Chameleon: A Novel System for Defending Eavesdropping of Secret Information Saiyma Sarmin Department of Computer.

Slides:



Advertisements
Similar presentations
Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.
Advertisements

IPads Everywhere! Management Considerations for the Enterprise Bill Morrison Director of Technology, Rapides Parish School District
Direct Attacks on Computational Devices
Trustworthy Computing in My Mind: A Case Study on Visual Password Shujun Li Visiting Student at VC Group, Microsoft Research Asia Institute of Image Processing.
Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.
05-899/ Usable Privacy and Security Colleen Koranda February 7, 2006 Usable Privacy and Security I.
1 CAPTCHA Challenges for Massively Multiplayer Online Games 2010 International Conference on Cyberworlds Authors: Yang-Wai Chow, Willy Susilo, Hua-Yu Zhou.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Towards Application Security On Untrusted OS
Authenticating with Google Glass Brandon Grey. Google Glass Input  Inputting information into google glass has been limited to either gestures or speech.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
Kok-Chie Daniel Pu - MSISPM. Wow... Daniel will be presenting a lecture on Graphical Passwords !!!
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
The Study of Security and Privacy in Mobile Applications Name: Liang Wei
Authentication Approaches over Internet Jia Li
What is Information Technology?
DCS 891C Research Seminar Summer 2004 July 16, 2004 Richard Harvey
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
EWatchdog: An Electronic Watchdog for Unobtrusive Emotion Detection based on Usage Analysis Rayhan Shikder Department.
Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September
Biometric User Authentication on Mobile Devices through Gameplay REU fellow: Kirsten Giesbrecht 1, Faculty mentor: Dr. Jonathan Voris 2 Affiliation: 1.Centre.
KAIS T In-Vehicle Secure Wireless Personal Area Network (SWPAN) Reference: S. M. Mahmud and Shobhit Shanker, “In-Vehicle Secure Wireless Personal Area.
Side Channel Attacks through Acoustic Emanations
BY CHEN YEAH TECK Image-Based Authentication for Mobile Phones: Performance and User Opinions Source: Slippery Brick (2006)
Runtime Authentication in Highly-Secured Network Systems Iftakhar Ahmad Department of Computer Science and Engineering.
Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen.
Protecting Mobile Users From Visual Privacy Attacks Mahmud Al-Noor Tareq Department of Computer Science and Engineering.
Visual Analysis of Hierarchical Management Data Zhao Geng 1, Gaurav Gathania 2, Robert S.Laramee 1 and ZhenMin Peng 1 1 Visual Computing Group, Computer.
User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB.
1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,
COMPUTER PARTS AND COMPONENTS INPUT DEVICES
Eng. Hector M Lugo-Cordero, MS CIS4361 Department of Electrical Engineering and Computer Science February, 2012 University of Central Florida.
Multifactor Identification for Internet Banking Citizens State Bank Monticello, Iowa
Ali Alhamdan, PhD National Information Center Ministry of Interior
By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.
Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.
University of Toronto at Scarborough © Kersti Wain-Bantin CSCC40 user dialogue 1 why good interface design? reduces input and usage errors lowers the cost.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Windows 7 - The User Interface. Applying Themes : Themes Styles are called as Themes and Windows 7 Themes or Styles are a formal combination of desktop.
Hardware/Software Basics Test
Important Questions Moving to the Cloud (Or even splitting the environment) Stephen Wynkoop ( )SSWUG.ORG.
Human Factors in Mobile Computing By: Ed Leland EEL
COMPUTER MAIN PARTS SANTIAGO OCAMPO MEJIA. HARDWARE  Or materials set of physical elements of a computer or a computer system.
Parts of a Computer. Two Basic Components of a Computer System Hardware Parts of the Computer System you can physically touch Software Computer Instructions.
Our Proposed Technique
Hardware/Software Basics Test Get out your DIY Test Review.
MULTI TOUCH. Introduction Multi-touch is a human-computer interaction technique. Consists of a touch screen as well as software that recognizes multiple.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.
What is Multimedia Anyway? David Millard and Paul Lewis.
Computer Security Set of slides 8 Dr Alexei Vernitski.
Enhancing PIN entry security against Shoulder-Surfing attacks Amir Tayyebi Moghaddam Master of Industrial Design Candidate 2013 Primary Advisor Dr. Young.
WEB BASED MONITORING AND CONTROLING OF INDUSTRIAL PROCESSES PRESENTED BY: Bhagyawant (3AE07EC018) Kushal (3AE07EC032) Mahantesh (3AE07EC034) Mallinath.
Real time Stock quotes by web Service and Securing XML for Web Services security. Bismita Srichandan
Maninda Edirisooriya. Introduction Extension for Google Chrome. Privacy protection system for online chat. Encrypts chat text using 128 bit AES. Decrypts.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
By: Maxwell Varner.  Description/Background  Uses for Keyloggers  Types of Keyloggers  Prevention Methods  Causes for Concern  Wrap-up  Questions/Discussion.
Using Hand Gestures for Alternative User Verification
Threat Modeling for Cloud Computing
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,
INTRODUCTION Enhanced Simplified Symmetric Key Encryption Algorithm by Mahendra kumar shrivas.
Modeling User Interactions for (Fun and) Profit Preventing Request Forgery Attacks in Web Applications Karthick Jayaraman, Grzegorz Lewandowski, Paul G.
Private and Secure Biometric User Authentication in the Web Master Thesis Defense Zaki Alsubhi Department of Computer Science University of Colorado.
Trends in my profession, Information Technology
ATM using fingerprint
Title of the Poster Experimentation and/or Theoretical Proof Findings
REU Summer Research in Computer Security
Computer Basics: How Do Computers Work? Part II
Privacy Protection for E-Health Systems by
Presentation transcript:

Chameleon: A Novel System for Defending Eavesdropping of Secret Information Saiyma Sarmin Department of Computer Science and Engineering (CSE), BUET Background Eavesdropping of secret information is usually being prevented through using cryptography-based mechanisms. Information can be eavesdropped even before being encrypted. Examples include the following: -Surreptitiously capture four-digit PIN codes typed on an iPad o Using high-definition camera from almost meters away [1] o Using wearable devices from almost 10 feet away [1] -Analyzing the sound produced by keyboards [2] -Observing the light reflected by the walls of a room [3] -Monitoring somebody typing on keyboard [4] 1.Google Glass Snoopers Can Steal Your Passcode With a Glance, March, Available: glance/ 2.B. Hoanca and K. Mock. Password Entry Scheme Resistant to Eavesdropping, Security and Management, Las Vegas, Nevada, 2008, pp L. Sobrado, J. C. Birget, "Graphical passwords", The Rutgers Scholar, An Electronic Bulletin for Undergraduate Research, vol. 4 (2002). 4.N. Hopper and M. Blum. A Secure Human-Computer Authentication Scheme. Technical Re- port CMU-CS , Carnegie Mellon University, Motivation A possible solution to prevent eavesdropping is to secure the information entry system. -Recent research studies [5, 6, 7, 8] focus on securing the information entry system through using modified keyboard, complex pupil gesture, intricate mathematical/geometrical input, etc. -Limitations of these studies: Resource-hungry, complex, and difficult-to-use. We propose to exploit the notion of string mapping mechanism to secure the information entry system. -Advantages of our proposed mechanism: Light-weight, simple, and easy-to-use. Methodology Known string (Picked by the user at random) Chameleon app (Maps input string to the original password) Original Password Significance of Random Mapping Choosing the input string by the user himself makes the mapping completely random. Such random mapping avoids memorization needed in other cases such as for hashing. The use of random input string chosen by the user enables to use a single device by multiple users. Random input string in Chameleon makes difficult to access the secret information by a malicious user even in case of the device being stolen. Real Implementation Figure: User enters pre-mapped random input string Figure: Chameleon maps random input string to the original password and feeds it to the target application Conclusion and Future Work In this study, we presented a novel, simple, and easy-to-use system to protect user's confidential information from eavesdropping over physical environment, as the phenomena of eavesdropping has become of utmost significance in recent times. In future, we plan to develop one-time user authentication mechanism through using usage data to protect the application. -Such authentication will confirm almost no retrieval of the secret information from the system even for a device being stolen. References 1.Google Glass Snoopers Can Steal Your Passcode With a Glance, March, Available: 2.D. Asonov and R. Agrawal, Keyboard Acoustic Emanations. In Proceedings of the IEEE Symposium on Security and Privacy, pp. 3-11, M. Kuhn, Time-Domain Eavesdropping Risks of CRT Displays. In Proceedings of the IEEE Symposium on Security and Privacy, pp. 3-18, D. Balzarotti, M. Cova, G. Vigna, ClearShot: Eavesdropping on Keyboard Input from Video, In Proceedings of the IEEE Symposium on Security and Privacy, pp , B. Hoanca and K. Mock. Password Entry Scheme Resistant to Eavesdropping, Security and Management, Las Vegas, Nevada, pp , D. Tan, P. Keyani and M. Czerwinski, Spy-resistant keyboard: more secure password entry on public touch screen displays, Proceeding OZCHI '05 Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future, pp , M. Kumar, T. Garfinkel, D. Boneh and T. Winograd. Reducing shoulder-surfing by using gaze-based password entry, Proceeding SOUPS '07 Proceedings of the 3rd symposium on Usable privacy and security, pp , Y. Wu, Z. Zhao, Enhancing the Security of On-line Transactions with CAPTCHA Keyboard, Information Security and Privacy Research, IFIP Advances in Information and Communication Technology Volume 376, pp , Figure: Capturing PINs with camcorder from 44 meters away [1]

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.