If you forget your password when logging into an e-mail or online shopping Web site, the site will likely ask you a security question: What is your mother’s maiden name? Where were you born?
The trouble is that such questions are not very secure. More people than you may think will know your answers. And if they don’t, it might not be hard to search for it online or even make a lucky guess.
But Rutgers computer scientists are testing a new tactic that could be both easier and more secure.
“We call them activity-based personal questions,” said Danfeng Yao, assistant professor of computer science in the Rutgers School of Arts and Sciences. “Sites could ask you, ‘When was the last time you sent an e-mail?’ Or, ‘What did you do yesterday at noon?’”
Yao and her students have been testing how resistant these activity questions are to “attack,” – computer security lingo for when an intruder answers them correctly and gains access to personal information such as e-mails or to do online shopping or banking.
Early studies suggest that questions about recent activities are easy for legitimate users to answer but harder for potential intruders to find or guess, Yao said.
“We want the question to be dynamic,” she said. “The questions you get today will be different from the ones you would get tomorrow.”
Rutgers doctoral student Huijun Xiong and visiting undergraduate student Anitra Babic are presenting the group’s preliminary results in a workshop at this week’s Association for Computing Machinery Conference on Computer and Communications Security. Babic is a senior at Chestnut Hill College in Philadelphia and participated in a summer research program at Rutgers.
Yao said she gave four students in her lab a list of questions related to network activities, physical activities and opinion questions, and then told them to “attack” each other.
"We found that questions related to time are more robust than others. Many guessed the answer to the question, ‘Who was the last person you sent e-mail to?’ But fewer were able to guess, ‘What time did you send your last e-mail?’”
Yao explains that it should not be difficult for an online service provider to formulate these kinds of security questions by looking at its users’ e-mail, calendar activities or previous transactions. Computers would have use natural language processing tools to synthesize understandable questions and analyze the answers for accuracy.
Yao is proposing further studies to determine the practicality of the new approach and the best way to implement it.
Yao’s work is funded in part by grants from the National Science Foundation.
Carl Blesch | EurekAlert!
Japanese researchers develop ultrathin, highly elastic skin display
19.02.2018 | University of Tokyo
Why bees soared and slime flopped as inspirations for systems engineering
19.02.2018 | Georgia Institute of Technology
For the first time, a team of researchers at the Max-Planck Institute (MPI) for Polymer Research in Mainz, Germany, has succeeded in making an integrated circuit (IC) from just a monolayer of a semiconducting polymer via a bottom-up, self-assembly approach.
In the self-assembly process, the semiconducting polymer arranges itself into an ordered monolayer in a transistor. The transistors are binary switches used...
Breakthrough provides a new concept of the design of molecular motors, sensors and electricity generators at nanoscale
Researchers from the Institute of Organic Chemistry and Biochemistry of the CAS (IOCB Prague), Institute of Physics of the CAS (IP CAS) and Palacký University...
For photographers and scientists, lenses are lifesavers. They reflect and refract light, making possible the imaging systems that drive discovery through the microscope and preserve history through cameras.
But today's glass-based lenses are bulky and resist miniaturization. Next-generation technologies, such as ultrathin cameras or tiny microscopes, require...
Scientists from the University of Zurich have succeeded for the first time in tracking individual stem cells and their neuronal progeny over months within the intact adult brain. This study sheds light on how new neurons are produced throughout life.
The generation of new nerve cells was once thought to taper off at the end of embryonic development. However, recent research has shown that the adult brain...
Theoretical physicists propose to use negative interference to control heat flow in quantum devices. Study published in Physical Review Letters
Quantum computer parts are sensitive and need to be cooled to very low temperatures. Their tiny size makes them particularly susceptible to a temperature...
15.02.2018 | Event News
13.02.2018 | Event News
12.02.2018 | Event News
20.02.2018 | Life Sciences
20.02.2018 | Medical Engineering
20.02.2018 | Physics and Astronomy