If you forget your password when logging into an e-mail or online shopping Web site, the site will likely ask you a security question: What is your mother’s maiden name? Where were you born?
The trouble is that such questions are not very secure. More people than you may think will know your answers. And if they don’t, it might not be hard to search for it online or even make a lucky guess.
But Rutgers computer scientists are testing a new tactic that could be both easier and more secure.
“We call them activity-based personal questions,” said Danfeng Yao, assistant professor of computer science in the Rutgers School of Arts and Sciences. “Sites could ask you, ‘When was the last time you sent an e-mail?’ Or, ‘What did you do yesterday at noon?’”
Yao and her students have been testing how resistant these activity questions are to “attack,” – computer security lingo for when an intruder answers them correctly and gains access to personal information such as e-mails or to do online shopping or banking.
Early studies suggest that questions about recent activities are easy for legitimate users to answer but harder for potential intruders to find or guess, Yao said.
“We want the question to be dynamic,” she said. “The questions you get today will be different from the ones you would get tomorrow.”
Rutgers doctoral student Huijun Xiong and visiting undergraduate student Anitra Babic are presenting the group’s preliminary results in a workshop at this week’s Association for Computing Machinery Conference on Computer and Communications Security. Babic is a senior at Chestnut Hill College in Philadelphia and participated in a summer research program at Rutgers.
Yao said she gave four students in her lab a list of questions related to network activities, physical activities and opinion questions, and then told them to “attack” each other.
"We found that questions related to time are more robust than others. Many guessed the answer to the question, ‘Who was the last person you sent e-mail to?’ But fewer were able to guess, ‘What time did you send your last e-mail?’”
Yao explains that it should not be difficult for an online service provider to formulate these kinds of security questions by looking at its users’ e-mail, calendar activities or previous transactions. Computers would have use natural language processing tools to synthesize understandable questions and analyze the answers for accuracy.
Yao is proposing further studies to determine the practicality of the new approach and the best way to implement it.
Yao’s work is funded in part by grants from the National Science Foundation.
Carl Blesch | EurekAlert!
NASA CubeSat to test miniaturized weather satellite technology
10.11.2017 | NASA/Goddard Space Flight Center
New approach uses light instead of robots to assemble electronic components
08.11.2017 | The Optical Society
The WHO reports an estimated 429,000 malaria deaths each year. The disease mostly affects tropical and subtropical regions and in particular the African continent. The Fraunhofer Institute for Silicate Research ISC teamed up with the Fraunhofer Institute for Molecular Biology and Applied Ecology IME and the Institute of Tropical Medicine at the University of Tübingen for a new test method to detect malaria parasites in blood. The idea of the research project “NanoFRET” is to develop a highly sensitive and reliable rapid diagnostic test so that patient treatment can begin as early as possible.
Malaria is caused by parasites transmitted by mosquito bite. The most dangerous form of malaria is malaria tropica. Left untreated, it is fatal in most cases....
The formation of stars in distant galaxies is still largely unexplored. For the first time, astron-omers at the University of Geneva have now been able to closely observe a star system six billion light-years away. In doing so, they are confirming earlier simulations made by the University of Zurich. One special effect is made possible by the multiple reflections of images that run through the cosmos like a snake.
Today, astronomers have a pretty accurate idea of how stars were formed in the recent cosmic past. But do these laws also apply to older galaxies? For around a...
Just because someone is smart and well-motivated doesn't mean he or she can learn the visual skills needed to excel at tasks like matching fingerprints, interpreting medical X-rays, keeping track of aircraft on radar displays or forensic face matching.
That is the implication of a new study which shows for the first time that there is a broad range of differences in people's visual ability and that these...
Computer Tomography (CT) is a standard procedure in hospitals, but so far, the technology has not been suitable for imaging extremely small objects. In PNAS, a team from the Technical University of Munich (TUM) describes a Nano-CT device that creates three-dimensional x-ray images at resolutions up to 100 nanometers. The first test application: Together with colleagues from the University of Kassel and Helmholtz-Zentrum Geesthacht the researchers analyzed the locomotory system of a velvet worm.
During a CT analysis, the object under investigation is x-rayed and a detector measures the respective amount of radiation absorbed from various angles....
The quantum world is fragile; error correction codes are needed to protect the information stored in a quantum object from the deteriorating effects of noise. Quantum physicists in Innsbruck have developed a protocol to pass quantum information between differently encoded building blocks of a future quantum computer, such as processors and memories. Scientists may use this protocol in the future to build a data bus for quantum computers. The researchers have published their work in the journal Nature Communications.
Future quantum computers will be able to solve problems where conventional computers fail today. We are still far away from any large-scale implementation,...
15.11.2017 | Event News
15.11.2017 | Event News
30.10.2017 | Event News
21.11.2017 | Physics and Astronomy
21.11.2017 | Physics and Astronomy
21.11.2017 | Life Sciences