Got Ya! -- Sensors for Identity Management Specific Security Situational Awareness

• URL: http://arxiv.org/abs/2503.04274v1
• Date: Thu, 06 Mar 2025 10:03:45 GMT
• Title: Got Ya! -- Sensors for Identity Management Specific Security Situational Awareness
• Authors: Daniela Pöhn, Heiner Lüken,
• Abstract summary: Security situational awareness refers to identifying, mitigating, and preventing digital cyber threats.<n>We propose a security situational awareness approach specifically to identity management.<n>We focus on protocol-specifics and identity-related sources in a general concept.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Security situational awareness refers to identifying, mitigating, and preventing digital cyber threats by gathering information to understand the current situation. With awareness, the basis for decisions is present, particularly in complex situations. However, while logging can track the successful login into a system, it typically cannot determine if the login was performed by the user assigned to the account. An account takeover, for example, by a successful phishing attack, can be used as an entry into an organization's network. All identities within an organization are managed in an identity management system. Thereby, these systems are an interesting goal for malicious actors. Even within identity management systems, it is difficult to differentiate legitimate from malicious actions. We propose a security situational awareness approach specifically to identity management. We focus on protocol-specifics and identity-related sources in a general concept before providing the example of the protocol OAuth with a proof-of-concept implementation.

Related papers

• Autonomous Identity-Based Threat Segmentation in Zero Trust Architectures [4.169915659794567]
  Zero Trust Architectures (ZTA) fundamentally redefine network security by adopting a "trust nothing, verify everything" approach.<n>This research applies the proposed AI-driven, autonomous, identity-based threat segmentation in ZTA.
  arXiv  Detail & Related papers  (2025-01-10T15:35:02Z)
• FaceTracer: Unveiling Source Identities from Swapped Face Images and Videos for Fraud Prevention [68.07489215110894]
  FaceTracer is a framework specifically designed to trace the identity of the source person from swapped face images or videos.<n>In experiments, FaceTracer successfully identified the source person in swapped content and enabling the tracing of malicious actors involved in fraudulent activities.
  arXiv  Detail & Related papers  (2024-12-11T04:00:17Z)
• An Alternative to Multi-Factor Authentication with a Triple-Identity Authentication Scheme [0.0]
  A dual-password login-authentication system has two entry points (i.e., username and password fields) to interact with the outside. No identifiers can be defined for the username and password without using any personal information. A triple-identity authentication is established, the key of which is that the readily available user's login name and password are randomly converted into a matrix of meaningless hash elements.
  arXiv  Detail & Related papers  (2024-07-28T10:27:35Z)
• Towards an Improved Taxonomy of Attacks related to Digital Identities and Identity Management Systems [0.0]
  We propose the improved framework taxonomy for Identity Management related to Attacks (TaxIdMA) The purpose of TaxIdMA is to classify existing attacks, attack vectors, and vulnerabilities associated with system identities, identity management systems, and end-user identities. The combination of TaxIdMA, which allows a structured way to outline attacks and is applicable to different scenarios, and a description language for threat intelligence help to improve the security identity management systems and processes.
  arXiv  Detail & Related papers  (2024-07-23T07:46:40Z)
• DiVerify: Diversifying Identity Verification in Next-Generation Software Signing [6.367742522528132]
  Code signing enables software developers to digitally sign their code using cryptographic keys, thereby associating the code to their identity. Next-generation software signing such as Sigstore and OpenPubKey simplify code signing by providing streamlined mechanisms to verify and link signer identities to the public key. We introduce Diverse Identity Verification (DiVerify) scheme, which strengthens the security guarantees of next-generation software signing by leveraging threshold identity validations and scope mechanisms.
  arXiv  Detail & Related papers  (2024-06-21T18:53:52Z)
• Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
  Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication. Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
  arXiv  Detail & Related papers  (2024-05-21T13:34:23Z)
• Leveraging Machine Learning for Wi-Fi-based Environmental Continuous Two-Factor Authentication [0.44998333629984877]
  We present a novel 2FA approach replacing the user's input with decisions made by Machine Learning (ML) Our system exploits unique environmental features associated with the user, such as beacon frame characteristics and Received Signal Strength Indicator ( RSSI) values from Wi-Fi Access Points (APs) For enhanced security, our system mandates that the user's two devices (i.e., a login device and a mobile device) be situated within a predetermined proximity before granting access.
  arXiv  Detail & Related papers  (2024-01-12T14:58:15Z)
• HFORD: High-Fidelity and Occlusion-Robust De-identification for Face Privacy Protection [60.63915939982923]
  Face de-identification is a practical way to solve the identity protection problem. The existing facial de-identification methods have revealed several problems. We present a High-Fidelity and Occlusion-Robust De-identification (HFORD) method to deal with these issues.
  arXiv  Detail & Related papers  (2023-11-15T08:59:02Z)
• When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
  We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures. We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN. Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
  arXiv  Detail & Related papers  (2023-06-09T14:33:26Z)
• Taking Modality-free Human Identification as Zero-shot Learning [46.51413603352702]
  We develop a novel Modality-Free Human Identification (named MFHI) task as a generic zero-shot learning model in a scalable way. It is capable of bridging the visual and semantic modalities by learning a discriminative prototype of each identity. In addition, the semantics-guided spatial attention is enforced on visual modality to obtain representations with both high global category-level and local attribute-level discrimination.
  arXiv  Detail & Related papers  (2020-10-02T13:08:27Z)
• Towards Face Encryption by Generating Adversarial Identity Masks [53.82211571716117]
  We propose a targeted identity-protection iterative method (TIP-IM) to generate adversarial identity masks. TIP-IM provides 95%+ protection success rate against various state-of-the-art face recognition models.
  arXiv  Detail & Related papers  (2020-03-15T12:45:10Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.