Australian Information Security Management Conference
Document Type
Conference Proceeding
ISBN
978-0-6481270-8-6
Abstract
Passwords are broken. Multi-factor Authentication overcomes password insecurities, but its potentials are often not realised. This article presents InSight, a system to actively identify perpetrators by deceitful adaptation of the accessible system resources using Multi-factor Authentication profiles. This approach improves authentication reliability and attributes users by computing trust scores against profiles. Based on this score, certain functionality is locked, unlocked, buffered, or redirected to a deceptive honeypot, which is used for attribution. The novelty of this approach is twofold; a profile-based multi-factor authentication approach that is combined with a gradient, deceptive honeypot.
DOI
10.4225/75/5a84f8fe95b4f
Comments
Nicholson, A., Janicke, H., Jones, A., & Alnajaar, A. (2017). Deceptive security based on authentication profiling. In Valli, C. (Ed.). (2017). The Proceedings of 15th Australian Information Security Management Conference, 5-6 December, 2017, Edith Cowan University, Perth, Western Australia. (pp.140-148).