Advances in IoT security: Vulnerabilities, enabled criminal services, attacks, and countermeasures
Although the Internet of Things (IoT) incorporates millions of heterogeneous devices to
provide advanced intelligent services and has greatly impacted our lives over time, it has a …
provide advanced intelligent services and has greatly impacted our lives over time, it has a …
Phish in sheep's clothing: Exploring the authentication pitfalls of browser fingerprinting
As users navigate the web they face a multitude of threats; among them, attacks that result in
account compromise can be particularly devastating. In a world fraught with data breaches …
account compromise can be particularly devastating. In a world fraught with data breaches …
Pump up password security! Evaluating and enhancing risk-based authentication on a real-world large-scale online service
S Wiefling, PR Jørgensen, S Thunem… - ACM Transactions on …, 2022 - dl.acm.org
Risk-based authentication (RBA) aims to protect users against attacks involving stolen
passwords. RBA monitors features during login, and requests re-authentication when …
passwords. RBA monitors features during login, and requests re-authentication when …
A Study of {Multi-Factor} and {Risk-Based} Authentication Availability
Password-based authentication (PBA) remains the most popular form of user authentication
on the web despite its long-understood insecurity. Given the deficiencies of PBA, many …
on the web despite its long-understood insecurity. Given the deficiencies of PBA, many …
Information Security Threats and Working from Home Culture: Taxonomy, Risk Assessment and Solutions
During the COVID-19 pandemic, most organizations were forced to implement a work-from-
home policy, and in many cases, employees have not been expected to return to the office …
home policy, and in many cases, employees have not been expected to return to the office …
Measuring cybercrime as a service (caas) offerings in a cybercrime forum
U Akyazi, MJG van Eeten… - Workshop on the …, 2021 - research.tudelft.nl
The emergence of Cybercrime-as-a-Service (CaaS) is a critical evolution in the cybercrime
landscape. A key area of research on CaaS is where and how the supply of CaaS is being …
landscape. A key area of research on CaaS is where and how the supply of CaaS is being …
[PDF][PDF] Him of Many Faces: Characterizing Billion-scale Adversarial and Benign Browser Fingerprints on Commercial Websites.
Browser fingerprints, while traditionally being used for web tracking, have recently been
adopted more and more often for defense or detection of various attacks targeting realworld …
adopted more and more often for defense or detection of various attacks targeting realworld …
What's in score for website users: A data-driven long-term study on risk-based authentication characteristics
Risk-based authentication (RBA) aims to strengthen password-based authentication rather
than replacing it. RBA does this by monitoring and recording additional features during the …
than replacing it. RBA does this by monitoring and recording additional features during the …
Is real-time phishing eliminated with {FIDO}? social engineering downgrade attacks against {FIDO} protocols
FIDO's U2F is a web-authentication mechanism designed to mitigate real-time phishing—an
attack that undermines multi-factor authentication by allowing an attacker to relay second …
attack that undermines multi-factor authentication by allowing an attacker to relay second …
[HTML][HTML] Enforcing security policies on interacting authentication systems
Security policies of authentication systems are a crucial factor in mitigating the risk of
impersonation, which is often the first stage of advanced persistent threats. Online …
impersonation, which is often the first stage of advanced persistent threats. Online …