1,721,030 research outputs found
Collusion detection in online bridge
No full textCollusion is a major unsolved security problem in online bridge: by illicitly exchanging card informa- tion over the telephone, instant messenger or the like, cheaters can gain huge advantages over honest play- ers. It is very hard if not impossible to prevent collu- sion from happening. Instead, we motivate an AI-based detection approach and discuss its challenges. We chal- lenge the AI community to create automated methods for detecting collusive traces left in game records with an accuracy that can be achieved by human masters
Scams in modern societies: how does China differ from the world?
No full textWe study a set of high-profile scams that were well engineered and have hit people hard in China in recent years. We propose a simple but novel theoretical framework to examine psychological, situational and social fabric factors that have played a role in these scams. We also use this framework as a tool to explore scam countermeasures. In so doing, we identify how these Chinese scams differ from their Western counterparts
Evolution of Cybersecurity Subdisciplines: A Science of Science Study
No full textThe science of science is an emerging field that studies the practice of science itself. We present the first study of the cybersecurity discipline from a science of science perspective. We examine the evolution of two comparable interdisciplinary communities in cybersecurity: the Symposium on Usable Privacy and Security (SOUPS) and Financial Cryptography and Data Security (FC)
From Sicilian mafia to Chinese "scam villages"
No full textInspired by Gambetta's theory on the origins of the mafia in Sicily, we report a geo-concentrating phenomenon of scams in China, and propose a novel economic explanation. Our analysis has some policy implications
A Honey Turing Test
No full textHow shall we distinguish computers from humans once machines can pass the Turing test? We explore the concept of a Honey Turing test, in which machines are given trap questions designed to reveal their identities. Importantly, this test must also ensure that humans are not mistakenly classified as computers. The judge in this setting can be either a human or a machine
Gender bias in password managers
No full textFor the first time, we report gender bias in people's choice and use of password managers, through a semi-structured interview (n=18) and a questionnaire-based survey (n=200), conducted `in the wild'). Not only do women and men prefer different types of password managers, but software features that women and men frequently use also differ. These differences are statistically significant. The factors that women and men consider the most important or influential in choosing their password managers differ, too. Choice of convenience and brand are on the top of the women's consideration, whereas security and the number of features top the list for men. This difference is statistically significant
Acceleration attacks on PBKDF2 Or, what is inside the black-box of oclHashcat?
No full textThe Password Based Key Derivation Function v2 (PBKDF2) is an important cryptographic primitive that has practical relevance to many widely deployed security systems. We investigate accelerated attacks on PBKDF2 with commodity GPUs, reporting the fastest attack on the primitive to date, outperforming the previous state-of-the-art oclHashcat. We apply our attack to Microsoft .NET framework, showing that a consumer-grade GPU can break an ASP.NET password in less than 3 hours, and we discuss the application of our attack to WiFi Protected Access (WPA2). We consider both algorithmic optimisations of crypto primitives and OpenCL kernel code optimisations and empirically evaluate the contribution of individual optimisations on the overall acceleration. In contrast to the common view that GPU acceleration is primarily driven by massively parallel hardware architectures, we demonstrate that a proportionally larger contribution to acceleration is made through effective algorithmic optimisations. Our work also contributes to understanding what is going on inside the black box of oclHashcat.</p
An investigation of cheating in online games
No full textCheating is rampant in current gameplay on the Internet. However, it isn't as well understood as we might expect. The authors summarize the various known methods of cheating and define a taxonomy of online game cheating with respect to the underlying vulnerability, consequence, and cheating principal. This taxonomy provides a systematic introduction to the characteristics of cheats in online games and how they can arise. Although cheating in online games is largely due to various security failures, the four traditional aspects of securityconfidentiality, integrity, availability, and authenticityare insufficient to explain it. Instead, fairness becomes a vital additional aspect, and its enforcement provides a convincing perspective for understanding security techniques' role in developing and operating online games
Wallcamera: reinventing the wheel?
No full textDeveloped at MIT CSAIL, the Wallcamera has captivated the public's imagination. Here, we show that the key insight underlying the Wallcamera is the same one that underpins the concept and the prototype of differential imaging forensics (DIF), both of which were validated and reported several years prior to the Wallcamera's debut. Rather than being the first to extract and amplify invisible signals -- aka latent evidence in the forensics context -- from wall reflections in a video, or the first to propose activity recognition following that approach, the Wallcamera's actual innovation is achieving activity recognition at a finer granularity than DIF demonstrated. In addition to activity recognition, DIF as conceived has a number of other applications in forensics, including 1) the recovery of a photographer's personal identifiable information such as body width, height, and even the color of their clothing, from a single photo, and 2) the detection of image tampering and deepfake videos
Differential imaging forensics: a feasibility study
No full textWe motivate and develop a new line of digital forensics. In the meanwhile, we propose a novel approach to photographer identification, a rarely explored authorship attribution problem. We report a proof-of-concept study, which shows the feasibility of our method. Our contributions include a new forensic method for photographer de-anonymization and revealing a novel privacy threat which had been ignored before. The success of our creation builds on top of a new optical side-channel which we have discovered, as well as on how to exploit it effectively. We also make the first attempt to bridge side channels and inverse problems, two fields that appear to be completely isolated from each other but have deep connections
- …
