Visualizing Keyboard Pattern Passwords

2010 ◽  
Vol 10 (2) ◽  
pp. 127-133 ◽  
Author(s):  
Dino Schweitzer ◽  
Jeff Boleng ◽  
Colin Hughes ◽  
Louis Murphy

Passwords are fundamental security vulnerabilities in many systems. Several researchers have investigated the trade-off between password memorability versus resiliency to cracking and have looked at alternative systems such as graphical passwords and biometrics. To create stronger passwords, many systems enforce rules regarding the required length and types of characters passwords must contain. Another suggested approach is to use passphrases to combat dictionary attacks. One common ‘trick’ used to remember passwords that conform to complex rules is to select a pattern of keys on the keyboard. Although appearing random, the pattern is easy to remember. The purpose of this research was to investigate how often patterns are used, whether patterns could be classified into common categories, and whether those categories could be used to attack and defeat pattern-based passwords. Visualization techniques were used to collect data and assist in pattern categorization. The approach successfully identified 2 out of 11 passwords in a real-world password file that were not discovered with a traditional dictionary attack. This article will present the approach used to collect and categorize patterns, and describe the resulting attack method that successfully identified passwords in a live system.

2014 ◽  
Vol 2014 ◽  
pp. 1-7 ◽  
Author(s):  
Junghyun Nam ◽  
Kim-Kwang Raymond Choo ◽  
Minkyu Park ◽  
Juryon Paik ◽  
Dongho Won

Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.


2019 ◽  
Vol 9 (5) ◽  
pp. 4808-4812
Author(s):  
S. Hamid ◽  
N. Z. Bawany ◽  
S. Khan

Text-based passwords are widely used for the authentication of digital assets. Typically, password security and usability is a trade-off, i.e. easy-to-remember passwords have higher usability that makes them vulnerable to brute-force and dictionary attacks. Complex passwords have stronger security but poor usability. In order to strengthen the security in conjunction with the improved usability, we hereby propose a novel graphical authentication system. This system is a picture-based password scheme which comprises of the method of image splicing. Authentication data were collected from 33 different users. The usability of the method was evaluated via a comparison between the number of correct and incorrect authentication attempts and time taken. Additionally, a comparison was made between our proposed method and a complex text-based password authentication method using the authentication success rate. Authentication using image splicing proved to be resilient to brute-force attacks since the processing of images consumes a voluminous password space. The evaluation of the usability revealed that graphical passwords were easy-to-remember, resulting in a higher number of correct attempts. The proposed method produced 50% higher success rate compared to the text-based method. Findings motivate the use of the proposed method for securing digital assets.


Author(s):  
Julian Berk ◽  
Sunil Gupta ◽  
Santu Rana ◽  
Svetha Venkatesh

In order to improve the performance of Bayesian optimisation, we develop a modified Gaussian process upper confidence bound (GP-UCB) acquisition function. This is done by sampling the exploration-exploitation trade-off parameter from a distribution. We prove that this allows the expected trade-off parameter to be altered to better suit the problem without compromising a bound on the function's Bayesian regret. We also provide results showing that our method achieves better performance than GP-UCB in a range of real-world and synthetic problems.


2010 ◽  
Vol 3 (2) ◽  
pp. 1-8
Author(s):  
David Antoni ◽  
Freddy Leal

Regulations are often imposed in order to correct any failures in the market, whether the failure is a result of the functioning of a market or the behaviour of a government. However, every regulatory intervention br ings up a question: How ethical is the regulation? Even if a regulatory intervention could achieve more effici ency or more equity, it may not mean that it is ethi cal. The concept of ethics is ne cessarily subjective, it is based on the morals and standards of a society. Yet even though a society may be concerned about ethics, the issues of equity and altrui sm matter as does the way in which firms produce and seek to rationally an d efficiently maximize profit. Defining ethics is a difficul t issue, and defining ethical regu lation is even more difficult. Any form of regulation is a tool for interv ention used to balanc e the trade-off between efficiency and equity to create harmony between a market or economy and the society it functions within. In an ideal world, any go vernment intervention implemented would be for the greater benefit of all. However, this does not always happen in the vicissitudes of the real world when governments regulate an d intervene in markets, which are, in turn, based on the principle of rational self-interest and efficiency. In this paper we discuss the role of society in market regu lation. The discussion will focus on the importance of society on ethics and therefore on what constitutes ethical regulations. In fact we argue that equity, effi ciency or even failures are not the main factors to consider when regulating. It is society that defines ethics and how society understands ethics influences the regulatory environment


Author(s):  
Artur Gorokh ◽  
Siddhartha Banerjee ◽  
Krishnamurthy Iyer

Nonmonetary mechanisms for repeated allocation and decision making are gaining widespread use in many real-world settings. Our aim in this work is to study the performance and incentive properties of simple mechanisms based on artificial currencies in such settings. To this end, we make the following contributions: For a general allocation setting, we provide two black-box approaches to convert any one-shot monetary mechanism to a dynamic nonmonetary mechanism using an artificial currency that simultaneously guarantees vanishing gains from nontruthful reporting over time and vanishing losses in performance. The two mechanisms trade off between their applicability and their computational and informational requirements. Furthermore, for settings with two agents, we show that a particular artificial currency mechanism also results in a vanishing price of anarchy.


2011 ◽  
Vol 2 (3) ◽  
pp. 49-60
Author(s):  
Toyohide Watanabe ◽  
Kentaro Uesugi

The demand bus is a new transportation means, which is timely planned and runs order by order in accordance with independent requests of individual customers. Demand buses are alternative transportation vehicles, replacing traditional routing-oriented buses. In this paper, the authors address the characteristic issues, attend to the practical operations, and estimate and evaluate the trade-off strategies between usage convenience and cost management. The main idea, which is established from the features among parameters interpretatively, is to make use of visualization techniques and apply a self-organizing map (SOM) to this visualization. The authors display the co-related classification results computed individually from several selected parameters to keep their meaningful correspondence.


2020 ◽  
Author(s):  
Alon Eden ◽  
Michal Feldman ◽  
Ophir Friedler ◽  
Inbal Talgam-Cohen ◽  
S. Matthew Weinberg

Recent literature on approximately optimal revenue maximization has shown that in settings where agent valuations for items are complement free, the better of selling the items separately and bundling them together guarantees a constant fraction of the optimal revenue. However, most real-world settings involve some degree of complementarity among items. The role that complementarity plays in the trade-off of simplicity versus optimality has been an obvious missing piece of the puzzle. In “A Simple and Approximately Optimal Mechanism for a Buyer with Complements,” the authors show that the same simple selling mechanism—the better of selling separately and as a grand bundle—guarantees a $\Theta(d)$ fraction of the optimal revenue, where $d$ is a measure of the degree of complementarity. One key modeling contribution is a tractable notion of “degree of complementarity” that admits meaningful results and insights—they demonstrate that previous definitions fall short in this regard.


2020 ◽  
Vol 110 (4) ◽  
pp. 1206-1230 ◽  
Author(s):  
Abhijit V. Banerjee ◽  
Sylvain Chassang ◽  
Sergio Montero ◽  
Erik Snowberg

This paper studies the problem of experiment design by an ambiguity-averse decision-maker who trades off subjective expected performance against robust performance guarantees. This framework accounts for real-world experimenters’ preference for randomization. It also clarifies the circumstances in which randomization is optimal: when the available sample size is large and robustness is an important concern. We apply our model to shed light on the practice of rerandomization, used to improve balance across treatment and control groups. We show that rerandomization creates a trade-off between subjective performance and robust performance guarantees. However, robust performance guarantees diminish very slowly with the number of rerandomizations. This suggests that moderate levels of rerandomization usefully expand the set of acceptable compromises between subjective performance and robustness. Targeting a fixed quantile of balance is safer than targeting an absolute balance objective. (JEL C90, D81)


2005 ◽  
Vol 4 (4) ◽  
pp. 239-256 ◽  
Author(s):  
Ji Soo Yi ◽  
Rachel Melton ◽  
John Stasko ◽  
Julie A. Jacko

The use of multivariate information visualization techniques is intrinsically difficult because the multidimensional nature of data cannot be effectively presented and understood on real-world displays, which have limited dimensionalities. However, the necessity to use these techniques in daily life is increasing as the amount and complexity of data grows explosively in the information age. Thus, multivariate information visualization techniques that are easier to understand and more accessible are needed for the general population. In order to meet this need, the present paper proposes Dust & Magnet, a multivariate information visualization technique using a magnet metaphor and various interactive techniques. The intuitive magnet metaphor and subsequent interactions facilitate the ease of learning this multivariate information visualization technique. A visualization tool such as Dust & Magnet has the potential to increase the acceptance of and utility for multivariate information by a broader population of users who are not necessarily knowledgeable about multivariate information visualization techniques.


2011 ◽  
Vol 2 (2) ◽  
pp. 1
Author(s):  
Roy A Ruddle ◽  
David J Duke

Research by the Visualization & Virtual Reality Research Group (School of Computing, University of Leeds, UK) includes themes that focus on navigation, collaborative interaction, and gigapixel displays. The group also carries out research into visualization techniques and systems, including new systems technologies for visualization, and tools for investigating features within large datasets. This article summarizes that research and describes current projects that are taking place: Virtual trails to aid real-world navigation, Mobile geophysics, Communication breakdown in collaborative VR, Cancer diagnosis with a VR Microscope, Visual analytic interfaces for optimization, and Overlays for graph exploration.


Sign in / Sign up

Export Citation Format

Share Document