Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords

增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习

基本信息

  • 批准号:
    RGPIN-2018-05919
  • 负责人:
  • 金额:
    $ 2.04万
  • 依托单位:
  • 依托单位国家:
    加拿大
  • 项目类别:
    Discovery Grants Program - Individual
  • 财政年份:
    2019
  • 资助国家:
    加拿大
  • 起止时间:
    2019-01-01 至 2020-12-31
  • 项目状态:
    已结题

项目摘要

Text passwords remain as one of the most widespread authentication mechanisms in computer systems. The strength of a password is thus of paramount importance to security. As such, a number of password strengthening techniques have been proposed in the literature and deployed in the real world. Nevertheless, there exists a trade-off between password strength and memorability, and while password strength meters are common, according to the related literature and to the best of my knowledge, no reliable memorability meter has been published or deployed. The proposed research program will endeavour to analyze memorability of system-assigned passwords at the time of creation, by studying the brain waves generated while seeing a password for the first time. This work will lead to a password meter that can help users to choose a system-assigned password that has higher probability of being remembered, by predicting its recall chances at the time of assigning the password to a user.******So far, together with my team of students, I have been able to establish that passwords can be classified based on the electroencephalogram (EEG) signals they elicit. This was found through a series of experiments that used consumer-grade brain-computer interface (BCI) devices to compare EEG differences between random and common passwords (i.e., most common passwords as exposed by popular password leaks). In light of these experiments it became evident that a password meter could be built by measuring short- and long-term password recall. For example, when the user is given a choice of two system-assigned passwords, there are statistically significant correlations between the EEG signals and the chosen password, recalling the password from short- and long-term memory, and the number of attempts to remember the password correctly.******To address password usability from a different angle, the proposed research program will investigate authentication techniques that leverage implicit learning phenomena from the psychology field. Some of the most important advantages of implicitly learnt passwords are that the user is not imposed with a conscious cognitive burden, can't retrieve them at will, and therefore to a certain extent implicitly learnt passwords are coercion- and insider-attack resistant. During the past years, my research team and I have designed and tested an authentication technique based on two branches of implicit learning, namely, contextual cueing and semantic priming, which have shown promise not only in terms of accuracy but in training time compared to the most cited recent related works available in the literature. The proposed research program will continue this line of research to improve accuracy as well as training and authentication time.******Over 10 highly qualified personnel will be trained in authentication with strong theoretical foundations, benefitting the research community and Canadians in general.
文本密码仍然是计算机系统中使用最广泛的身份验证机制之一。因此,密码的强度对安全性至关重要。因此,已经在文献中提出了许多密码强化技术,并在现实世界中进行了部署。然而,在密码强度和可记忆性之间存在权衡,虽然密码强度测量仪很常见,但根据相关文献和据我所知,还没有发布或部署可靠的可记忆性测量仪。这项拟议的研究计划将通过研究第一次看到密码时产生的脑电波,努力分析系统分配的密码在创建时的记忆性。这项工作将导致一种密码计量器,它可以帮助用户选择系统分配的密码,通过在将密码分配给用户时预测其回忆概率来选择更有可能被记住的密码。*到目前为止,我和我的学生团队已经能够建立密码可以根据他们诱发的脑电信号进行分类。这是通过一系列实验发现的,这些实验使用消费级脑机接口(BCI)设备来比较随机密码和普通密码(即最常见的密码,因为流行的密码泄露)之间的脑电差异。根据这些实验,很明显,可以通过测量短期和长期的密码回忆来建立密码计量器。例如,当让用户选择两个系统分配的密码时,EEG信号和选择的密码之间存在统计上的显著相关性,从短期和长期记忆中回忆密码,以及尝试正确记住密码的次数。*为了从不同的角度解决密码可用性问题,拟议的研究计划将调查利用心理学领域的内隐学习现象的身份验证技术。隐含学习密码的一些最重要的优势是,用户不会被强加有意识的认知负担,不能随意检索它们,因此在一定程度上,隐含学习的密码是抵抗胁迫和内部攻击的。在过去的几年里,我和我的研究团队设计并测试了一种基于内隐学习的两个分支,即上下文线索和语义启动的认证技术,与文献中引用最多的最近相关工作相比,这两种技术不仅在准确性方面而且在训练时间方面都表现出了希望。拟议的研究计划将继续这一研究路线,以提高准确性以及培训和认证时间。*将有10多名高素质人员接受具有坚实理论基础的认证培训,使研究界和整个加拿大人受益。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

VargasMartin, Miguel其他文献

VargasMartin, Miguel的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('VargasMartin, Miguel', 18)}}的其他基金

Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2022
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2021
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2020
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2018
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Towards New Security Paradigms for User Authentication and Traffic Inspection: Harnessing Implicit Mistakes and Auditory Sense
迈向用户身份验证和流量检查的新安全范式:利用隐式错误和听觉
  • 批准号:
    312183-2013
  • 财政年份:
    2017
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Towards New Security Paradigms for User Authentication and Traffic Inspection: Harnessing Implicit Mistakes and Auditory Sense
迈向用户身份验证和流量检查的新安全范式:利用隐式错误和听觉
  • 批准号:
    312183-2013
  • 财政年份:
    2015
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Towards New Security Paradigms for User Authentication and Traffic Inspection: Harnessing Implicit Mistakes and Auditory Sense
迈向用户身份验证和流量检查的新安全范式:利用隐式错误和听觉
  • 批准号:
    312183-2013
  • 财政年份:
    2014
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Towards New Security Paradigms for User Authentication and Traffic Inspection: Harnessing Implicit Mistakes and Auditory Sense
迈向用户身份验证和流量检查的新安全范式:利用隐式错误和听觉
  • 批准号:
    312183-2013
  • 财政年份:
    2013
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Network security with automatic mitigation of disruptive traffic, attack containment, and intrusion detection
通过自动缓解破坏性流量、攻击遏制和入侵检测来确保网络安全
  • 批准号:
    312183-2008
  • 财政年份:
    2012
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Network security with automatic mitigation of disruptive traffic, attack containment, and intrusion detection
通过自动缓解破坏性流量、攻击遏制和入侵检测来确保网络安全
  • 批准号:
    312183-2008
  • 财政年份:
    2011
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual

相似国自然基金

基于ARM Pointer Authentication的操作系统内核数据保护研究
  • 批准号:
    62002317
  • 批准年份:
    2020
  • 资助金额:
    24.0 万元
  • 项目类别:
    青年科学基金项目

相似海外基金

Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2022
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
CAREER: Towards Secure and Usable IoT Authentication Under Constraints
职业:在约束下实现安全可用的物联网身份验证
  • 批准号:
    2144669
  • 财政年份:
    2022
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Continuing Grant
CAREER: Towards Secure and Usable IoT Authentication Under Constraints
职业:在约束下实现安全可用的物联网身份验证
  • 批准号:
    2309550
  • 财政年份:
    2022
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Continuing Grant
CICI: UCSS: Towards Secure and Usable Push Notification Authentication for Collaborative Scientific Infrastructures
CICI:UCSS:为协作科学基础设施实现安全可用的推送通知身份验证
  • 批准号:
    2115107
  • 财政年份:
    2021
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Standard Grant
CICI: UCSS: Towards Secure and Usable Push Notification Authentication for Collaborative Scientific Infrastructures
CICI:UCSS:为协作科学基础设施实现安全可用的推送通知身份验证
  • 批准号:
    2139358
  • 财政年份:
    2021
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Standard Grant
Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2021
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2020
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Enhancing Authentication: Towards Password Memorability Meters, and Leveraging Implicit Learning for System-Assigned Passwords
增强身份验证:走向密码记忆仪,并利用系统分配密码的隐式学习
  • 批准号:
    RGPIN-2018-05919
  • 财政年份:
    2018
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
Towards New Security Paradigms for User Authentication and Traffic Inspection: Harnessing Implicit Mistakes and Auditory Sense
迈向用户身份验证和流量检查的新安全范式:利用隐式错误和听觉
  • 批准号:
    312183-2013
  • 财政年份:
    2017
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Discovery Grants Program - Individual
EAGER: Towards A Lightweight and Personalized Implicit Authentication System with Adaptive Sensing
EAGER:迈向具有自适应传感的轻量级、个性化隐式身份验证系统
  • 批准号:
    1642590
  • 财政年份:
    2016
  • 资助金额:
    $ 2.04万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了