Photographic Authentication through Untrusted terminals摄影认证通过不可信的终端.pptVIP

DISCUSSION (CONT.) --COINCIDENT ATTACKS Definition: Coincident attack is one in which an unscrupulous agent or proxy running on the untrusted terminal has access to a user’s data in parallel to the user actively operating the system. Property: the window for a coincident attack begins after a successful authentication and ends when the user either explicitly logs out of the system or times out. DISCUSSION (CONT.) --COMPROMISED ATTACKS Definition: A compromised attack is one in which the system’s integrity has already been compromised. E.g., the attacker has cracked the password or identified the picture set; How to fix the system: Select a new password in the case of text passwords; It is more difficult to a compromised PA system because a user cannot forget pictures they have seen and suddenly recognize new ones; one way is to use a series of image subsets for the authentication process. When one subset becomes compromised, the user simply rotates to the next set. DISCUSSION (CONT.)  --POLLING ATTACKS Definition: A polling attack is one in which the authentication server is repeatedly accessed to gather information about the authentication account. Property: In the case of text password, a polling attack is similar to random or dictionary attacks, where trial passwords are thrown at the authentication mechanism to guess the correct password; While for PA, this kind of attack could be used to glean the entire set of images used for authentication. FUTURE WORK PA is a novel technique for dealing with public infrastructure, an emerging concern as mobile and fixed-infrastructure systems continue to evolve and merge: Explore alternate image presentation and techniques for generating challenge image sets; Improve the effectiveness of the challenge set by preprocessing images to remove obvious similarities between pictures; Explore using trial time to filter attacks. THANK YOU!!! * PHOTOGRAPHIC AUTHENTIC