Securing Networks Against Anonymous Invaders - Softcover

Inhaltsangabe

The power of anonymity on the internet is being leveraged by criminals, online trolls, and malicious hackers. Cyber criminals masquerade as legitimate users in order to steal valuable private data, commit fraud, and steal money from their victims. This thesis investigates security vulnerabilities that exist as a product of user anonymity and provides a biometric mitigation to one of the most common exploits against DoD personnel—social engineering. To strip anonymity from malicious users, we used a concept that harkens back to World War II called fist of the sender. This technique was used by allied intelligence analysts to identify enemy units by the rhythm of their radio operators when they transmitted Morse code. We applied the same concept to keystrokes along a keyboard and created a digital fist. Our research used a chatbot that posed as a victim, and we had student-subjects play the role of Social Engineers and attempt to phish the chatbot. Our system measures keystroke dynamics to increase user recognition and introduces specific perturbations during a user’s typing session—sometimes by making the caret disappear, and sometimes by suddenly moving the caret back a few spaces. We hypothesized that as a user tried to recover from these interactions, we could increase typing attribution since every user’s subconscious reaction would be unique. Our results show cases where identification increased over 20% in some cases through the introduction of perturbations.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.