Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Entire DC Network
Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar
Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar
Australian Information Security Management Conference
Passwords are broken. Multi-factor Authentication overcomes password insecurities, but its potentials are often not realised. This article presents InSight, a system to actively identify perpetrators by deceitful adaptation of the accessible system resources using Multi-factor Authentication profiles. This approach improves authentication reliability and attributes users by computing trust scores against profiles. Based on this score, certain functionality is locked, unlocked, buffered, or redirected to a deceptive honeypot, which is used for attribution. The novelty of this approach is twofold; a profile-based multi-factor authentication approach that is combined with a gradient, deceptive honeypot.