Abstract-Passwords are used for user authentication by almost every Internet service today, despite a number of wellknown weaknesses. Numerous attempts to replace passwords have failed, in part because changing users' behavior has proven to be difficult. One approach to strengthening password-based authentication without changing user experience is to classify login attempts into normal and suspicious activity based on a number of parameters such as source IP, geo-location, browser configuration, and time of day. For the suspicious attempts, the service can then require additional verification, e.g., by an additional phone-based authentication step. Systems working along these principles have been deployed by a number of Internet services but have never been studied publicly. In this work, we perform the first public evaluation of a classification system for user authentication. In particular:(i) We develop a statistical framework for identifying suspicious login attempts. (ii) We develop a fully functional prototype implementation that can be evaluated efficiently on large datasets. (iii) We validate our system on a sample of real-life login data from LinkedIn as well as simulated attacks, and demonstrate that a majority of attacks can be prevented by imposing additional verification steps on only a small fraction of users. (iv) We provide a systematic study of possible attackers against such a system, including attackers targeting the classifier itself.
The proliferation of information providers has led to an increased number of users browsing the World Wide Web. 'lime-consuming interaction and increased network loads are some of the adverse effects of browsing activities. This paper presents a design based on agent technology and the use of structured information, that significantly lowers network load and hits user-interaction by automating the task of browsing. combines the use of Knowledge Query and Manipulation Language (KQML)[14] and Java[3] to design a scalable model for agent communication. KQML is a protocol for information exchange among agents. Java is an objectoriented, interpretive language specifically developed for heterogeneous, platform-independent, distributed network computing.Our design enables us to pass object-oriented Java code in declarative KQML messages.It is our belief that building a model based on these ideas, should significantly lower network load and limit user-interaction by automating the task of browsing and composing information. It is our hypothesis that agent technology significantly reduces the complexity of browsing wide-area information by reducing communication and filtering overhead as well as by distributing the workload. In a simplistic view, an agent accepts specifications for the desired information, interacts with relevant information providers, and composes information from various information sources to fit the user's specification. Our goal is to make the infrastructure as general as possible in order to accommodate a wide range of information content and agent-based tmmactions.Specifically, our work addresses the issues of automating the task of browsing by executing content filtering and evaluation at remote sites. In addition, we believe that wellstntctured information content eases the task of automated browsing by agents.We demonstrate this by using the Nebula File System[8] for storage and retrieval of content via agents. The Nebula F1le System is a prototype wide-area information system, that offers a model for organizing and storing structured information.Section 2 describes the problems and issues regarding 296 browsing. In section 3 we present the idea of an agent and discuss some of the design issues involved. We also present the agent primitives in particular, content primitives, communication primitives and movement primitives for mobile agents. Section 4 demonstrates a small example.Section 5 discusses background and related work.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.