is is th this re really yo you an em empi pirical st stud
play

Is Is Th This Re Really Yo You? ? An Em Empi pirical St Stud - PowerPoint PPT Presentation

Sep 22, 2022 •225 likes •752 views

Bonneau et al.: Passwords and the evolution of imperfect authentication. Comm. ACM 58(7) (Jun 2015) Image: Iwona Usakiewicz / Andrij Borys Associates Is Is Th This Re Really Yo You? ? An Em Empi pirical St Stud udy on n Ri Risk-Bas

  1. Bonneau et al.: Passwords and the evolution of imperfect authentication. Comm. ACM 58(7) (Jun 2015) Image: Iwona Usakiewicz / Andrij Borys Associates Is Is Th This Re Really Yo You? ? An Em Empi pirical St Stud udy on n Ri Risk-Bas Based Au Authen entication Ap Applied ed in th the Wi Wild Stephan Wiefling, Luigi Lo Iacono – TH Köln – University of Applied Sciences Markus Dürmuth – Ruhr University Bochum Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 1

  2. Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 2

  3. Mo Motiva tivatio tion § Weaknesses in password-based authentication increase § Large-scale password database leaks § Credential Stuffing § Intelligent password guessing* § Phishing *Wang et al.: Targeted online password guessing: An underestimated threat. In CCS ’16. ACM (2016) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 3

  4. Mo Motiva tivatio tion § 2FA is unpopular § <10% of all Google accounts used 2FA in January 2018* à Using Risk-based Authentication to increase account security with minimal impact on user interaction *Milka, G.: Anatomy of Account Takeover. In: Enigma 2018. USENIX (Jan 2018) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 4

  5. IP address User agent ... Username Password Risk estimation Risk: Low Medium High Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 5

  6. IP: Lisbon, PT Chrome Windows 10 ... Username Password Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 6

  7. IP: Lisbon, PT Chrome Windows 10 „Same device as ... always“ Username Password Risk estimation Low risk Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 7

  8. IP: Ber Berlin, n, DE Chrome An Andro roid 8 8.1 .1 ... Username Password Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 8

  9. IP: Ber Berlin, n, DE Chrome „There‘s An Andro roid 8 8.1 .1 something different here“ ... Username Password Additional Risk estimation Authentication Medium risk Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 9

  10. IP: Ber Berlin, n, DE Chrome „There‘s Andro An roid 8 8.1 .1 something different here“ ... Username Password Additional Risk estimation Authentication Medium risk Proof for additional authentication Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 10

  11. IP: Ne New York, US* Ph PhantomJS Li Linux ... Username Password *Known spam IP address Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 11

  12. IP: Ne New York, US* PhantomJS Ph „Very likely a Linux Li hacker“ ... Username Password Risk estimation High risk *Known spam IP address Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 12

  13. Ris Risk-ba based Au Authentic icatio ion § Recommended by NIST digital identity guidelines* § Used by large online services § However: Procedures not disclosed *Grassi et al.: Digital identity guidelines. Tech. Rep. NIST SP 800-63b (2017) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 13

  14. Ris Risk-ba based Au Authentic icatio ion § Recommended by NIST digital identity guidelines* § Used by large online services § However: Procedures not disclosed § Prevents widespread adoption *Grassi et al.: Digital identity guidelines. Tech. Rep. NIST SP 800-63b (2017) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 14

  15. Ris Risk-ba based Au Authentic icatio ion § Recommended by NIST digital identity guidelines* § Used by large online services § However: Procedures not disclosed à Black-box testing eight popular online services *Grassi et al.: Digital identity guidelines. Tech. Rep. NIST SP 800-63b (2017) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 15

  16. Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 16

  17. ? Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 17

  18. Lo Login IP IP ad addre ress Us User Ag Agent ... ... ? Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 18

  19. Lo Login IP IP ad addre ress Us User Ag Agent ... ... Login ? 1 TH Köln Chrome ... Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 19

  20. Lo Login IP IP ad addre ress Us User Ag Agent ... ... Login ? 1 TH Köln Chrome ... 2 TH Köln Chrome ... Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 20

  21. Lo Login IP IP ad addre ress Us User Ag Agent ... ... Login ? 1 TH Köln Chrome ... 2 TH Köln Chrome ... 3 TH Köln Chrome ... Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 21

  22. Lo Login IP IP ad addre ress Us User Ag Agent ... ... Login ? 1 TH Köln Chrome ... 2 TH Köln Chrome ... 3 TH Köln Chrome ... ... ... ... .... 20 TH Köln Chrome ... Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 22

  23. Lo Login IP IP ad addre ress Us User Ag Agent ... ... ? 1 TH Köln Chrome ... 2 TH Köln Chrome ... </> 3 TH Köln Chrome ... ... ... ... .... 20 TH Köln Chrome ... Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 23

  24. Lo Login IP IP ad addre ress Us User Ag Agent ... ... Login ? 1 TH Köln Chrome ... 2 TH Köln Chrome ... </> 3 TH Köln Chrome ... ... ... ... .... 20 TH Köln Chrome ... Ot Other 21 Chrome ... Co Country Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 24

  25. Lo Login IP IP ad addre ress User Ag Us Agent ... ... Login ? 1 TH Köln Chrome ... 2 TH Köln Chrome ... </> 3 TH Köln Chrome ... ... ... ... .... , or ? 20 TH Köln Chrome ... Ot Other 21 Chrome ... Co Country Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 25

  26. It It‘s ‘s no not t that that ea easy sy... Login history influences risk score Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 26

  27. It It‘s ‘s no not t that that ea easy sy... Login history influences risk score Solution: Create many user accounts Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 27

  28. It It‘s ‘s no not t that that ea easy sy... Automated testing influences result Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 28

  29. It It‘s ‘s no not t that that ea easy sy... Automated testing influences result Solution: Create human-like browsingbehavior Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 29

  30. 28x Identities Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 30

  31. 28x Human RBA User Testing Imitation Log RBA Inspection System Identities Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 31

  32. 28x 224 User Accounts Human RBA User Testing Imitation Log RBA Inspection System Inspected Services Identities Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 32

  33. It It‘s ‘s st still n not ot that that ea easy sy... List of potential features is huge Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 33

  34. It It‘s ‘s st still n not ot that that ea easy sy... List of potential features is huge Solution: Test most relevant* features *Citations in literature, Highest distinguishing info in Alaca and van Oorschot Alaca, F., van Oorschot, P.C.: Device Fingerprinting for augmenting web authentication. In: Proc. ACSAC '16. pp. 289-301. ACM (2016) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 34

  35. It It‘s ‘s st still n not ot that that ea easy sy... RB RBA references count Feature Fea re (e (except *) Di Distingui uishing info* ●●●●○ ������ IP IP a address ●●●●○ ��� Us User agent string ●●●●○ ��� Language La ●●●●○ �� Di Display resolut ution ●●●○○ ����� Lo Login time me ●●●●● � Evercookies ●●●○○ ��� Canvas fingerprinting Mouse and keystroke dynamics � - �� - Failed login attempts ●●●○○ WebRTC - ●●○○○ Counting hosts behind NAT - ●○○○○ Ad blocker detection - * Alaca, F., van Oorschot, P.C.: Device Fingerprinting for augmenting web authentication. In: Proc. ACSAC '16. pp. 289-301. ACM (2016) Stephan Wiefling, Luigi Lo Iacono, Markus Dürmuth Lisbon, Portugal | IFIPSEC 2019 35

Recommend

Com paring W eb Applications w ith Desktop Applications: An Em pirical Study Paul Pop

Com paring W eb Applications w ith Desktop Applications: An Em pirical Study Paul Pop

Com paring W eb Applications w ith Desktop Applications: An Em pirical Study Paul Pop paupo@ida.liu.se Department of Computer and Information Science Linkping University Sweden 1 of 13 May 26, 20 0 0 Motivation and Objective Draw

519 views • 13 slides
An Em n Empi pirica rical l Exami aminatio nation n of of Col olla laborati boration on

An Em n Empi pirica rical l Exami aminatio nation n of of Col olla laborati boration on

An Em n Empi pirica rical l Exami aminatio nation n of of Col olla laborati boration on as as a M a Man anag agem emen ent t Str trate ategy: gy: Par art t I I The he Skill ill Set et fo for th the Suc e

252 views • 24 slides
Assessm ent of em pirical VI V analysis tools and benchm ark w ith experim ents ( OMAE 2 0 0 8 -

Assessm ent of em pirical VI V analysis tools and benchm ark w ith experim ents ( OMAE 2 0 0 8 -

Assessm ent of em pirical VI V analysis tools and benchm ark w ith experim ents ( OMAE 2 0 0 8 - 5 7 2 1 6 ) Yiannis Constantinides, Owen Oakley Estoril, Portugal June 16 , 2008 I ntroduction and Background Most VIV designs are based on

529 views • 15 slides
The Laser Level Stud Finder is sure to be one of the most valuable tools you'll have on the

The Laser Level Stud Finder is sure to be one of the most valuable tools you'll have on the

The Laser Level Stud Finder is sure to be one of the most valuable tools you'll have on the jobsite. This 3-in-one device combines the laser level, distance measurer and stud finder all together to make an extremely handy tool. You'll reduce the

403 views • 3 slides
rd to th Novem 16 16 rd to 18 th ember ber 2018 GC GCSE Fie ield ld Stud udy y - Why y

rd to th Novem 16 16 rd to 18 th ember ber 2018 GC GCSE Fie ield ld Stud udy y - Why y

GC GCSE Fie ield ld Stud udy, , Over Overstr trand and, , Nor orfolk olk rd to th Novem 16 16 rd to 18 th ember ber 2018 GC GCSE Fie ield ld Stud udy y - Why y are re we g e goi oing? ng? It is a requirement of the new 9-1

444 views • 15 slides
Riva nna Wa te r a nd Se we r Autho rity Re se rvo ir Ma na g e me nt Stud y Ma y 24, 2016

Riva nna Wa te r a nd Se we r Autho rity Re se rvo ir Ma na g e me nt Stud y Ma y 24, 2016

Riva nna Wa te r a nd Se we r Autho rity Re se rvo ir Ma na g e me nt Stud y Ma y 24, 2016 RWSA Re se rvo ir Ma na g e me nt Stud y T e a m K e lly DiNa ta le , DiNa ta le Wa te r Co nsulta nts, Pro je c t Ma na g e r Dr. Ale xa

642 views • 23 slides
I -95 a t Be lvid e re Ro a d T ra nspo rta tio n I mpro ve me nt Stud y WE L COME VI RT

I -95 a t Be lvid e re Ro a d T ra nspo rta tio n I mpro ve me nt Stud y WE L COME VI RT

I -95 a t Be lvid e re Ro a d T ra nspo rta tio n I mpro ve me nt Stud y WE L COME VI RT UAL PROJE CT UPDAT E MAY 19, 2020 Pro je c t I ntro d uc tio n/ Ove rvie w u T he Ma ryla nd T ra nspo rta tio n Autho rity (MDT A), in

599 views • 24 slides
https ps://ww ://www.cs.ub w.cs.ubc. c.ca ca/s /stud tudent ents/ s/und under ergra

https ps://ww ://www.cs.ub w.cs.ubc. c.ca ca/s /stud tudent ents/ s/und under ergra

Departme partment nt of Computer puter Science nce Undergr dergrad aduat uate e Events ts for Sept 10-14 14 Mor ore e details ls @ https ps://ww ://www.cs.ub w.cs.ubc. c.ca ca/s /stud tudent ents/ s/und under ergra grad/l

741 views • 43 slides
Gustavii Stud Proven world class show jumping breeder and producer MAYBE THE BEST BRED MARE IN

Gustavii Stud Proven world class show jumping breeder and producer MAYBE THE BEST BRED MARE IN

Gustavii Stud Proven world class show jumping breeder and producer MAYBE THE BEST BRED MARE IN EUROPE? bred by the GUSTAVII STUD may now be for sale for the right price A broodmare from the best stallion in his time, Baloubet du Rouet out

328 views • 3 slides
Sho how Me e the S he Stud uden ents and t nd the M he Mone ney $$$! Nationwide

Sho how Me e the S he Stud uden ents and t nd the M he Mone ney $$$! Nationwide

Sho how Me e the S he Stud uden ents and t nd the M he Mone ney $$$! Nationwide drop in Basic Skills enrollment starting January 2014 with GED test change &amp; increased testing fees Inspired us to explore options in our

404 views • 23 slides
STE TEM M OP OPT Work k Per ermi mission For or F-1 1 Stud udent nts O F F I C E O F

STE TEM M OP OPT Work k Per ermi mission For or F-1 1 Stud udent nts O F F I C E O F

STE TEM M OP OPT Work k Per ermi mission For or F-1 1 Stud udent nts O F F I C E O F I N T E R N A T I O N A L E D U C A T I O N 2020-2021 Edition Agend nda Topics cs Th That at Will ll Be Be Disc scusse ssed: 1. Outline

866 views • 54 slides
It It's 's Sim imple e as as AB ABC: K : Kee eepin ing Stud tuden ents ts on T n

It It's 's Sim imple e as as AB ABC: K : Kee eepin ing Stud tuden ents ts on T n

It It's 's Sim imple e as as AB ABC: K : Kee eepin ing Stud tuden ents ts on T n Track ck for Suc ucces ess s Our agenda Panel discussion (10:15 11:00) Audience Q&amp;A (11:00 11:20) Table exercise Actions

795 views • 33 slides
MA111: Contemporary mathematics Entrance Slip (due 5 min past the hour): Five friends are trying

MA111: Contemporary mathematics Entrance Slip (due 5 min past the hour): Five friends are trying

MA111: Contemporary mathematics Entrance Slip (due 5 min past the hour): Five friends are trying to decide on where to have lunch. Avery Blair Jared 1st Ovids 1st Ovids 1st Stud. Cent. Subway 2nd Stud. Cent. Subway 2nd Stud.

381 views • 7 slides
H e althy Ro o ts Pilo t Stud y Re sults FIRST NA T IO NS FO O D NUT RIT IO N A ND ENVIRO

H e althy Ro o ts Pilo t Stud y Re sults FIRST NA T IO NS FO O D NUT RIT IO N A ND ENVIRO

H e althy Ro o ts Pilo t Stud y Re sults FIRST NA T IO NS FO O D NUT RIT IO N A ND ENVIRO NMENT FO RUM KEL L Y G O RDO N, RD SI X NAT I O NS HEAL T H SERVI C ES NO V 6, 2019 Ho w the researc h pro jec t c ame to life: T he

535 views • 21 slides
Signal Processing and Data Analysis 2005-2008 21 st July 2008 Members 2008 4 PhD, 3 PosDoc (2 -

Signal Processing and Data Analysis 2005-2008 21 st July 2008 Members 2008 4 PhD, 3 PosDoc (2 -

Signal Processing and Data Analysis 2005-2008 21 st July 2008 Members 2008 4 PhD, 3 PosDoc (2 - Cincia 2007) , 2 PhD Stud 2005 (PhD , FCUP ) , PI Ana Paula Rocha Argentina Leite (PhD stud , FCUP and UTAD ) (PhD stud FCT ,

397 views • 12 slides
T ra uma Ca se Stud ie s ACS : T raum a Me di c al Di re c to r Dr. Mic ha el Person, F N MS

T ra uma Ca se Stud ie s ACS : T raum a Me di c al Di re c to r Dr. Mic ha el Person, F N MS

T ra uma Ca se Stud ie s ACS : T raum a Me di c al Di re c to r Dr. Mic ha el Person, F N MS : Cli ni c al Nurse E duc ato r- T raum a Se rvi c e s E rin Bec k, R Ave ra Mc K e nnan Ho spi tal F all off Silo F a ll 62 y/o

1.38k views • 117 slides
Em ergent Stud ent Concep tions of Geolog ic Tim e a nd their Im p lica tions for Em bod ied

Em ergent Stud ent Concep tions of Geolog ic Tim e a nd their Im p lica tions for Em bod ied

Em ergent Stud ent Concep tions of Geolog ic Tim e a nd their Im p lica tions for Em bod ied Lea rning Jaso n Mo rphew , Ro bb Lindgren, and David Bro w n Un iversity o f Illin o is at Urban a-Cham paign E mbodied L earning A ugmented through

692 views • 26 slides
Nu Numerical stud udy o of the e com omplex insta tabilit ity s structu ture i e in t

Nu Numerical stud udy o of the e com omplex insta tabilit ity s structu ture i e in t

Nu Numerical stud udy o of the e com omplex insta tabilit ity s structu ture i e in t the c e core o e of the he sawtooth thing ng plas asma i influenced d by E ECRH CRH Y. B. Nam, G. H. Choe, G. S. Yun, H. K. Park, A.

206 views • 19 slides
Nut uts &amp; &amp; Bol olts of of t the he Stud uden ent C Cen entered ed

Nut uts &amp; &amp; Bol olts of of t the he Stud uden ent C Cen entered ed

Nut uts &amp; &amp; Bol olts of of t the he Stud uden ent C Cen entered ed Fun unding g Formula la P R E S E N T E D B Y : C H E D V A W E I N G A R T E X E C U T I V E D I R E C T O R O F F I S C A L S E R V I C

596 views • 15 slides
Reso source ces s &amp; Bes Best P Practic ices t s to o Su Support Stud udent M Mental

Reso source ces s &amp; Bes Best P Practic ices t s to o Su Support Stud udent M Mental

Reso source ces s &amp; Bes Best P Practic ices t s to o Su Support Stud udent M Mental al H Health i h in Schools KidStrong Confer erenc ence e June 2 e 22, 2 2016 016 Jackie Payne, State Coordinator, WV Project AWARE, WV

346 views • 24 slides
The he pl place ce of ethn hnogra ography phy in a stud udy y on Avoidable idable Acut

The he pl place ce of ethn hnogra ography phy in a stud udy y on Avoidable idable Acut

The he pl place ce of ethn hnogra ography phy in a stud udy y on Avoidable idable Acut ute e Admiss issions ions Susann nna a Rance ce PhD Senior ior Resear earch ch Fellow low Centr tre for r Clinica inical l Trials als

587 views • 6 slides
Su Supp ppor ort t All ll Le Learne rners-Inc Including luding St Stud udents ents wit

Su Supp ppor ort t All ll Le Learne rners-Inc Including luding St Stud udents ents wit

Richard Woods, Georgias School Superintendent Educating Georgias Future gadoe.org St Strate tegies gies and nd In Inter erventions entions to o Su Supp ppor ort t All ll Le Learne rners-Inc Including luding St Stud

930 views • 41 slides
VOYAGER PAD V ascular O utcomes Stud y of A SA Alon g with Rivaroxaban in E ndovascular or Surgical

VOYAGER PAD V ascular O utcomes Stud y of A SA Alon g with Rivaroxaban in E ndovascular or Surgical

VOYAGER PAD V ascular O utcomes Stud y of A SA Alon g with Rivaroxaban in E ndovascular or Surgical Limb R evascularizations for Peripheral Artery Disease Marc P. Bonaca, Rupert M. Bauersachs, Manesh R. Patel, Sonia S. Anand, Eike Sebastian

969 views • 35 slides
VOYAGER PAD V ascular O utcomes Stud y of A SA Alon g with Rivaroxaban in E ndovascular or Surgical

VOYAGER PAD V ascular O utcomes Stud y of A SA Alon g with Rivaroxaban in E ndovascular or Surgical

VOYAGER PAD V ascular O utcomes Stud y of A SA Alon g with Rivaroxaban in E ndovascular or Surgical Limb R evascularizations for Peripheral Artery Disease Marc P. Bonaca, Rupert M. Bauersachs, Manesh R. Patel, Sonia S. Anand, Eike Sebastian

495 views • 36 slides

More recommend