期刊文献+
共找到5篇文章
< 1 >
每页显示 20 50 100
PhishGuard: Integrating Fine-Tuned Large Language Models (LLMs) into Password Management
1
作者 Smith Patel Vijay K. Madisetti 《Journal of Information Security》 2024年第4期474-493,共20页
In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approac... In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approach to embedding sophisticated phishing detection within a password manager’s framework, called PhishGuard. PhishGuard uses a Large Language Model (LLM), specifically a fine-tuned BERT algorithm that works in real time, where URLs fed by the user in the credentials are analyzed and authenticated. This approach enhances user security with its provision of real-time protection from phishing attempts. Through rigorous testing, this paper illustrates how PhishGuard has scored well in tests that measure accuracy, precision, recall, and false positive rates. 展开更多
关键词 Phishing Attacks password management Phishing Detection AI BERT Algorithm Real-Time Protection CYBERSECURITY URL Authentication
下载PDF
SplitPass: A Mutually Distrusting Two-Party Password Manager 被引量:1
2
作者 Yu-Tao Liu Dong Du +3 位作者 Yu-Bin Xia Hai-Bo Chen Bin-Yu Zang Zhenkai Liang 《Journal of Computer Science & Technology》 SCIE EI CSCD 2018年第1期98-115,共18页
Using a password manager is known to be more convenient and secure than not using one, on the assmnption that the password manager itself is safe. However recent studies show that most popular password managers have s... Using a password manager is known to be more convenient and secure than not using one, on the assmnption that the password manager itself is safe. However recent studies show that most popular password managers have security vulnerabilities that may be fooled to leak passwords without users' awareness. In this paper, we propose a new password manager, SplitPass, which vertically separates both the storage and access of passwords into two mutually distrusting parties. During login, all the parties will collaborate to send their password shares to the web server, but none of these parties will ever have the complete password, which significantly raises the bar of a successful attack to compromise all of tile parties. To retain transparency to existing applications and web servers, SplitPass seamlessly splits the secure sockets layer (SSL) and transport layer security (TCP) sessions to process on all parties, and makes the joining of two password shares transparent to the web servers. We have implemented SplitPass using an Android phone and a cloud assistant and evaluated it using 100 apps from top free apps in the Android official market. The evaluation shows that SplitPass securely protects users' passwords, while incurring little performance overhead and power consumption. 展开更多
关键词 password manager privacy protection mobile-cloud system
原文传递
Implementation of a TPM-Based Security Enhanced Browser Password Manager 被引量:1
3
作者 HE Yuchen WANG Rui SHI Wenchang 《Wuhan University Journal of Natural Sciences》 CAS CSCD 2016年第1期56-62,共7页
In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which... In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.Abstract: In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable. 展开更多
关键词 trusted platform module(TPM) password manager trusted encryption decryption
原文传递
Introducing CHIPDRIVE MyKey: Computer Lock and Password Manager on a Smart Card-Secured USB Stick
4
作者 Johanna Kallio Juhani Latvakoski 《射频世界》 2010年第2期75-76,共2页
Santa Ana, Calif., March 30, 2010-Having trouble remembering all your passwords? Safely store your passwords, take them wherever you go, and lock up your computer whenever you leave with
关键词 Card Computer Lock and password Manager on a Smart Card-Secured USB Stick USB
原文传递
SecureWeb: Protecting Sensitive Information Through the Web Browser Extension with a Security Token 被引量:3
5
作者 Shuang Liang Yue Zhang +3 位作者 Bo Li Xiaojie Guo Chunfu Jia Zheli Liu 《Tsinghua Science and Technology》 SCIE EI CAS CSCD 2018年第5期526-538,共13页
The leakage of sensitive data occurs on a large scale and with increasingly serious impact. It may cause privacy disclosure or even property damage. Password leakage is one of the fundamental reasons for information l... The leakage of sensitive data occurs on a large scale and with increasingly serious impact. It may cause privacy disclosure or even property damage. Password leakage is one of the fundamental reasons for information leakage, and its importance is must be emphasized because users are likely to use the same passwords for different Web application accounts. Existing approaches use a password manager and encrypted Web application to protect passwords and other sensitive data; however, they may be compromised or lack accessibility. The paper presents SecureWeb, which is a secure, practical, and user-controllable framework for mitigating the leakage of sensitive data. SecureWeb protects users' passwords and aims to provide a unified protection solution to diverse sensitive data. The efficiency of the developed schemes is demonstrated and the results indicate that it has a low overhead and are of practical use. 展开更多
关键词 password manager data privacy format-preserving encryption Shadow Document Object Model(DOM)
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部