Angelika Moscicki
Authored Publications
Sort By
Evaluating Login Challenges as a Defense Against Account Takeover
Periwinkle Doerfler
Maija Marincenko
Juri Ranieri
Yu Jiang
Damon McCoy
(2019)
Preview abstract
In this paper, we study the efficacy of login challenges at preventing account
takeover, as well as evaluate the amount of friction these challenges create for
normal users. These secondary authentication factors---presently deployed at
Google, Microsoft, and other major identity providers as part of risk-aware
authentication---trigger in response to a suspicious login or account recovery
attempt. Using Google as a case study, we evaluate the effectiveness of fourteen
device-based, delegation-based, knowledge-based, and resource-based challenges
at preventing over 350,000 real-world hijacking attempts stemming from automated
bots, phishers, and targeted attackers. We show that knowledge-based challenges
prevent as few as 10% of hijacking attempts rooted in phishing and 73% of
automated hijacking attempts. Device-based challenges provide the best
protection, blocking over 94% of hijacking attempts rooted in phishing and
100% of automated hijacking attempts. We evaluate the usability limitations of
each challenge based on a sample of 1.2M legitimate users. Our results
illustrate that login challenges act as an important barrier to hijacking, but
that friction in the process leads to 52% of legitimate users failing to
sign-in---though 97% of users eventually access their account in a short period.
View details
Data breaches, phishing, or malware? Understanding the risks of stolen credentials
Frank Li
Juri Ranieri
Yarik Markov
Oxana Comanescu
Vijay Eranti
Daniel Margolis
Vern Paxson
(2017)
Preview abstract
In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Over the course of March, 2016--March, 2017, we identify 788,000 potential victims of off-the-shelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums. Using this dataset, we explore to what degree the stolen passwords---which originate from thousands of online services---enable an attacker to obtain a victim's valid email credentials---and thus complete control of their online identity due to transitive trust. Drawing upon Google as a case study, we find 7--25\% of exposed passwords match a victim's Google account. For these accounts, we show how hardening authentication mechanisms to include additional risk signals such as a user's historical geolocations and device profiles helps to mitigate the risk of hijacking. Beyond these risk metrics, we delve into the global reach of the miscreants involved in credential theft and the blackhat tools they rely on. We observe a remarkable lack of external pressure on bad actors, with phishing kit playbooks and keylogger capabilities remaining largely unchanged since the mid-2000s.
View details
Easy Does It: More Usable CAPTCHAs
Celine Fabry
Steven Bethard
John C. Mitchell
Dan Jurafasky
CHI '14 Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, ACM, 1600 Amphitheatre Pkwy (2014), pp. 2637-2646
Preview abstract
Websites present users with puzzles called CAPTCHAs to curb abuse caused by computer algorithms masquerading as people. While CAPTCHAs are generally effective at stopping abuse, they might impair website usability if they are not properly designed. In this paper we describe how we designed two new CAPTCHA schemes for Google that focus on maximizing usability. We began by running an evaluation on Amazon Mechanical Turk with over 27,000 respondents to test the us- ability of different feature combinations. Then we studied user preferences using Google’s consumer survey infrastructure. Finally, drawing on the insights gleaned during those studies, we tested our new captcha schemes first on Mechanical Turk and then on a fraction of production traffic. The resulting scheme is now an integral part of our production system and is served to millions of users. Our scheme achieved a 95.3% human accuracy, a 6.7% improvement.
View details
The End is Nigh: Generic Solving of Text-based CAPTCHAs
Jonathan Aigrain
John C. Mitchell
WOOT'14 Proceedings of the 8th USENIX conference on Offensive Technologies, Usenix (2014)
Preview abstract
Over the last decade, it has become well-established that a captcha’s ability to withstand automated solving lies in the difficulty of segmenting the image into individual characters. The standard approach to solving captchas automatically has been a sequential process wherein a segmentation algorithm splits the image into segments that contain individual characters, followed by a character recognition step that uses machine learning. While this approach has been effective against particular captcha schemes, its generality is limited by the segmentation step, which is hand-crafted to defeat the distortion at hand. No general algorithm is known for the character collapsing anti-segmentation technique used by most prominent real world captcha schemes.
This paper introduces a novel approach to solving captchas in a single step that uses machine learning to attack the segmentation and the recognition problems simultaneously. Performing both operations jointly allows our algorithm to exploit information and context that is not available when they are done sequentially. At the same time, it removes the need for any hand-crafted component, making our approach generalize to new captcha schemes where the previous approach can not. We were able to solve all the real world captcha schemes we evaluated ac- curately enough to consider the scheme insecure in practice, including Yahoo (5.33%) and ReCaptcha (33.34%), without any adjustments to the algorithm or its parameters. Our success against the Baidu (38.68%) and CNN (51.09%) schemes that use occluding lines as well as character collapsing leads us to believe that our approach is able to defeat occluding lines in an equally general manner. The effectiveness and universality of our results suggests that combining segmentation and recognition is the next evolution of captcha solving, and that it supersedes the sequential approach used in earlier works. More generally, our approach raises questions about how to develop sufficiently secure captchas in the future.
View details
