Iasonas Polakis, Panagiotis Ilia, Federico Maggi, Marco Lancini, Georgios Kontaxis, Stefano Zanero, Sotiris Ioannidis, and Angelos D. Keromytis. In Proceedings.

Slides:

Advertisements

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Advertisements

Georgios Kontaxis, Michalis Polychronakis Angelos D. Keromytis, Evangelos P. Markatos Siddhant Ujjain (2009cs10219) Deepak Sharma (2009cs10185)

A Low-cost Attack on a Microsoft CAPTCHA Yan Qiang,

MESA LAB Two papers in IFAC14 Guimei Zhang MESA LAB MESA (Mechatronics, Embedded Systems and Automation) LAB School of Engineering, University of California,

Detecting Computer Intrusions Using Behavioral Biometrics Ahmed Awad E. A, and Issa Traore University of Victoria PST’05 Oct 13,2005.

Chapter 1 – Introduction

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Detecting Image Region Duplication Using SIFT Features March 16, ICASSP 2010 Dallas, TX Xunyu Pan and Siwei Lyu Computer Science Department University.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Building Robust and Automatic Authentication Systems with Activity- Based Personal Questions Mentor: Danfeng Yao Anitra Babic Chestnut Hill College Computer.

Applied Cryptography for Network Security

ENEE408G Capstone Design Project: Multimedia Signal Processing Group 1 By : William “Chris” Paul Louis Lo Jang-Hyun Ko Ronald McLaren Final Project : V-LOCK.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Genetically optimized face image CAPTCHA

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Robust Digital Right Management Scheme (DRM) for Multimedia Anuj Maheshwari Victor Sutan

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Biometrics: Identity Verification in a Networked World

© 2013 IBM Corporation Efficient Multi-stage Image Classification for Mobile Sensing in Urban Environments Presented by Shashank Mujumdar IBM Research,

Unsafe Exposure Analysis of Mobile In-App Advertisements Offense: Rachel Stonehirsch.

Evaluation Methods for Social Systems Joan DiMicco IBM Research Center for Social Software.

Digital Watermarking Parag Agarwal

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

On the Security of Picture Gesture Authentication Ziming Zhao †‡, Gail-Joon Ahn †‡, Jeong-Jin Seo †, Hongxin Hu § † Arizona State University ‡ GFS Technology.

Jason Polakis and Sotiris Ioannidis, FORTH-ICS, Greece; Marco Lancini, Federico Maggi, and Stefano Zanero, Politecnico di Milano, Italia; Georgios Kontaxis.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.

FaceTrust: Assessing the Credibility of Online Personas via Social Networks Michael Sirivianos, Kyungbaek Kim and Xiaowei Yang in collaboration with J.W.

CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.

Internet Skills The World Wide Web (Web) consists of billions of interconnected pages of information from a wide variety of sources. In this section: Web.

Protecting Sensitive Labels in Social Network Data Anonymization.

Simulation Of A Cooperative Protocol For Common Control Channel Implementation Prepared by: Aishah Thaher Shymaa Khalaf Supervisor: Dr.Ahmed Al-Masri.

WP4 deliverable Critical Infrastructure Protection: Attack Prevention Solutions and Attacks.

Phishing Webpage Detection Jau-Yuan Chen COMS E6125 WHIM March 24, 2009.

IMAGINATION: A Robust Image-based CAPTCHA Generation System Ritendra Datta, Jia Li, and James Z. Wang The Pennsylvania State University – University Park.

A System for Denial-of- Service Attack Detection Based on Multivariate Correlation Analysis.

Cryptography and Network Security (CS435) Part One (Introduction)

Summary of Distributed Computing Security Yifeng Zou Georgia State University

Georgios Kontaxis‡, Michalis Polychronakis‡, Angelos D. Keromytis‡, and Evangelos P.Markatos* ‡Columbia University and *FORTH-ICS USENIX-SEC (August, 2012)

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

Feature Detection in Ajax-enabled Web Applications Natalia Negara Nikolaos Tsantalis Eleni Stroulia 1 17th European Conference on Software Maintenance.

By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.

Wireless communications and mobile computing conference, p.p , July 2011.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Presented by Sharan Dhanala

COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.

A Supervised Machine Learning Algorithm for Research Articles Leonidas Akritidis, Panayiotis Bozanis Dept. of Computer & Communication Engineering, University.

Security Analysis of a Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption Scheme.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

CAP Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

Honeywords: Making Passwords-Cracking Detectable Ari Jules, Ronald L. Rivest Presented by: Karthik Padullaparty | kpad470 October 14, Karthik Padullaparty.

Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, and Giovanni Vigna Proceedings.

Usability of CAPTCHAs Or usability issues in CAPTCHA design Authors: Jeff Yan and Ahmad Salah El Ahmad Presented By: Kim Giglia CSC /19/2008.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Chapter 23 by Glenn Johnson e-Portfolios: Processing and Dissemination of Professional Accomplishments.

Keystroke eavesdropping attacks with WiFi signals

Xiaohong (Dorothy) Yuan North Carolina A&T State University 11/16/2017

Unsupervised Face Alignment by Robust Nonrigid Mapping

CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.

A maximum likelihood estimation and training on the fly approach

Novel Multiple Spatial Watermarking Technique in Color Images

Presentation transcript:

Iasonas Polakis, Panagiotis Ilia, Federico Maggi, Marco Lancini, Georgios Kontaxis, Stefano Zanero, Sotiris Ioannidis, and Angelos D. Keromytis. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp ACM, Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication Presented by: Roshan Pawar.

Summary 2 The paper revisits the concept of Social Authentication (SA) and proposes a system which generates challenges that are robust against the attacks on SA. The paper also demonstrates a novel attack technique against the social authentication, that is more effective and efficient than previously presented techniques. The authors experimentally confirm the robustness of the proposed solution against the three template matching algorithm: The correlation coefficient (CCOEFF), Cross correlation (CCORR) and Squared dierence (SQDIFF). Furthermore, the authors claim that after using the proposed solution the face detection software fails to detect even a single face, whereas users identify their friends in over 94.38% of photos with faces unrecognizable by software.

Motivation 3 The main motivation to propose a new design in Social Authentication(SA) was due to the authors confidence in SA as an promising approach in preventing unauthorized access in a user friendly manner. Hence, my focus of presentation would be on authors perspective of preventing unauthorized access.

Social Authentication 4 Fig. Shows a typical SA example on Facebook and this is taken from the cited paper ‘Social authentication: harder than it looks’ published in Proceedings Of the 2012 Financial Cryptography and Data Security conference. Springer.

Attacks on social authentication 5  Face recognition technique.  The image comparison attacks by creating the collection of images of the victim and his friends. (Novel type of attack demonstrated by authors)

Proposed design 6 Steps in the proposed design o Face extraction o Photo categorization. o Tag transformation. o Photo transformation. Then novel transformation process for creating SA challenge to template matching algorithms such as: o The correlation coefficient (CCOEFF). o Cross correlation (CCORR). o Squared dierence (SQDIFF).

Evaluation of user study 7 In medium portraits the success rate was 97% And in difficult portraits the success rate was 92.1% Users also identified their friends in 77.7% of the pages that contained the photos of animals.

The authors final thoughts 8  The proposed approach could be applied for security services offered by online social networking websites.  In web service to provide the feature of user-specific CAPTCHA.  In banking websites as an addition to two-factor authentication.

Personal thoughts 9 The social authentication can be vulnerable if the attacker is a close friend of a victim. To log in through the social authentication setup for a user having a large number of friends, it is fairly difficult to identify the medium and difficult level of photos. How effective is the social authentication in a case of an elderly person or in a case of persons who have low cognitive skills? The Authors consider the SA as a promising approach in preventing unauthorized access, However, I think that:

Thank you Questions?