4,109 research outputs found
Recommended from our members
NAVI: Novel authentication with visual information
Text-based passwords, despite their well-known drawbacks, remain the dominant user authentication scheme implemented. Graphical password systems, based on visual information such as the recognition of photographs and / or pictures, have emerged as a promising alternative to the aggregate reliance on text passwords. Nevertheless, despite the advantages offered they have not been widely used in practice since many open issues need to be resolved. In this paper we propose a novel graphical password scheme, NAVI, where the credentials of the user are his username and a password formulated by drawing a route on a predefined map. We analyze the strength of the password generated by this scheme and present a prototype implementation in order to illustrate the feasibility of our proposal. Finally, we discuss NAVIâs security features and compare it with existing graphical password schemes as well as text-based passwords in terms of key security features, such aspassword keyspace, dictionary attacks and guessing attacks. The proposed scheme appears to have the same or better performance in the majority of the security features examined
Smarter Password Guessing Techniques Leveraging Contextual Information and OSINT
In recent decades, criminals have increasingly used the web to research,
assist and perpetrate criminal behaviour. One of the most important ways in
which law enforcement can battle this growing trend is through accessing
pertinent information about suspects in a timely manner. A significant
hindrance to this is the difficulty of accessing any system a suspect uses that
requires authentication via password. Password guessing techniques generally
consider common user behaviour while generating their passwords, as well as the
password policy in place. Such techniques can offer a modest success rate
considering a large/average population. However, they tend to fail when
focusing on a single target -- especially when the latter is an educated user
taking precautions as a savvy criminal would be expected to do. Open Source
Intelligence is being increasingly leveraged by Law Enforcement in order to
gain useful information about a suspect, but very little is currently being
done to integrate this knowledge in an automated way within password cracking.
The purpose of this research is to delve into the techniques that enable the
gathering of the necessary context about a suspect and find ways to leverage
this information within password guessing techniques
Password Cracking and Countermeasures in Computer Security: A Survey
With the rapid development of internet technologies, social networks, and
other related areas, user authentication becomes more and more important to
protect the data of the users. Password authentication is one of the widely
used methods to achieve authentication for legal users and defense against
intruders. There have been many password cracking methods developed during the
past years, and people have been designing the countermeasures against password
cracking all the time. However, we find that the survey work on the password
cracking research has not been done very much. This paper is mainly to give a
brief review of the password cracking methods, import technologies of password
cracking, and the countermeasures against password cracking that are usually
designed at two stages including the password design stage (e.g. user
education, dynamic password, use of tokens, computer generations) and after the
design (e.g. reactive password checking, proactive password checking, password
encryption, access control). The main objective of this work is offering the
abecedarian IT security professionals and the common audiences with some
knowledge about the computer security and password cracking, and promoting the
development of this area.Comment: add copyright to the tables to the original authors, add
acknowledgement to helpe
Recommended from our members
Searching for Prosociality in Qualitative Data: Comparing Manual, Closed-Vocabulary, and Open-Vocabulary Methods
Although most people present themselves as possessing prosocial traits, people differ in the extent to which they actually act prosocially in everyday life. Qualitative data that were not ostensibly collected to measure prosociality might contain information about prosocial dispositions that is not distorted by selfâpresentation concerns. This paper seeks to characterise charitable donors from qualitative data. We compared a manual approach of extracting predictors from participantsâ selfâdescribed personal strivings to two automated approaches: A summation of words predefined as prosocial and a support vector machine classifier. Although variables extracted by the support vector machine predicted donation behaviour well in the training sample ( N = 984), virtually, no variables from any method significantly predicted donations in a holdout sample ( N = 496). Ratersâ attempts to predict donations to charity based on reading participantsâ personal strivings were also unsuccessful. However, ratersâ predictions were associated with past charitable involvement. In sum, predictors derived from personal strivings did not robustly explain variation in charitable behaviour, but personal strivings may nevertheless contain some information about trait prosociality. The sparseness of personal strivings data, rather than the irrelevance of openâended text or individual differences in goal pursuit, likely explains their limited value in predicting prosocial behaviour. Š 2020 European Association of Personality Psycholog
Decentralised multimedia development by the content experts
This paper describes the possibility to develop interactive educational material by the content expert (teacher). It is suggested to develop small modules of flexible material that can be easily changed similar to traditional lecture presentations. The features of such material include:
⢠Learning by problem solving and application of knowledge (constructing knowledge).
⢠Easy internet on-line implementation of software pieces via Shockwave technology. At the same time CD-Rom versions of the same programs can be marketed.
⢠Integrated assessment by progress tracking and uploading via the web.
⢠Feel of ownership (avoiding the Ïnot invented here syndromeÎ) of the program by the teacher.
⢠Possible exchangeability of small modules between different courses.
⢠Built in recording of student comments for improving and debugging program for the next year
⢠Facilitated input by students (over a year by year updating).
⢠Teachers develop expertise in using the modern and effective teaching tools.
⢠Teachers can put into practice much more effectively than before the educational principles learned from staff development sessions such as (self paced learning, problem based learning, deep learning, constructive learning).
⢠Student feedback (questionnaire) indicated that > 85% of students found the program modules were more effective and more ÏfunÎ learning than traditional method
Traditional Wisdom and Monte Carlo Tree Search Face-to-Face in the Card Game Scopone
We present the design of a competitive artificial intelligence for Scopone, a
popular Italian card game. We compare rule-based players using the most
established strategies (one for beginners and two for advanced players) against
players using Monte Carlo Tree Search (MCTS) and Information Set Monte Carlo
Tree Search (ISMCTS) with different reward functions and simulation strategies.
MCTS requires complete information about the game state and thus implements a
cheating player while ISMCTS can deal with incomplete information and thus
implements a fair player. Our results show that, as expected, the cheating MCTS
outperforms all the other strategies; ISMCTS is stronger than all the
rule-based players implementing well-known and most advanced strategies and it
also turns out to be a challenging opponent for human players.Comment: Preprint. Accepted for publication in the IEEE Transaction on Game
- âŚ