Cryptography and Security · Computer Science 2021-08-17 Wenjie Bai , Jeremiah Blocki , Ben Harsha

Honeyfile deployment is a useful breach detection method in cyber deception that can also inform defenders about the intent and interests of intruders and malicious insiders. A key property of a honeyfile, enticement, is the extent to which…

Computation and Language · Computer Science 2022-03-16 Roelien C. Timmer , David Liebowitz , Surya Nepal , Salil Kanhere

Attacks by Advanced Persistent Threats (APTs) have been shown to be difficult to detect using traditional signature- and anomaly-based intrusion detection approaches. Deception techniques such as decoy objects, often called honey items, may…

Cryptography and Security · Computer Science 2020-07-28 Joel Chacon , Sean McKeown , Richard Macfarlane

Deception technology has proven to be a sound approach against threats to information systems. Aside from well-established honeypots, decoy elements, also known as honeytokens, are an excellent method to address various types of threats.…

Cryptography and Security · Computer Science 2021-04-09 Daniel Reti , Daniel Fraunholz , Janis Zemitis , Daniel Schneider , Hans Dieter Schotten

To prevent credential stuffing attacks, industry best practice now proactively checks if user credentials are present in known data breaches. Recently, some web services, such as HaveIBeenPwned (HIBP) and Google Password Checkup (GPC), have…

Cryptography and Security · Computer Science 2019-09-05 Lucy Li , Bijeeta Pal , Junade Ali , Nick Sullivan , Rahul Chatterjee , Thomas Ristenpart

Honeypots are decoy systems mimicking real system components designed to defend against cyber attacks. Recently, LLMs increasingly serve as simulation backbones for honeypots. They enable defenders to construct high-interaction honeypots…

Cryptography and Security · Computer Science 2026-05-29 Mark Vero , Fabian Kaczmarczyck , Ivan Petrov , Ilia Shumailov , Jamie Hayes , Niels Heinen , Tianqi Fan , Luca Invernizzi , Martin Vechev

In the field of natural language processing, the prevalent approach involves fine-tuning pretrained language models (PLMs) using local samples. Recent research has exposed the susceptibility of PLMs to backdoor attacks, wherein the…

Machine Learning · Computer Science 2023-10-31 Ruixiang Tang , Jiayi Yuan , Yiming Li , Zirui Liu , Rui Chen , Xia Hu

The use of passwords and the need to protect passwords are not going away. The majority of websites that require authentication continue to support password authentication. Even high-security applications such as Internet Banking portals,…

Networking and Internet Architecture · Computer Science 2020-11-13 Teik Guan Tan , Pawel Szalachowski , Jianying Zhou