3,801 research outputs found
Evaluating the effectiveness of explanations for recommender systems : Methodological issues and empirical studies on the impact of personalization
Peer reviewedPostprin
GOTCHA Password Hackers!
We introduce GOTCHAs (Generating panOptic Turing Tests to Tell Computers and
Humans Apart) as a way of preventing automated offline dictionary attacks
against user selected passwords. A GOTCHA is a randomized puzzle generation
protocol, which involves interaction between a computer and a human.
Informally, a GOTCHA should satisfy two key properties: (1) The puzzles are
easy for the human to solve. (2) The puzzles are hard for a computer to solve
even if it has the random bits used by the computer to generate the final
puzzle --- unlike a CAPTCHA. Our main theorem demonstrates that GOTCHAs can be
used to mitigate the threat of offline dictionary attacks against passwords by
ensuring that a password cracker must receive constant feedback from a human
being while mounting an attack. Finally, we provide a candidate construction of
GOTCHAs based on Inkblot images. Our construction relies on the usability
assumption that users can recognize the phrases that they originally used to
describe each Inkblot image --- a much weaker usability assumption than
previous password systems based on Inkblots which required users to recall
their phrase exactly. We conduct a user study to evaluate the usability of our
GOTCHA construction. We also generate a GOTCHA challenge where we encourage
artificial intelligence and security researchers to try to crack several
passwords protected with our scheme.Comment: 2013 ACM Workshop on Artificial Intelligence and Security (AISec
Requirements of API Documentation: A Case Study into Computer Vision Services
Using cloud-based computer vision services is gaining traction, where
developers access AI-powered components through familiar RESTful APIs, not
needing to orchestrate large training and inference infrastructures or
curate/label training datasets. However, while these APIs seem familiar to use,
their non-deterministic run-time behaviour and evolution is not adequately
communicated to developers. Therefore, improving these services' API
documentation is paramount-more extensive documentation facilitates the
development process of intelligent software. In a prior study, we extracted 34
API documentation artefacts from 21 seminal works, devising a taxonomy of five
key requirements to produce quality API documentation. We extend this study in
two ways. Firstly, by surveying 104 developers of varying experience to
understand what API documentation artefacts are of most value to practitioners.
Secondly, identifying which of these highly-valued artefacts are or are not
well-documented through a case study in the emerging computer vision service
domain. We identify: (i) several gaps in the software engineering literature,
where aspects of API documentation understanding is/is not extensively
investigated; and (ii) where industry vendors (in contrast) document artefacts
to better serve their end-developers. We provide a set of recommendations to
enhance intelligent software documentation for both vendors and the wider
research community.Comment: Early Access preprint for an upcoming issue of the IEEE Transactions
on Software Engineerin
- ā¦