Incentivizing Collaborative Breach Detection

• URL: http://arxiv.org/abs/2506.04634v1
• Date: Thu, 05 Jun 2025 05:12:32 GMT
• Title: Incentivizing Collaborative Breach Detection
• Authors: Mridu Nanda, Michael K. Reiter,
• Abstract summary: We propose and evaluate an algorithm by which sites can exchange monitoring favors.<n>We show that using our algorithm, a site improves its ability to detect its own breach when it increases the monitoring effort it expends for other sites.
• Score: 10.05815981578555
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Decoy passwords, or "honeywords," alert a site to its breach if they are ever entered in a login attempt on that site. However, an attacker can identify a user-chosen password from among the decoys, without risk of alerting the site to its breach, by performing credential stuffing, i.e., entering the stolen passwords at another site where the same user reused her password. Prior work has thus proposed that sites monitor for the entry of their honeywords at other sites. Unfortunately, it is not clear what incentives sites have to participate in this monitoring. In this paper we propose and evaluate an algorithm by which sites can exchange monitoring favors. Through a model-checking analysis, we show that using our algorithm, a site improves its ability to detect its own breach when it increases the monitoring effort it expends for other sites. We additionally quantify the impacts of various parameters on detection effectiveness and their implications for the deployment of a system to support a monitoring ecosystem. Finally, we evaluate our algorithm on a real dataset of breached credentials and provide a performance analysis that confirms its scalability and practical viability.

Related papers

• Dissecting the Infrastructure Used in Web-based Cryptojacking: A Measurement Perspective [11.217261201018815]
  This paper conducts a comprehensive examination of the infrastructure supporting cryptojacking operations. A dataset of 887 websites, previously identified as cryptojacking sites, was compiled and analyzed to categorize the attacks and malicious activities observed. Various malware and illicit activities linked to these sites were identified, indicating the presence of unauthorized cryptocurrency mining via compromised sites.
  arXiv  Detail & Related papers  (2024-08-06T20:04:47Z)
• Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS [0.4962561299282114]
  The recent surge in phishing attacks keeps undermining the effectiveness of the traditional anti-phishing blacklist approaches. On-device anti-phishing solutions are gaining popularity as they offer faster phishing detection locally. We propose a phishing detection solution that uses a combination of computer vision and on-device machine learning models to analyze websites in real time.
  arXiv  Detail & Related papers  (2024-05-28T14:46:03Z)
• Nudging Users to Change Breached Passwords Using the Protection Motivation Theory [58.87688846800743]
  We draw on the Protection Motivation Theory (PMT) to design nudges that encourage users to change breached passwords. Our study contributes to PMT's application in security research and provides concrete design implications for improving compromised credential notifications.
  arXiv  Detail & Related papers  (2024-05-24T07:51:15Z)
• The Key to Deobfuscation is Pattern of Life, not Overcoming Encryption [0.7124736158080939]
  We present a novel methodology that is effective at deobfuscating sources by synthesizing measurements from key locations along protocol transaction paths. Our approach links online personas with their origin IP addresses based on a Pattern of Life (PoL) analysis. We show that, when monitoring in the correct places on the Internet, DNS over HTTPS (DoH) and DNS over TLS (DoT) can be deobfuscated with up to 100% accuracy.
  arXiv  Detail & Related papers  (2023-10-04T02:34:29Z)
• Exploit the Leak: Understanding Risks in Biometric Matchers [0.0]
  In a biometric authentication or identification system, the matcher compares a stored and a fresh template to determine whether there is a match. For better compliance with privacy legislation, the matcher can be built upon a privacy-preserving distance. This paper provides an analysis of information leakage during distance evaluation.
  arXiv  Detail & Related papers  (2023-07-25T17:29:32Z)
• Untargeted Backdoor Attack against Object Detection [69.63097724439886]
  We design a poison-only backdoor attack in an untargeted manner, based on task characteristics. We show that, once the backdoor is embedded into the target model by our attack, it can trick the model to lose detection of any object stamped with our trigger patterns.
  arXiv  Detail & Related papers  (2022-11-02T17:05:45Z)
• Untargeted Backdoor Watermark: Towards Harmless and Stealthy Dataset Copyright Protection [69.59980270078067]
  We explore the untargeted backdoor watermarking scheme, where the abnormal model behaviors are not deterministic. We also discuss how to use the proposed untargeted backdoor watermark for dataset ownership verification.
  arXiv  Detail & Related papers  (2022-09-27T12:56:56Z)
• An anomaly detection approach for backdoored neural networks: face recognition as a case study [77.92020418343022]
  We propose a novel backdoored network detection method based on the principle of anomaly detection. We test our method on a novel dataset of backdoored networks and report detectability results with perfect scores.
  arXiv  Detail & Related papers  (2022-08-22T12:14:13Z)
• Locally Authenticated Privacy-preserving Voice Input [10.82818142802482]
  Service providers must authenticate their users, although individuals may wish to maintain privacy. Preserving privacy while performing authentication is challenging, particularly where adversaries can use biometric data to train transformation tools. We introduce a secure, flexible privacy-preserving system to capture and store an on-device fingerprint of the users' raw signals.
  arXiv  Detail & Related papers  (2022-05-27T14:56:01Z)
• Spotting adversarial samples for speaker verification by neural vocoders [102.1486475058963]
  We adopt neural vocoders to spot adversarial samples for automatic speaker verification (ASV) We find that the difference between the ASV scores for the original and re-synthesize audio is a good indicator for discrimination between genuine and adversarial samples. Our codes will be made open-source for future works to do comparison.
  arXiv  Detail & Related papers  (2021-07-01T08:58:16Z)
• Backdoor Attack against Speaker Verification [86.43395230456339]
  We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data. We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
  arXiv  Detail & Related papers  (2020-10-22T11:10:08Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.