Mahdi Nasrullah Al-Ameen

Towards Making Random Passwords Memorable: Leveraging Users' Cognitive Ability Through Multiple Cues

Given the choice, users produce passwords reflecting common strategies and patterns that ease recall but offer uncertain and often weak security. System-assigned passwords provide measurable security but suffer from poor memorability. To address this usability-security tension, we argue that systems should assign random passwords but also help with memorization and recall. We investigate the feasibility of this approach with CuedR, a novel cued-recognition authentication scheme that provides users with multiple cues (visual, verbal, and spatial) and lets them choose the cues that best fit their learning process for later recognition of system-assigned keywords. In our lab study, all 37 of our participants could log in within three attempts one week after registration (mean login time: 38.0 seconds). A pilot study on using multiple CuedR passwords also showed 100% recall within three attempts. Based on our results, we suggest appropriate applications for CuedR, such as financial and e-commerce accounts.

ReDS: A Framework for Reputation-Enhanced DHTs

Distributed hash tables (DHTs), such as Chord and Kademlia, offer an efficient means to locate resources in peer-to-peer networks. Unfortunately, malicious nodes on a lookup path can easily subvert such queries. Several systems, including Halo (based on Chord) and Kad (based on Kademlia), mitigate such attacks by using redundant lookup queries. Much greater assurance can be provided; we present Reputation for Directory Services (ReDS), a framework for enhancing lookups in redundant DHTs by tracking how well other nodes service lookup requests. We describe how the ReDS technique can be applied to virtually any redundant DHT including Halo and Kad. We also study the collaborative identification and removal of bad lookup paths in a way that does not rely on the sharing of reputation scores, and we show that such sharing is vulnerable to attacks that make it unsuitable for most applications of ReDS. Through extensive simulations, we demonstrate that ReDS improves lookup success rates for Halo and Kad by 80 percent or more over a wide range of conditions, even against strategic attackers attempting to game their reputation scores and in the presence of node churn.

Leveraging Real-Life Facts to Make Random Passwords More Memorable

User-chosen passwords fail to provide adequate security. System-assigned random passwords are more secure but suffer from memorability problems. We argue that the system should remove this burden from users by assisting with the memorization of randomly assigned passwords. To meet this need, we aim to apply the scientific understanding of long-term memory. In particular, we examine the efficacy of augmenting a system-assigned password scheme based on textual recognition by providing users with verbal cues—real-life facts corresponding to the assigned keywords. In addition, we explore the usability gain of including images related to the keywords along with the verbal cues. We conducted a multi-session in-lab user study with 52 participants, where each participant was assigned three different passwords, each representing one study condition. Our results show that the textual recognition-based scheme offering verbal cues had a significantly higher login success rate (94 %) as compared to the control condition, i.e., textual recognition without verbal cues (61 %). The comparison between textual and graphical recognition reveals that when users were provided with verbal cues, adding images did not significantly improve the login success rate, but it did lead to faster recognition of the assigned keywords. We believe that our findings make an important contribution to understanding the extent to which different types of cues impact the usability of system-assigned passwords.

Persea: a sybil-resistant social DHT

P2P systems are inherently vulnerable to Sybil attacks, in which an attacker can have a large number of identities and use them to control a substantial fraction of the system. We propose Persea, a novel P2P system that is more robust against Sybil attacks than prior approaches. Persea derives its Sybil resistance by assigning IDs through a bootstrap tree, the graph of how nodes have joined the system through invitations. More specifically, a node joins Persea when it gets an invitation from an existing node in the system. The inviting node assigns a node ID to the joining node and gives it a chunk of node IDs for further distribution. For each chunk of ID space, the attacker needs to socially engineer a connection to another node already in the system. This hierarchical distribution of node IDs confines a large attacker botnet to a considerably smaller region of the ID space than in a normal P2P system. Persea uses a replication mechanism in which each (key,value) pair is stored in nodes that are evenly spaced over the network. Thus, even if a given region is occupied by attackers, the desired (key,value) pair can be retrieved from other regions. We compare our results with Kad, Whanau, and X-Vine and show that Persea is a better solution against Sybil attacks.

Design and evaluation of persea, a sybil-resistant DHT

P2P systems are inherently vulnerable to Sybil attacks, in which an attacker creates a large number of identities and uses them to control a substantial fraction of the system. We propose Persea, a novel P2P system that derives its Sybil resistance by assigning IDs through a bootstrap tree, the graph of how nodes have joined the system through invitations. Unlike prior Sybil-resistant P2P systems based on social networks, Persea does not rely on two key assumptions: (1) that the social network is fast mixing and (2) that there is a small ratio of attack edges to honest nodes. Both assumptions have been shown to be unreliable in real social networks. A node joins Persea when it gets an invitation from an existing node in the system. The inviting node assigns a node ID to the joining node and gives it a chunk of node IDs for further distribution. For each chunk of ID space, the attacker needs to socially engineer a connection to another node already in the system. The hierarchical distribution of node IDs confines a large attacker botnet to a considerably smaller region of the ID space than in a normal P2P system. We then build upon this hierarchical ID space to make a distributed hash table (DHT) based on the Kad network. The Persea DHT uses a replication mechanism in which each (key, value) pair is stored in nodes that are evenly spaced over the network. Thus, even if a given region is occupied by attackers, the desired (key, value pair can be retrieved from other regions. We evaluate Persea in analysis and in simulations with social network datasets and show that it provides better lookup success rates than prior work with modest overheads.

SDA-2H: Understanding the Value of Background Cover Against Statistical Disclosure

The statistical disclosure attack (SDA) is an effective method for compromising the anonymity of users in a mix based system. Cover traffic, in the form off ake or dummy messages sent by other users of the mix, is an effective defense to make the task of the attacker difficult. Our aim is to examine the effect that background cover - the cover traffic sent by other users - has on the effectiveness of statistical disclosure attacks. Since the original SDA does not explicitly account for background traffic volumes, we developed an extension to the SDA called SDA-2H that uses this information to improve upon the SDA. Based on this attack, we are able to quantify the importance of background cover traffic, which we show in simulation to be effective in many scenarios.

Making findbugs more powerful

To find bugs in software, a number of automated techniques have been developed over years. In recent years the research on finding bugs are being considered with utter importance as the automated detection of bugs plays a momentous role to minimize the cost of testing software. Findbugs is a widely used bug finding tool for java that supports plug-in architecture for adding new bug detectors. We have explored the already detected bug patterns and noticed that there are a number of bug patterns that are yet not detected by findbugs. Thus, our research is a momentous step to make findbugs more reliable and effective. We have written bug detectors to detect 8 different bug patterns. Our analysis and experiments have identified 4 bug patterns that are never detectable by findbugs. We have tested our bug patterns with PMD and have found that PMD cannot detect those bug patterns that our bug detectors can detect. We have run a number of popular applications to test the effectiveness of our bug detectors and our results show that our detectors can successfully detect the bug patterns they aim for and the percentage of false positive, reported by our detector is 15.45% that is much less than the percentage of false positive reported by findbugs.

IPersea: Towards improving the Sybil-resilience of social DHT

Abstract P2P systems are highly susceptible to Sybil attacks, in which an attacker creates a large number of identities and uses them to control a substantial fraction of the system. Persea is the most recent approach towards designing a social network based Sybil-resistant DHT. Unlike prior Sybil-resistant P2P systems based on social networks, Persea does not rely on two key assumptions: (i) that the social network is fast mixing, and (ii) that there is a small ratio of attack edges to honest peers. Both assumptions have been shown to be unreliable in real social networks. The hierarchical distribution of node IDs in Persea confines a large attacker botnet to a considerably smaller region of the ID space than in a normal P2P system and its replication mechanism lets a peer to retrieve the desired results even if a given region is occupied by attackers. However, Persea system suffers from certain limitations, since it cannot handle the scenario, where the malicious target returns an incorrect result instead of just ignoring the lookup request. In this paper, we address this major limitation of Persea through a Sybil detection mechanism built on top of Persea system, which accommodates inspection lookup, a specially designed lookup scheme to detect the Sybil nodes based on their responses to the lookup query. We design a scheme to filter those detected Sybils to ensure the participation of honest nodes on the lookup path during regular DHT lookup. Since the malicious nodes are opt-out from the lookup path in our system, they cannot return any incorrect result during regular lookup. We evaluate our system in simulations with social network datasets and the results show that catster, the largest network in our simulation with 149,700 nodes and 5,449,275 edges, gains 100% lookup success rate, even when the number of attack edges is equal to the number of benign peers in the network.

Leveraging autobiographical memory for two-factor online authentication

Purpose Two-factor authentication is being implemented more broadly to improve security against phishing, shoulder surfing, keyloggers and password guessing attacks. Although passwords serve as the first authentication factor, a common approach to implementing the second factor is sending a one-time code, either via e-mail or text message. The prevalence of smartphones, however, creates security risks in which a stolen phone leads to user’s accounts being accessed. Physical tokens such as RSA’s SecurID create extra burdens for users and cannot be used on many accounts at once. This study aims to improve the usability and security for two-factor online authentication. Design/methodology/approach The authors propose a novel second authentication factor that, similar to passwords, is also based on something the user knows but operates similarly to a one-time code for security purposes. The authors design this component to provide higher security guarantee with minimal memory burden and does not require any additional communication channels or hardware. Motivated by psychology research, the authors leverage users’ autobiographical memory in a novel way to create a secure and memorable component for two-factor authentication. Findings In a multi-session lab study, all of the participants were able to log in successfully on the first attempt after a one-week delay from registration and reported satisfaction on the usability of the scheme. Originality/value The results indicate that the proposed approach to leverage autobiographical memory is a promising direction for further research on second authentication factor based on something the user knows.