Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards A User-Centric Identity-Usage Monitoring System - ICIMP 2008 - Daisuke Mashima and Mustaque Ahamad College of Computing Georgia Institute of Technology.

Published byNickolas Page Modified over 9 years ago

Similar presentations

Presentation on theme: "Towards A User-Centric Identity-Usage Monitoring System - ICIMP 2008 - Daisuke Mashima and Mustaque Ahamad College of Computing Georgia Institute of Technology."— Presentation transcript:

1 Towards A User-Centric Identity-Usage Monitoring System - ICIMP 2008 - Daisuke Mashima and Mustaque Ahamad College of Computing Georgia Institute of Technology Georgia, USA Partly Supported by I3P

2 Outline Background and motivation Limitations of existing approaches Design goals for user-centric monitoring Proof of concept in OpenID setting Conclusion

3 Background and Motivation Increasing threat of online identity theft and misuse –Ranked in the first place for the 7 th year in a row in FTC report Prevention is not perfect –Insufficient attention to Site Authentication Image or SSL icon –Physical theft of a device and removable storage –Malwares –Social engineering –And more… Monitoring and detection mechanisms are also required.

4 Existing Schemes: Fraud Detection Systems Aim to detect fraudulent activities –Misuse of stolen credit card information –Cellular cloning, theft of calling card or cellular phone

5 Limitations of Existing Schemes Limited or no user control –Users do not have option to enable or disable monitoring Privacy concern –Users have no choice about what kind of information is captured and stored on SP Lack of generality –System is designed in service-specific way –A dedicated system is required for each site

6 Design Goals Users must be able to trust the monitoring system –Users should be able to choose an entity that they can trust Preferably resides on a networked trusted party –Identity usage must be reliably captured and made available to monitoring system Users should have flexible control over the monitoring system –Legitimate users should be able to turn on/off the monitoring system –Users should have choice about what information is captured and used for monitoring purpose

7 Design Goals Contd. Monitoring system must offer generality without lowering effectiveness –By using context information, the monitoring system can handle identity credentials used for accessing general services –Engaging users closely in the anomaly detection process is important. Make users attentive –Push alert or periodic reports Provide interface to obtain feedback from user

8 Overview of Proposed Architecture

9 Context Information for Monitoring Who? –What platform a user commonly uses to access online services OS fingerprinting (nmap, p0f, etc.) User-Agent in web setting To whom? –Identifier of a service provider that a user is talking to Where? –IP Geolocation (MaxMind, Delay-based schemes, etc.) –Whois record When? –Timestamp of usage –Day of week, week of month, hour of day etc.

10 Context-based Anomaly Detection Time –Significant change in frequency of access –Anomalous access pattern Location –Deviation of geographic location in normal usage pattern –Light-speed contradiction Device Fingerprint –Unseen device type in the past

11 Basic OpenID Architecture Authentication credential for OpenID provider could be stolen by phishing An adversary could imitate service provider site to retrieve identity credential from legitimate OpenID provider

12 Proof of Concept in OpenID

13 Evaluation: Generality Can support any kind of services that rely on OpenID No change is required at user side Can be modified and applied to other types of systems

14 Evaluation: Performance Increase of response time is acceptable even when multi-user setting. NetworkThreadsMonitoringReq. / SecTime / Req. LAN1YES2.2540.443 NO1.7820.566 CATV1YES1.6140.612 NO1.4040.712 5YES4.508- NO3.708-

15 Evaluation: Security Context-based monitoring makes identity misuse more difficult Risk of phishing attack can be mitigated Periodic reports help shorten the window of vulnerability Authentication to control monitoring system must be isolated from OpenID authentication

16 Evaluation: Usability Pushing usage summary periodically reduces users’ burden Context information makes reports or alerts easy to understand

17 Conclusion Proposed requirements for user-centric monitoring and identified design goals Showed a proof of concept in OpenID setting and evaluated it Future work –Implementation in other types of architecture Other identity management systems –GUIDE-ME Email-based system –Explore more sophisticated mechanism for context-based anomalous usage detection

18 18 Thank you very much. (mashima@cc.gatech.edu)

Download ppt "Towards A User-Centric Identity-Usage Monitoring System - ICIMP 2008 - Daisuke Mashima and Mustaque Ahamad College of Computing Georgia Institute of Technology."

Similar presentations

Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.

Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.
User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology.

User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology.
Sharing Content and Experience in Smart Environments Johan Plomp, Juhani Heinila, Veikko Ikonen, Eija Kaasinen, Pasi Valkkynen 1.

Sharing Content and Experience in Smart Environments Johan Plomp, Juhani Heinila, Veikko Ikonen, Eija Kaasinen, Pasi Valkkynen 1.
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
MedVault: Ensuring Security and Privacy for Medical Data Mustaque Ahamad, Douglas Blough, Ling Liu, David Bauer, Apurva Mohan, Daisuke Mashima, Bhuvan.

MedVault: Ensuring Security and Privacy for Medical Data Mustaque Ahamad, Douglas Blough, Ling Liu, David Bauer, Apurva Mohan, Daisuke Mashima, Bhuvan.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®

Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
1 On Protecting Private Information in Social Networks: A Proposal Bo Luo 1 and Dongwon Lee 2 1 The University of Kansas, 2 The Pennsylvania.

1 On Protecting Private Information in Social Networks: A Proposal Bo Luo 1 and Dongwon Lee 2 1 The University of Kansas, 2 The Pennsylvania.
Credit Card Fingerprint Scanner Dennis Seran CS 410 / Spring 2004.

Credit Card Fingerprint Scanner Dennis Seran CS 410 / Spring 2004.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.

Security Models for Trusting Network Appliances From : IEEE ( 2002 ) Author : Colin English, Paddy Nixon Sotirios Terzis, Andrew McGettrick Helen Lowe.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Similar presentations

Ads by Google