Innocent by Association: Early Recognition of Legitimate Users
Author(s): Yinglian Xie, Fang Yu, Qifa Ke, Martin Abadi, Eliot Gillum, Krish Vitaldevaria

Date: October 2012
Publication: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS '12
Page(s): 353 - 364
Publisher: ACM
Source 1: http://users.soe.ucsc.edu/~abadi/Papers/souche.pdf
Source 2: http://research.microsoft.com/pubs/168778/ccs12-xie.pdf
Source 3: http://dx.doi.org/10.1145/2382196.2382235 - Subscription or payment required

Abstract:
This paper presents the design and implementation of Souche, a system that recognizes legitimate users early in online services. This early recognition contributes to both usability and security. Souche leverages social connections established over time. Legitimate users help identify other legitimate users through an implicit vouching process, strategically controlled within vouching trees. Souche is lightweight and fully transparent to users. In our evaluation on a real dataset of several hundred million users, Souche can efficiently identify 85% of legitimate users early, while reducing the percentage of falsely admitted malicious users from 44% to 2.4%. Our evaluation further indicates that Souche is robust in the presence of compromised accounts. It is generally applicable to enhance usability and security for a wide class of online services.

PasswordResearch.com Note: Additional authors listed for this paper: Jason Walter, Junxian Huang, Zhuoqing Morley Mao


Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com