|
21.
|
Forecasting Suspicious Account Activity at Large-Scale Online Service Providers
/ Hassan Halawa ; Konstantin Beznosov ; Baris Coskun ; Meizhu Liu ; et al
[LERSSE-RefConfPaper-2018-003]
In the face of large-scale automated social engineering attacks to large online services, fast detection and remediation of compromised accounts are crucial to limit the spread of the attack and to mitigate the overall damage to users, companies, and the public at large. [...]
Published in In the proceedings of Twenty-Third International Conference on Financial Cryptography and Data Security (FC'19), St. Kitts, 2019:
Fulltext: Final-verson -  PDF; FC19-1-CameraReady-a - PDF PDF (PDFA);
|
|
22.
|
Source Attribution of Cryptographic API Misuse in Android Applications
/ Ildar Muslukhov ; Yazan Boshmaf ; Konstantin Beznosov
[LERSSE-RefConfPaper-2018-002]
Recent research suggests that 88% of Android applications that use Java cryptographic APIs make at least one mistake, which results in an insecure implementation. [...]
Published in Ildar Muslukhov, Yazan Boshmaf, Konstantin Beznosov. Source Attribution of Cryptographic API Misuse in Android Applications. Proceedings of the 13th ACM ASIA Conference on Information, Computer and Communications Security (ACM ASIACCS '18), 2018.:
Fulltext: PDF PDF (PDFA);
|
|
23.
|
Forecasting Suspicious Account Activity at Large-Scale Online Service Providers
/ Hassan Halawa ; Matei Ripeanu ; Konstantin Beznosov ; Baris Coskun ; et al
[LERSSE-REPORT-2018-001]
In the face of large-scale automated social engineering attacks to large online services, fast detection and remediation of compromised accounts are crucial to limit the spread of new attacks and to mitigate the overall damage to users, companies, and the public at large. [...]
Published in H. Halawa, M. Ripeanu, K. Beznosov, B. Coskun, and M. Liu "Forecasting Suspicious Account Activity at Large-Scale Online Service Providers", published in arXiv https://arxiv.org/abs/1801.08629v1:
Fulltext: PDF PDF (PDFA);
|
|
24.
|
Dynamically Regulating Mobile Application Permissions
/ Primal Wijesekera ; Arjun Baokar ; Lynn Tsai ; Joel Reardon ; et al
[LERSSE-etc-2018-001]
Current smartphone operating systems employ permission systems to regulate how apps access sensitive resources. [...]
Published in P. Wijesekera et al., "Dynamically Regulating Mobile Application Permissions," in IEEE Security & Privacy, vol. 16, no. 1, pp. 64-71, January/February 2018. doi: 10.1109/MSP.2018.1331031 keywords: {Computer security;Medical devices;Mobile communication;Privacy;Smart phones;IEEE Symposium on Security and Privacy;machine learning;mobile privacy;permission systems;security}, URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8283440&isnumber=8283426:
Fulltext: PDF PDF (PDFA);
|
|
25.
|
Contextualizing Privacy Decisions for Better Prediction (and Protection)
/ Primal Wijesekera ; Joel Reardon ; Irwin Reyes ; Lynn Tsai ; et al
[LERSSE-RefConfPaper-2018-001]
Modern mobile operating systems implement an ask-on-first-use policy to regulate applications’ access to private user data: the user is prompted to allow or deny access to a sensitive resource the first time an app attempts to use it. [...]
Published in Primal Wijesekera, Joel Reardon, Irwin Reyes, Lynn Tsai, Jung-Wei Chen, Nathan Good, David Wagner, Konstantin Beznosov, and Serge Egelman. Contextualizing Privacy Decisions for Better Prediction (and Protection). Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI ’18), 2018.:
Fulltext: PDF PDF (PDFA);
|
|
26.
|
Android users in the wild: Their authentication and usage behavior
/ Ahmed Mahfouz ; Ildar Muslukhov ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2017-002]
In this paper, we performed a longitudinal field study with 41 participants, who installed our monitoring framework on their Android smartphones and ran it for at least 20 days. [...]
Published in A. Mahfouz, I. Muslukhov, K. Beznosov, “Android users in the wild: Their authentication and usage behavior,” Pervasive and Mobile Computing, v. 32, 2016, 50-61.:
Fulltext: PDF PDF (PDFA);
|
|
27.
|
Decoupling data-at-rest encryption and smartphone locking with wearable devices
/ Ildar Muslukhov ; San-Tsai Sun ; Primal Wijesekera ; Yazan Boshmaf ; et al
[LERSSE-RefJnlPaper-2017-001]
Smartphones store sensitive and confidential data, e.g., business related documents or emails. [...]
Published in I. Muslukhov, S.-T. Sun, P. Wijesekera, Y. Boshmaf, K. Beznosov, “Decoupling data-at-rest encryption and smartphone locking with wearable devices,” Pervasive and Mobile Computing, v. 32, 2016, 26-34.:
Fulltext: PDF PDF (PDFA);
|
|
28.
|
The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences
/ Primal Wijesekera ; Arjun Baokar ; Lynn Tsai ; Joel Reardon ; et al
[LERSSE-RefConfPaper-2017-004]
Current smartphone operating systems regulate application permissions by prompting users on an ask-on-first-use basis. [...]
Published in P. Wijesekera, A. Baokar, L.Tsai, J. Reardon, S. Egelman, D. Wagner, K. Beznosov, “The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences,” in IEEE Symposium on Security and Privacy (IEEE S&P), San-Jose, CA, May 2017, 17 pages.:
Fulltext: PDF PDF (PDFA);
|
|
29.
|
Characterizing Social Insider Attacks on Facebook
/ Wali Ahmed Usmani ; Diogo Marques ; Ivan Beschastnikh ; Konstantin Beznosov ; et al
[LERSSE-RefConfPaper-2017-003]
Facebook accounts are secured against unauthorized access through passwords and device-level security. [...]
Published in W. A. Usmani, D. Marques, I. Beschastnikh, K. Beznosov, T. Guerreiro, L. Carrico, “Characterizing Social Insider Attacks on Facebook,” to appear in Proc. of the ACM Conference on Human Factors in Computing Systems (CHI), 2017, 11 pages.:
Fulltext: PDF PDF (PDFA);
|
|
30.
|
I’m too Busy to Reset my LinkedIn Password: On the Effectiveness of Password Reset Emails
/ Jun Ho Huh ; Hyoungshick Kim ; Swathi S.V.P. Rayala ; Rakesh B. Bobba ; et al
[LERSSE-RefConfPaper-2017-002]
A common security practice used to deal with a password breach is locking user accounts and sending out an email to tell users that they need to reset their password to unlock their account. [...]
Published in J. H. Huh, H. Kim, S. S. V. Rayala, R. B. Bobba, K. Beznosov, “I’m too busy to reset my LinkedIn password: On the effectiveness of password reset emails,” to appear in Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI), 2017, 5 pages.:
Fulltext: PDF PDF (PDFA);
|
guest ::
