CAPTCHA Accessibility Study of Online Forums

The rise of online forums has benefited disabled users, who take advantage of better communications and more inclusion into society. However, even with accessibility laws that are supposed to provide disabled people the same equal access as non-disabled users, sites have erected technical barriers, such as CAPTCHAs, that prevent users from taking full advantage of site capability. This study analyzes 150 online forums to determine if sites use CAPTCHAs, and what types are used. Each variety presents accessibility problems to disabled users and the results of the research show that most sites use text-based CAPTCHAs, but rarely provide alternatives that would help users with visual disabilities. The research presents alternatives that site designers may wish to consider in order to allow more disabled users to access their sites

Black Beans, Fiber, and Antioxidant Capacity Pilot Study: Examination of Whole Foods vs. Functional Components on Postprandial Metabolic, Oxidative Stress, and Inflammation in Adults with Metabolic Syndrome.

Beans (Phaseolus vulgaris) contain bioactive components with functional properties that may modify cardiovascular risk. The aims of this pilot study were to evaluate the ability of black beans to attenuate postprandial metabolic, oxidative stress, and inflammatory responses and determine relative contribution of dietary fiber and antioxidant capacity of beans to the overall effect. In this randomized, controlled, crossover trial, 12 adults with metabolic syndrome (MetS) consumed one of three meals (black bean (BB), fiber matched (FM), and antioxidant capacity matched (AM)) on three occasions that included blood collection before (fasting) and five hours postprandially. Insulin was lower after the BB meal, compared to the FM or AM meals (p < 0.0001). A significant meal × time interaction was observed for plasma antioxidant capacity (p = 0.002) revealing differences over time: AM > BB > FM. Oxidized LDL (oxLDL) was not different by meal, although a trend for declining oxLDL was observed after the BB and AM meals at five hours compared to the FM meal. Triglycerides and interleukin-6 (IL-6) increased in response to meals (p < 0.0001). Inclusion of black beans with a typical Western-style meal attenuates postprandial insulin and moderately enhances postprandial antioxidant endpoints in adults with MetS, which could only be partly explained by fiber content and properties of antioxidant capacity

Anti-Phishing Models: Main Challenges

Phishing is a form of online identity theft in which the attacker attempts to fraudulently retrieve a legitimate user\u27s account information, logon credentials or identity information in general. The compromised information is then used for withdrawing money online, taking out cash advances, or making purchases of goods and services on the accounts. Various solutions have been proposed and developed in response to phishing. As phishing is a business problem, the solutions target both non-technical and technical areas. This paper investigates the current anti-phishing solutions and critically reviews their usage, security weaknesses and their effectiveness. The analysis of these models points to a conclusion that technology alone will not completely stop phishing. What is necessary is a multi-tiered, organised approach: user awareness, technical and non-technical solutions should work together

Anti-Phishing Models: Main Challenges

Phishing is a form of online identity theft in which the attacker attempts to fraudulently retrieve a legitimate user\u27s account information, logon credentials or identity information in general. The compromised information is then used for withdrawing money online, taking out cash advances, or making purchases of goods and services on the accounts. Various solutions have been proposed and developed in response to phishing. As phishing is a business problem, the solutions target both non-technical and technical areas. This paper investigates the current anti-phishing solutions and critically reviews their usage, security weaknesses and their effectiveness. The analysis of these models points to a conclusion that technology alone will not completely stop phishing. What is necessary is a multi-tiered, organised approach: user awareness, technical and non-technical solutions should work together

A Novel Gesture-based CAPTCHA Design for Smart Devices

CAPTCHAs have been widely used in Web applications to prevent service abuse. With the evolution of computing environment from desktop computing to ubiquitous computing, more and more users are accessing Web applications on smart devices where touch based interactions are dominant. However, the majority of CAPTCHAs are designed for use on computers and laptops which do not reflect the shift of interaction style very well. In this paper, we propose a novel CAPTCHA design to utilise the convenience of touch interface while retaining the needed security. This is achieved through using a hybrid challenge to take advantages of human’s cognitive abilities. A prototype is also developed and found to be more user friendly than conventional CAPTCHAs in the preliminary user acceptance test

Analysis of Feature Models Using Alloy: A Survey

Feature Models (FMs) are a mechanism to model variability among a family of closely related software products, i.e. a software product line (SPL). Analysis of FMs using formal methods can reveal defects in the specification such as inconsistencies that cause the product line to have no valid products. A popular framework used in research for FM analysis is Alloy, a light-weight formal modeling notation equipped with an efficient model finder. Several works in the literature have proposed different strategies to encode and analyze FMs using Alloy. However, there is little discussion on the relative merits of each proposal, making it difficult to select the most suitable encoding for a specific analysis need. In this paper, we describe and compare those strategies according to various criteria such as the expressivity of the FM notation or the efficiency of the analysis. This survey is the first comparative study of research targeted towards using Alloy for FM analysis. This review aims to identify all the best practices on the use of Alloy, as a part of a framework for the automated extraction and analysis of rich FMs from natural language requirement specifications.Comment: In Proceedings FMSPLE 2016, arXiv:1603.0857

PALPAS - PAsswordLess PAssword Synchronization

Tools that synchronize passwords over several user devices typically store the encrypted passwords in a central online database. For encryption, a low-entropy, password-based key is used. Such a database may be subject to unauthorized access which can lead to the disclosure of all passwords by an offline brute-force attack. In this paper, we present PALPAS, a secure and user-friendly tool that synchronizes passwords between user devices without storing information about them centrally. The idea of PALPAS is to generate a password from a high entropy secret shared by all devices and a random salt value for each service. Only the salt values are stored on a server but not the secret. The salt enables the user devices to generate the same password but is statistically independent of the password. In order for PALPAS to generate passwords according to different password policies, we also present a mechanism that automatically retrieves and processes the password requirements of services. PALPAS users need to only memorize a single password and the setup of PALPAS on a further device demands only a one-time transfer of few static data.Comment: An extended abstract of this work appears in the proceedings of ARES 201

Cyber-crime Science = Crime Science + Information Security

Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality, integrity, and availability of information assets but is less strong on the empirical study of the effectiveness of these techniques. Crime Science studies the effect of crime prevention techniques empirically in the real world, and proposes improvements to these techniques based on this. Combining both approaches, Cyber-crime Science transfers and further develops Information Security techniques to prevent cyber-crime, and empirically studies the effectiveness of these techniques in the real world. In this paper we review the main contributions of Crime Science as of today, illustrate its application to a typical Information Security problem, namely phishing, explore the interdisciplinary structure of Cyber-crime Science, and present an agenda for research in Cyber-crime Science in the form of a set of suggested research questions