惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Troy Hunt's Blog
The Register - Security
The Register - Security
量子位
Hugging Face - Blog
Hugging Face - Blog
T
Tailwind CSS Blog
I
InfoQ
B
Blog RSS Feed
酷 壳 – CoolShell
酷 壳 – CoolShell
WordPress大学
WordPress大学
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
Visual Studio Blog
博客园 - Franky
H
Hackread – Cybersecurity News, Data Breaches, AI and More
C
Check Point Blog
A
About on SuperTechFans
S
SegmentFault 最新的问题
阮一峰的网络日志
阮一峰的网络日志
Apple Machine Learning Research
Apple Machine Learning Research
Last Week in AI
Last Week in AI
罗磊的独立博客
Y
Y Combinator Blog
U
Unit 42
The Cloudflare Blog
T
The Blog of Author Tim Ferriss
月光博客
月光博客
GbyAI
GbyAI
博客园 - 三生石上(FineUI控件)
IT之家
IT之家
N
Netflix TechBlog - Medium
Cyberwarzone
Cyberwarzone
Vercel News
Vercel News
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Tor Project blog
博客园 - 叶小钗
大猫的无限游戏
大猫的无限游戏
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
aimingoo的专栏
aimingoo的专栏
The Hacker News
The Hacker News
Recent Announcements
Recent Announcements
博客园_首页
有赞技术团队
有赞技术团队
Jina AI
Jina AI
Simon Willison's Weblog
Simon Willison's Weblog
雷峰网
雷峰网
人人都是产品经理
人人都是产品经理
S
Schneier on Security
Spread Privacy
Spread Privacy
V
Vulnerabilities – Threatpost
P
Palo Alto Networks Blog

cs.CR updates on arXiv.org

An AI Security Agent for University ACMIS: Multi-Vector Threat Detection and Automated Response From Privacy to Workflow Integrity: Communication-Graph Metadata in Autonomous Agent Interoperability Learn from Your Mistakes: Tree-like Self-Play for Secure Code LLMs Send a SCOUT First: Pre-hoc Reasoning for Adaptive Detector Allocation in Prompt-Injection Defense QSignAI: Quantum-Randomness-Seeded Identity Signatures at the Intersection of AI for Science and Science for AI A Standardized Ontology for Intent-Based Security Management in Autonomous Networks Code as a Weapon: A Consensus-Labeled Prompt Bank for Measuring Coding-Model Compliance with Malicious-Code Requests Cordyceps: Covert Control Attacks on LLMs via Data Poisoning SAMark: A Self-Anchored Text Watermarking with Paragraph-Level Paraphrase Robustness Mechanistic origins of catastrophic forgetting: why RL preserves circuits better than SFT? Red-Teaming Agent Execution Contexts: Open-World Security Evaluation on OpenClaw From Specification to Deployment: Empirical Evidence from a W3C VC + DID Trust Infrastructure for Autonomous Agents Attacking the Spike: On the Transferability and Security of Spiking Neural Networks to Adversarial Examples Vendor-Conditioned Contrastive Learning for Predicting Organizational Cyber Threat Targets A Formal Calculus for International Relations Computation and Evaluation On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis Moving Target Defense for Web Applications using Bayesian Stackelberg Games A Mathematical Trust Algebra for International Nation Relations Computation and Evaluation A First Attempt to Cloud-Based User Verification in Distributed System Some Experimental Issues in Financial Fraud Detection: An Investigation Using Data Analytics to Detect Anomalous States in Vehicles On the Differential Privacy of Bayesian Inference Building and Measuring Privacy-Preserving Predictive Blacklists Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification Security Games with Ambiguous Beliefs of Agents Generating and Exploring S-Box Multivariate Quadratic Equation Systems with SageMath Private Disclosure of Information in Health Tele-monitoring Applications of Artificial Intelligence Techniques to Combating Cyber Crimes: A Review Implicit Contextual Integrity in Online Social Networks Phishing Detection in IMs using Domain Ontology and CBA - An innovative Rule Generation Approach Detecting fraudulent activity in a cloud using privacy-friendly data aggregates The Application of Differential Privacy for Rank Aggregation: Privacy and Accuracy An Evasion and Counter-Evasion Study in Malicious Websites Detection Hybrid Epidemics - A Case Study on Computer Worm Conficker A Self-Adaptive Network Protection System An Argumentation-Based Framework to Address the Attribution Problem in Cyber-Warfare Protecting Privacy through Distributed Computation in Multi-agent Decision Making Using Neural Network to Propose Solutions to Threats in Attack Patterns A Utility-Theoretic Approach to Privacy in Online Services Intrusion Detection using Continuous Time Bayesian Networks A DDoS-Aware IDS Model Based on Danger Theory and Mobile Agents Mining Malware Specifications through Static Reachability Analysis Subjective Logic Operators in Trust Assessment: an Empirical Study GOTCHA Password Hackers! On estimating total time to solve SAT in distributed computing environments: Application to the SAT@home project POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing Les POMDP font de meilleurs hackers: Tenir compte de l'incertitude dans les tests de penetration Automated Attack Planning Penetration Testing == POMDP Solving? Attack Planning in the Real World An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios A Fuzzy Logic Based Certain Trust Model for E-Commerce Predicting Network Attacks Using Ontology-Driven Inference Semantic Matching of Security Policies to Support Security Experts A formalization of re-identification in terms of compatible probabilities A trust-based security mechanism for nomadic users in pervasive systems Intrusion Detection on Smartphones Obesity Heuristic, New Way On Artificial Immune Systems Secured Wireless Communication using Fuzzy Logic based High Speed Public-Key Cryptography (FLHSPKC) Mining Permission Request Patterns from Android and Facebook Applications (extended author version) Building a Chaotic Proved Neural Network Detecting Danger: The Dendritic Cell Algorithm Detecting Anomalous Process Behaviour using Second Generation Artificial Immune Systems Outrepasser les limites des techniques classiques de Prise d'Empreintes grace aux Reseaux de Neurones Building Computer Network Attacks ToLeRating UR-STD The DCA:SOMe Comparison A comparative study between two biologically-inspired algorithms Real-Time Alert Correlation with Type Graphs Performance Evaluation of DCA and SRC on a Single Bot Detection Behavioural Correlation for Detecting P2P Bots Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory Integrating Real-Time Analysis With The Dendritic Cell Algorithm Through Segmentation Integrating Innate and Adaptive Immunity for Intrusion Detection Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows Detecting Bots Based on Keylogging Activities Detecting Danger: Applying a Novel Immunological Concept to Intrusion Detection Systems Detecting Motifs in System Call Sequences Dendritic Cells for SYN Scan Detection Detecting Botnets Through Log Correlation DCA for Bot Detection Cooperative Automated Worm Response and Detection Immune Algorithm Cryptographic Implications for Artificially Mediated Games Differentially Private Empirical Risk Minimization An Immune Inspired Network Intrusion Detection System Utilising Correlation Context An Immune Inspired Approach to Anomaly Detection Hybrid Intrusion Detection and Prediction multiAgent System HIDPAS Artificial Dendritic Cells: Multi-faceted Perspectives AIS for Misbehavior Detection in Wireless Sensor Networks: Performance and Design Principles The Role of Self-Forensics in Vehicle Crash Investigations and Event Reconstruction Beyond Nash Equilibrium: Solution Concepts for the 21st Century From Qualitative to Quantitative Proofs of Security Properties Using First-Order Conditional Logic Danger Theory: The Link between AIS and IDS? Dempster-Shafer for Anomaly Detection The Danger Theory and Its Application to Artificial Immune Systems ANTIDS: Self-Organized Ant-based Clustering Model for Intrusion Detection System Analyzing and Improving Performance of a Class of Anomaly-based Intrusion Detectors Soft Constraint Programming to Analysing Security Protocols A Method for Clustering Web Attacks Using Edit Distance Encoding a Taxonomy of Web Attacks with Different-Length Vectors
Bernoulli honeywords
Ke Coby Wang, Michael K. Reiter · 2022-12-24 · via cs.CR updates on arXiv.org

Decoy passwords, or "honeywords," planted in a credential database can alert a site to its breach if ever submitted in a login attempt. To be effective, some honeywords must appear at least as likely to be user-chosen passwords as the real ones, and honeywords must be very difficult to guess without having breached the database, to prevent false breach alarms. These goals have proved elusive, however, for heuristic honeyword generation algorithms. In this paper we explore an alternative strategy in which the defender treats honeyword selection as a Bernoulli process in which each possible password (except the user-chosen one) is selected as a honeyword independently with some fixed probability. We show how Bernoulli honeywords can be integrated into two existing system designs for leveraging honeywords: one based on a honeychecker that stores the secret index of the user-chosen password in the list of account passwords, and another that does not leverage secret state at all. We show that Bernoulli honeywords enable analytic derivation of false breach-detection probabilities irrespective of what information the attacker gathers about the sites' users; that their true and false breach-detection probabilities demonstrate compelling efficacy; and that Bernoulli honeywords can even enable performance improvements in modern honeyword system designs.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。