发布求助
文献互助 智能选刊 最新文献

2017 International Carnahan Conference on Security Technology (ICCST)最新文献

筛选
英文 中文
Environmental effects on face recognition in smartphones 环境对智能手机人脸识别的影响
2017 International Carnahan Conference on Security Technology (ICCST) Pub Date : 2017-10-01 DOI: 10.1109/CCST.2017.8167825
Chiara Lunerti, R. Guest, Ramón Blanco-Gonzalo, R. Sánchez-Reillo, Jon Baker
{"title":"Environmental effects on face recognition in smartphones","authors":"Chiara Lunerti, R. Guest, Ramón Blanco-Gonzalo, R. Sánchez-Reillo, Jon Baker","doi":"10.1109/CCST.2017.8167825","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167825","url":null,"abstract":"Face recognition is convenient for user authentication on smartphones as it offers several advantages suitable for mobile environments. There is no need to remember a numeric code or password or carry tokens. Face verification allows the unlocking of the smartphone, pay bills or check emails through looking at the smartphone. However, devices mobility also introduces a lot of factors that may influence the biometric performance mainly regarding interaction and environment. Scenarios can vary significantly as there is no control of the surroundings. Noise can be caused by other people appearing on the background, by different illumination conditions, by different users' poses and through many other reasons. User-interaction with biometric systems is fundamental: bad experiences may derive to unwillingness to use the technology. But how does the environment influence the quality of facial images? And does it influence the user experience with face recognition? In order to answer these questions, our research investigates the user-biometric system interaction from a non-traditional point of view: we recreate real-life scenarios to test which factors influence the image quality in face recognition and, quantifiably, to what extent. Results indicate the variability in face recognition performance when varying environmental conditions using smartphones.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125984978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
One leak will sink a ship: WebRTC IP address leaks 一个泄漏会击沉一艘船:WebRTC IP地址泄漏
2017 International Carnahan Conference on Security Technology (ICCST) Pub Date : 2017-09-15 DOI: 10.1109/CCST.2017.8167801
Nasser Mohammed Al-Fannah
{"title":"One leak will sink a ship: WebRTC IP address leaks","authors":"Nasser Mohammed Al-Fannah","doi":"10.1109/CCST.2017.8167801","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167801","url":null,"abstract":"The introduction of the WebRTC API to modern browsers has brought about a new threat to user privacy. WebRTC is a set of communications protocols and APIs that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities over peer-to-peer connections. The WebRTC API causes a range of client IP addresses to become available to a visited website via JavaScript, even if a VPN is in use. This is informally known as a WebRTC Leak, and is a potentially serious problem for users using VPN services for anonymity. The IP addresses that could leak include the client public IPv6 address and the private (or local) IP address. The disclosure of such IP addresses, despite the use of a VPN connection, could reveal the identity of the client as well as enable client tracking across websites. To better understand the magnitude of this issue, we performed experiments with the five most widely used WebRTC-enabled browsers, i.e. Chrome, Firefox, Opera, Edge and Safari. We tested each of them with five widely used commercial VPN services in order to discover which client IP addresses can be revealed. Our experiments employed a specially established website which downloaded a slightly modified version of publicly available JavaScript to the client under test. The script fetches IP addresses made available via the browser WebRTC functionality. In most cases, at least one of the client IP addresses is leaked. Edge was the most seriously affected by WebRTC leaks, whereas Safari leaked no addresses at all. Our experiments revealed that the number and type of leaked IP addresses are affected by the choice of browser as well as the VPN service and program settings. We conclude the paper by proposing countermeasures that can be used to help mitigate this problem.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"os-5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127759979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Process monitoring on sequences of system call count vectors 系统调用计数向量序列的过程监控
2017 International Carnahan Conference on Security Technology (ICCST) Pub Date : 2017-07-12 DOI: 10.1109/CCST.2017.8167792
M. Dymshits, Benjamin Myara, David Tolpin
{"title":"Process monitoring on sequences of system call count vectors","authors":"M. Dymshits, Benjamin Myara, David Tolpin","doi":"10.1109/CCST.2017.8167792","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167792","url":null,"abstract":"We introduce a methodology for efficient monitoring of processes running on hosts in a corporate network. The methodology is based on collecting streams of system calls produced by all or selected processes on the hosts, and sending them over the network to a monitoring server, where machine learning algorithms are used to identify changes in process behavior due to malicious activity, hardware failures, or software errors. The methodology uses a sequence of system call count vectors as the data format which can handle large and varying volumes of data. Unlike previous approaches, the methodology introduced in this paper is suitable for distributed collection and processing of data in large corporate networks. We evaluate the methodology both in a laboratory setting on a real-life setup and provide statistics characterizing performance and accuracy of the methodology.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122233854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
AutoPass: An automatic password generator 自动通证:自动密码生成器
2017 International Carnahan Conference on Security Technology (ICCST) Pub Date : 2017-03-06 DOI: 10.1109/CCST.2017.8167791
Fatma Al Maqbali, C. Mitchell
{"title":"AutoPass: An automatic password generator","authors":"Fatma Al Maqbali, C. Mitchell","doi":"10.1109/CCST.2017.8167791","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167791","url":null,"abstract":"Text password is a very common user authentication technique. Users face a major problem, namely that of managing many site-unique and strong (i.e. non-guessable) passwords. One way of addressing this is by using a password generator, i.e. a client-side scheme which generates (and regenerates) site-specific strong passwords on demand, with minimal user input. This paper gives a detailed specification and analysis of AutoPass, a novel password generator scheme. AutoPass has been designed to address issues identified in previously proposed password generators, and incorporates novel techniques to address these issues. Unlike almost all previously proposed schemes, AutoPass enables the generation of passwords that meet important real-world requirements, including forced password changes, use of pre-specified passwords, and passwords meeting site-specific requirements.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"206 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-03-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132240322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信