[HTML][HTML] Bridging the gap: A survey and classification of research-informed Ethical Hacking tools
The majority of Ethical Hacking (EH) tools utilised in penetration testing are developed by
practitioners within the industry or underground communities. Similarly, academic …
practitioners within the industry or underground communities. Similarly, academic …
Zipf's law in passwords
Despite three decades of intensive research efforts, it remains an open question as to what
is the underlying distribution of user-generated passwords. In this paper, we make a …
is the underlying distribution of user-generated passwords. In this paper, we make a …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
That was then, this is now: A security evaluation of password generation, storage, and autofill in browser-based password managers
Password managers have the potential to help users more effectively manage their
passwords and address many of the concerns surrounding password-based authentication …
passwords and address many of the concerns surrounding password-based authentication …
Code coverage and test suite effectiveness: Empirical study with real bugs in large systems
During software maintenance, testing is a crucial activity to ensure the quality of program
code as it evolves over time. With the increasing size and complexity of software, adequate …
code as it evolves over time. With the increasing size and complexity of software, adequate …
Emailprofiler: Spearphishing filtering with header and stylometric features of emails
Spearphishing is a prominent targeted attack vector in today's Internet. By impersonating
trusted email senders through carefully crafted messages and spoofed metadata …
trusted email senders through carefully crafted messages and spoofed metadata …
On the implications of Zipf's law in passwords
Textual passwords are perhaps the most prevalent mechanism for access control over the
Internet. Despite the fact that human-beings generally select passwords in a highly skewed …
Internet. Despite the fact that human-beings generally select passwords in a highly skewed …
[PDF][PDF] A comprehensive review of honey encryption scheme
We present a comprehensive survey of the Honey Encryption (HE) scheme. Honey
Encryption is an encryption scheme that provides resilience against brute-force attack by …
Encryption is an encryption scheme that provides resilience against brute-force attack by …
Might I get pwned: A second generation compromised credential checking service
Credential stuffing attacks use stolen passwords to log into victim accounts. To defend
against these attacks, recently deployed compromised credential checking (C3) services …
against these attacks, recently deployed compromised credential checking (C3) services …
" I just stopped using one and started using the other": Motivations, Techniques, and Challenges When Switching Password Managers
This paper explores what motivates password manager (PM) users in the US to switch from
one PM to another, the techniques they employ when switching, and challenges they …
one PM to another, the techniques they employ when switching, and challenges they …