Featured Research

from universities, journals, and other organizations

Computer Scientists Work To Strengthen Online Security

Date:
November 9, 2009
Source:
Rutgers University
Summary:
If you forget your password when logging into an e-mail or online shopping website, the site will likely ask you a security question: What is your mother's maiden name? Where were you born? The trouble is that such questions are not very secure. But computer scientists are testing a new tactic that could be both easier and more secure.

If you forget your password when logging into an e-mail or online shopping Web site, the site will likely ask you a security question: What is your mother's maiden name? Where were you born?

The trouble is that such questions are not very secure. More people than you may think will know your answers. And if they don't, it might not be hard to search for it online or even make a lucky guess.

But Rutgers computer scientists are testing a new tactic that could be both easier and more secure.

"We call them activity-based personal questions," said Danfeng Yao, assistant professor of computer science in the Rutgers School of Arts and Sciences. "Sites could ask you, 'When was the last time you sent an e-mail?' Or, 'What did you do yesterday at noon?'"

Yao and her students have been testing how resistant these activity questions are to "attack," -- computer security lingo for when an intruder answers them correctly and gains access to personal information such as e-mails or to do online shopping or banking.

Early studies suggest that questions about recent activities are easy for legitimate users to answer but harder for potential intruders to find or guess, Yao said.

"We want the question to be dynamic," she said. "The questions you get today will be different from the ones you would get tomorrow."

Rutgers doctoral student Huijun Xiong and visiting undergraduate student Anitra Babic are presenting the group's preliminary results in a workshop at this week's Association for Computing Machinery Conference on Computer and Communications Security. Babic is a senior at Chestnut Hill College in Philadelphia and participated in a summer research program at Rutgers.

Yao said she gave four students in her lab a list of questions related to network activities, physical activities and opinion questions, and then told them to "attack" each other.

"We found that questions related to time are more robust than others. Many guessed the answer to the question, 'Who was the last person you sent e-mail to?' But fewer were able to guess, 'What time did you send your last e-mail?'"

Yao explains that it should not be difficult for an online service provider to formulate these kinds of security questions by looking at its users' e-mail, calendar activities or previous transactions. Computers would have use natural language processing tools to synthesize understandable questions and analyze the answers for accuracy.

Yao is proposing further studies to determine the practicality of the new approach and the best way to implement it.

Yao's work is funded in part by grants from the National Science Foundation.


Story Source:

The above story is based on materials provided by Rutgers University. Note: Materials may be edited for content and length.


Cite This Page:

Rutgers University. "Computer Scientists Work To Strengthen Online Security." ScienceDaily. ScienceDaily, 9 November 2009. <www.sciencedaily.com/releases/2009/11/091109121203.htm>.
Rutgers University. (2009, November 9). Computer Scientists Work To Strengthen Online Security. ScienceDaily. Retrieved April 23, 2014 from www.sciencedaily.com/releases/2009/11/091109121203.htm
Rutgers University. "Computer Scientists Work To Strengthen Online Security." ScienceDaily. www.sciencedaily.com/releases/2009/11/091109121203.htm (accessed April 23, 2014).

Share This



More Computers & Math News

Wednesday, April 23, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

High Court to Hear Dispute of TV Over Internet

High Court to Hear Dispute of TV Over Internet

AP (Apr. 22, 2014) The future of Aereo, an online service that provides over-the-air TV channels, hinges on a battle with broadcasters that goes before the U.S. Supreme Court on Tuesday. (April 22) Video provided by AP
Powered by NewsLook.com
Aereo Takes on Broadcast TV Titans in Supreme Court Today

Aereo Takes on Broadcast TV Titans in Supreme Court Today

TheStreet (Apr. 22, 2014) Aereo heads to the Supreme Court today to fight for its right to stream broadcast TV over the Internet -- against broadcasters who say the start-up infringes upon copyright law. TheStreet Deputy Managing Editor Leon Lazaroff explains the importance of the case in the TV industry and details what the outcome of it could mean for broadcasters and for cloud storage services -- as Aereo allows its subscribers to not just watch live TV shows but also store content to a DVR in the cloud. Video provided by TheStreet
Powered by NewsLook.com
Lytro Introduces 'Illum,' A Professional Light-Field Camera

Lytro Introduces 'Illum,' A Professional Light-Field Camera

Newsy (Apr. 22, 2014) The light-field photography engineers at Lytro unveiled their next innovation: a professional DSLR-like camera called "Illum." Video provided by Newsy
Powered by NewsLook.com
Netflix To Raise Prices For New Subscribers

Netflix To Raise Prices For New Subscribers

Newsy (Apr. 21, 2014) Netflix executives say they don't think a $1 or $2 price hike will hurt the service, and they have their sites set on overtaking HBO. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins