An empirical biometric-based study for user identification from different roles in the online game League of Legends

© 2017 CEUR-WS. All rights reserved. The popularity of computer games has grown exponentially in the last few years. In some games, players can choose to play with different characters from a pre-defined list, exercising distinct roles in each match. Although such games were created to promote competition and promote self-improvement, there are several recurrent issues. One that has received the least amount of attention is the problem of "account sharing" so far is when a player pays more experienced players to progressing in the game. The companies running those games tend to punish this behaviour, but this specific case is hard to identify. The aim of this study is to use a database of mouse and keystroke dynamics biometric data of League of Legends players as a case study to understand the specific characteristics a player will keep (or not) when playing different roles and distinct characters

Secure and Usable User Authentication

Authentication is a ubiquitous task in users\u27 daily lives. The dominant form of user authentication are text passwords. They protect private accounts like online banking, gaming, and email, but also assets in organisations. Yet, many issues are associated with text passwords, leading to challenges faced by both, users and organisations. This thesis contributes to the body of research enabling secure and usable user authentication, benefiting both, users and organisations. To that end, it addresses three distinct challenges. The first challenge addressed in this thesis is the creation of correct, complete, understandable, and effective password security awareness materials. To this end, a systematic process for the creation of awareness materials was developed and applied to create a password security awareness material. This process comprises four steps. First, relevant content for an initial version is aggregated (i.e. descriptions of attacks on passwords and user accounts, descriptions of defences to these attacks, and common misconceptions about password and user account security). Then, feedback from information security experts is gathered to ensure the correctness and completeness of the awareness material. Thereafter, feedback from lay-users is gathered to ensure the understandability of the awareness material. Finally, a formal evaluation of the awareness material is conducted to ensure its effectiveness (i.e. whether the material improves participant\u27s ability to assess the security of passwords as well as password-related behaviour and decreases the prevalence of common misconceptions about password and user account security). The results of the evaluation show the effectiveness of the awareness material: it significantly improved the participants\u27 ability to assess the security of password-related behaviour as well as passwords and significantly decreased the prevalence of misconceptions about password and user account security. The second challenge addressed in this thesis is shoulder-surfing resistant text password entry with gamepads (as an example of very constrained input devices) in shared spaces. To this end, the very first investigation of text password entry with gamepads is conducted. First, the requirements of authentication in the gamepad context are described. Then, these requirements are applied to assess schemes already deployed in the gamepad context and shoulder-surfing resistant authentication schemes from the literature proposed for non-gamepad contexts. The results of this assessment show that none of the currently deployed and only four of the proposals in the literature fulfil all requirements. Furthermore, the results of the assessment also indicate a need for an empirical evaluation in order to exactly gauge the shoulder-surfing threat in the gamepad context and compare alternatives to the incumbent on-screen keyboard. Based on these results, two user studies (one online study and one lab study) are conducted to investigate the shoulder-surfing resistance and usability of three authentication schemes in the gamepad context: the on-screen keyboard (as de-facto standard in this context), the grid-based scheme (an existing proposal from the literature identified as the most viable candidate adaptable to the gamepad context during the assessment), and Colorwheels (a novel shoulder-surfing resistant authentication scheme specifically designed for the gamepad context). The results of these two user studies show that on-screen keyboards are highly susceptible to opportunistic shoulder-surfing, but also show the most favourable usability properties among the three schemes. Colorwheels offers the most robust shoulder-surfing resistance and scores highest with respect to participants\u27 intention to use it in the future, while showing more favourable usability results than the grid-based scheme. The third challenge addressed in this thesis is secure and efficient storage of passwords in portfolio authentication schemes. Portfolio authentication is used to counter capture attacks such as shoulder-surfing or eavesdropping on network traffic. While usability studies of portfolio authentication schemes showed promising results, a verification scheme which allows secure and efficient storage of the portfolio authentication secret had been missing until now. To remedy this problem, the (t,n)-threshold verification scheme is proposed. It is based on secret sharing and key derivation functions. The security as well as the efficiency properties of two variants of the scheme (one based on Blakley secret sharing and one based on Shamir secret sharing) are evaluated against each other and against a naive approach. These evaluations show that the two (t,n)-threshold verification scheme variants always exhibit more favourable properties than the naive approach and that when deciding between the two variants, the exact application scenario must be considered. Three use cases illustrate as exemplary application scenarios the versatility of the proposed (t,n)-threshold verification scheme. By addressing the aforementioned three distinct challenges, this thesis demonstrates the breadth of the field of usable and secure user authentication ranging from awareness materials, to the assessment and evaluation of authentication schemes, to applying cryptography to craft secure password storage solutions. The research processes, results, and insights described in this thesis represent important and meaningful contributions to the state of the art in the research on usable and secure user authentication, offering benefits for users, organisations, and researchers alike

Smart technologies and beyond: exploring how a smart band can assist in monitoring children’s independent mobility & well-being

The problem which is being investigated through this thesis is not having a device(s) or method(s) which are appropriate for monitoring a child’s vital and tracking a child’s location. This aspect is being explored by other researchers which are yet to find a viable solution. This work focuses on providing a solution that would consider using the Internet of Things for measuring and improving children’s health. Additionally, the focus of this research is on the use of technology for health and the needs of parents who are concerned about their child’s physical health and well-being. This work also provides an insight into how technology is used during the pandemic. This thesis will be based on a mixture of quantitative and qualitative research, which will have been used to review the following areas covering key aspects and focuses of this study which are (i) Children’s Independent Mobility (ii) Physical activity for children (iii) Emotions of a child (iv) Smart Technologies and (v) Children’s smart wearables. This will allow a review of the problem in detail and how technology can help the health sector, especially for children. The deliverable of this study is to recommend a suitable smart band device that enables location tracking of the child, activity tracking as well as monitoring the health and wellbeing of the child. The research also includes an element of practical research in the form of (i) Surveys, the use of smart technology and a perspective on the solution from parents. (ii) Focus group, in the form of a survey allowing opinions and collection of information on the child and what the parents think of smart technology and how it could potentially help with their fears. (iii) Observation, which allows the collection of data from children who were given six activities to conduct while wearing the Fitbit Charge HR. The information gained from these elements will help provide guidelines for a proposed solution. In this thesis, there are three frameworks which are about (i) Research process for this study (ii) Key Performance Indicators (KPIs) which are findings from the literature review and (iii) Proposed framework for the solution, all three combined frameworks can help health professionals and many parents who want an efficient and reliable device, also deployment of technologies used in the health industry for children in support of independent mobility. Current frameworks have some considerations within the technology and medical field but were not up to date with the latest elements such as parents fears within today’s world and the advanced features of technology

Forensic investigation of small-scale digital devices: a futuristic view

Small-scale digital devices like smartphones, smart toys, drones, gaming consoles, tablets, and other personal data assistants have now become ingrained constituents in our daily lives. These devices store massive amounts of data related to individual traits of users, their routine operations, medical histories, and financial information. At the same time, with continuously evolving technology, the diversity in operating systems, client storage localities, remote/cloud storages and backups, and encryption practices renders the forensic analysis task multi-faceted. This makes forensic investigators having to deal with an array of novel challenges. This study reviews the forensic frameworks and procedures used in investigating small-scale digital devices. While highlighting the challenges faced by digital forensics, we explore how cutting-edge technologies like Blockchain, Artificial Intelligence, Machine Learning, and Data Science may play a role in remedying concerns. The review aims to accumulate state-of-the-art and identify a futuristic approach for investigating SSDDs

Gait analysis from encrypted video surveillance traffic

This thesis proposes an original video-based gait analysis technique, different from others existing in the literature. We leverage deep learning techniques to analyze video sequence packet size both in a virtual and real environment. Moreover, we address the case in which encryption mechanisms are adopted and we conclude the study proposing an incremental learning framework to render the system suitable to real life applications where training data becomes progressively available over time.ope

Continuous User Authentication Using Multi-Modal Biometrics

It is commonly acknowledged that mobile devices now form an integral part of an individual’s everyday life. The modern mobile handheld devices are capable to provide a wide range of services and applications over multiple networks. With the increasing capability and accessibility, they introduce additional demands in term of security. This thesis explores the need for authentication on mobile devices and proposes a novel mechanism to improve the current techniques. The research begins with an intensive review of mobile technologies and the current security challenges that mobile devices experience to illustrate the imperative of authentication on mobile devices. The research then highlights the existing authentication mechanism and a wide range of weakness. To this end, biometric approaches are identified as an appropriate solution an opportunity for security to be maintained beyond point-of-entry. Indeed, by utilising behaviour biometric techniques, the authentication mechanism can be performed in a continuous and transparent fashion. This research investigated three behavioural biometric techniques based on SMS texting activities and messages, looking to apply these techniques as a multi-modal biometric authentication method for mobile devices. The results showed that linguistic profiling; keystroke dynamics and behaviour profiling can be used to discriminate users with overall Equal Error Rates (EER) 12.8%, 20.8% and 9.2% respectively. By using a combination of biometrics, the results showed clearly that the classification performance is better than using single biometric technique achieving EER 3.3%. Based on these findings, a novel architecture of multi-modal biometric authentication on mobile devices is proposed. The framework is able to provide a robust, continuous and transparent authentication in standalone and server-client modes regardless of mobile hardware configuration. The framework is able to continuously maintain the security status of the devices. With a high level of security status, users are permitted to access sensitive services and data. On the other hand, with the low level of security, users are required to re-authenticate before accessing sensitive service or data

Protecting the infrastructure: 3rd Australian information warfare & security conference 2002

The conference is hosted by the We-B Centre (working with a-business) in the School of Management Information System, the School of Computer & Information Sciences at Edith Cowan University. This year\u27s conference is being held at the Sheraton Perth Hotel in Adelaide Terrace, Perth. Papers for this conference have been written by a wide range of academics and industry specialists. We have attracted participation from both national and international authors and organisations. The papers cover many topics, all within the field of information warfare and its applications, now and into the future. The papers have been grouped into six streams: • Networks • IWAR Strategy • Security • Risk Management • Social/Education • Infrastructur

Survey and Analysis of Android Authentication Using App Locker

Android Smart phones have gained immense popularity over the years and is undoubtedly more popular than other operating system phones. Following the similar lines android wear was introduced. Steadily android wear is making its way into our daily lives. It helps keep track of the sleep you have, helps you reach fitness goals, keeps track of phone and helps users have easy authentication. Due to the usage of smart lock which enables phone to be unlocked as long as connected to the android wear, this leads to almost no security on both the ends as android wear before Android 5.0 has no lock. We aim to produce the existing authentication methods in android phones and wear and the threats that plague both kinds of devices. As authentication is one of the major building blocks of security, through research we aim at designing a system for android phones which will be able to protect the sensitive data on devices which will be at risk through smart lock using encryption techniques. In this proposed system, the user would be able to decide which applications are needed to be secured when he is using smart lock. This application will enable lock for those user chosen applications as soon as the smart phone device is connected to android wear and similarly disables the lock when connection is disabled between the devices and communication between devices is made secure using encryption algorithms. This application does not interfere with easy phone authentication which users demand but it makes sure data is protected and users are authenticated with the help of multiple authentication layering