Your credentials are compromised, do not panic: You can be well protected

Issa Khalil, Zuochao Dou, Abdallah Khreishah

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

In this paper, we leverage the characteristics of round-trip communications latency (RTL) to design and implement a novel highly secure and usable web authentication scheme, dubbed CLAS. CLAS uses, in addition to the traditional credentials, round-trip network communications latency to uniquely identify users. CLAS introduces a novel network architecture which turns RTL into a robust authentication feature that is extremely difficult to forge. CLAS offers robust defense against password compromise because, unlike many traditional authentication mechanisms, it is resilient to phishing/pharming, man-in-the-middle, and social engineering attacks. Most importantly, CLAS is transparent to users and incurs negligible overhead. Our experimental results show that CLAS can achieve 0.0017 false positive rate while maintaining false negative rate below 0.007.

Original languageEnglish
Title of host publicationASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages925-930
Number of pages6
ISBN (Electronic)9781450342339
DOIs
Publication statusPublished - 30 May 2016
Event11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016 - Xi'an, China
Duration: 30 May 20163 Jun 2016

Other

Other11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016
CountryChina
CityXi'an
Period30/5/163/6/16

Fingerprint

Authentication
Communication
Network architecture
Telecommunication networks

Keywords

  • Gaus-sian distribution
  • Network communications latency
  • Password compromise
  • Web authentication

ASJC Scopus subject areas

  • Computer Science Applications
  • Software
  • Computer Networks and Communications

Cite this

Khalil, I., Dou, Z., & Khreishah, A. (2016). Your credentials are compromised, do not panic: You can be well protected. In ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security (pp. 925-930). Association for Computing Machinery, Inc. https://doi.org/10.1145/2897845.2897925

Your credentials are compromised, do not panic : You can be well protected. / Khalil, Issa; Dou, Zuochao; Khreishah, Abdallah.

ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2016. p. 925-930.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Khalil, I, Dou, Z & Khreishah, A 2016, Your credentials are compromised, do not panic: You can be well protected. in ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, pp. 925-930, 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016, Xi'an, China, 30/5/16. https://doi.org/10.1145/2897845.2897925
Khalil I, Dou Z, Khreishah A. Your credentials are compromised, do not panic: You can be well protected. In ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2016. p. 925-930 https://doi.org/10.1145/2897845.2897925
Khalil, Issa ; Dou, Zuochao ; Khreishah, Abdallah. / Your credentials are compromised, do not panic : You can be well protected. ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2016. pp. 925-930
@inproceedings{41fd529f0ce94f759587551f1a97e8fc,
title = "Your credentials are compromised, do not panic: You can be well protected",
abstract = "In this paper, we leverage the characteristics of round-trip communications latency (RTL) to design and implement a novel highly secure and usable web authentication scheme, dubbed CLAS. CLAS uses, in addition to the traditional credentials, round-trip network communications latency to uniquely identify users. CLAS introduces a novel network architecture which turns RTL into a robust authentication feature that is extremely difficult to forge. CLAS offers robust defense against password compromise because, unlike many traditional authentication mechanisms, it is resilient to phishing/pharming, man-in-the-middle, and social engineering attacks. Most importantly, CLAS is transparent to users and incurs negligible overhead. Our experimental results show that CLAS can achieve 0.0017 false positive rate while maintaining false negative rate below 0.007.",
keywords = "Gaus-sian distribution, Network communications latency, Password compromise, Web authentication",
author = "Issa Khalil and Zuochao Dou and Abdallah Khreishah",
year = "2016",
month = "5",
day = "30",
doi = "10.1145/2897845.2897925",
language = "English",
pages = "925--930",
booktitle = "ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - Your credentials are compromised, do not panic

T2 - You can be well protected

AU - Khalil, Issa

AU - Dou, Zuochao

AU - Khreishah, Abdallah

PY - 2016/5/30

Y1 - 2016/5/30

N2 - In this paper, we leverage the characteristics of round-trip communications latency (RTL) to design and implement a novel highly secure and usable web authentication scheme, dubbed CLAS. CLAS uses, in addition to the traditional credentials, round-trip network communications latency to uniquely identify users. CLAS introduces a novel network architecture which turns RTL into a robust authentication feature that is extremely difficult to forge. CLAS offers robust defense against password compromise because, unlike many traditional authentication mechanisms, it is resilient to phishing/pharming, man-in-the-middle, and social engineering attacks. Most importantly, CLAS is transparent to users and incurs negligible overhead. Our experimental results show that CLAS can achieve 0.0017 false positive rate while maintaining false negative rate below 0.007.

AB - In this paper, we leverage the characteristics of round-trip communications latency (RTL) to design and implement a novel highly secure and usable web authentication scheme, dubbed CLAS. CLAS uses, in addition to the traditional credentials, round-trip network communications latency to uniquely identify users. CLAS introduces a novel network architecture which turns RTL into a robust authentication feature that is extremely difficult to forge. CLAS offers robust defense against password compromise because, unlike many traditional authentication mechanisms, it is resilient to phishing/pharming, man-in-the-middle, and social engineering attacks. Most importantly, CLAS is transparent to users and incurs negligible overhead. Our experimental results show that CLAS can achieve 0.0017 false positive rate while maintaining false negative rate below 0.007.

KW - Gaus-sian distribution

KW - Network communications latency

KW - Password compromise

KW - Web authentication

UR - http://www.scopus.com/inward/record.url?scp=84979708497&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84979708497&partnerID=8YFLogxK

U2 - 10.1145/2897845.2897925

DO - 10.1145/2897845.2897925

M3 - Conference contribution

AN - SCOPUS:84979708497

SP - 925

EP - 930

BT - ASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

ER -