Who Are You? A Statistical Approach to Measuring User Authenticity. Freeman, D., Jain, S., Duermuth, M., Biggio, B., & Giacinto, G. In Proceedings of the Network and Distributed Systems Security Symposium (NDSS), 2, 2016.
Who Are You? A Statistical Approach to Measuring User Authenticity [link]Website  abstract   bibtex   
Passwords are used for user authentication by almost every Internet service today, despite a number of well-known weaknesses. Numerous attempts to replace passwords have failed, in part because changing users' behavior has proven to be difficult. One approach to strengthening password-based authentication without changing user experience is to classify login attempts into normal and suspicious activity based on a number of parameters such as source IP, geo-location, browser configuration, and time of day. For the suspicious attempts, the service can then require additional verification, e.g., by an additional phone-based authentication step. Systems working along these principles have been deployed by a number of Internet services but have never been studied publicly. In this work, we perform the first public evaluation of a classification system for user authentication. In particular: (i) We develop a statistical framework for identifying suspicious login attempts. (ii) We develop a fully functional prototype implementation that can be evaluated efficiently on large datasets. (iii) We validate our system on a sample of real-life login data from LinkedIn as well as simulated attacks, and demonstrate that a majority of attacks can be prevented by imposing additional verification steps on only a small fraction of users. (iv) We provide a systematic study of possible attackers against such a system, including attackers targeting the classifier itself.
@inProceedings{
 title = {Who Are You? A Statistical Approach to Measuring User Authenticity},
 type = {inProceedings},
 year = {2016},
 identifiers = {[object Object]},
 keywords = {authenticity,fingerprinting,passwords},
 websites = {http://dx.doi.org/10.14722/ndss.2016.23240},
 month = {2},
 id = {01ef825b-591f-3e8e-bc56-33c7fa3759da},
 created = {2018-07-12T21:32:10.586Z},
 file_attached = {false},
 profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
 group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
 last_modified = {2018-07-12T21:32:10.586Z},
 read = {false},
 starred = {false},
 authored = {false},
 confirmed = {true},
 hidden = {false},
 citation_key = {freeman:statistical16},
 source_type = {inproceedings},
 private_publication = {false},
 abstract = {Passwords are used for user authentication by almost every Internet service today, despite a number of well-known weaknesses. Numerous attempts to replace passwords have failed, in part because changing users' behavior has proven to be difficult. One approach to strengthening password-based authentication without changing user experience is to classify login attempts into normal and suspicious activity based on a number of parameters such as source IP, geo-location, browser configuration, and time of day. For the suspicious attempts, the service can then require additional verification, e.g., by an additional phone-based authentication step. Systems working along these principles have been deployed by a number of Internet services but have never been studied publicly. In this work, we perform the first public evaluation of a classification system for user authentication. In particular: (i) We develop a statistical framework for identifying suspicious login attempts. (ii) We develop a fully functional prototype implementation that can be evaluated efficiently on large datasets. (iii) We validate our system on a sample of real-life login data from LinkedIn as well as simulated attacks, and demonstrate that a majority of attacks can be prevented by imposing additional verification steps on only a small fraction of users. (iv) We provide a systematic study of possible attackers against such a system, including attackers targeting the classifier itself.},
 bibtype = {inProceedings},
 author = {Freeman, David and Jain, Sakshi and Duermuth, Markus and Biggio, Battista and Giacinto, Giorgio},
 booktitle = {Proceedings of the Network and Distributed Systems Security Symposium (NDSS)}
}

Downloads: 0