Identity theft

About: Identity theft is a research topic. Over the lifetime, 2284 publications have been published within this topic receiving 31700 citations.

Research on Model of Biometric Identification Emergency Response in Electronic Commerce

Abstract: This article proposes the concept of complete identity theft, which is possible in the time of electronic commerce of biometric identification Through the analysis of existing level of identification and its characteristics, this article proposes that there should be the relevant emergency response plan for electronic commerce of biometric identification, and also proposes the framework of biometric identification protocol on PKI and the framework of emergency response application

The Next Battlefield: The Reality of Virtual Threats

Abstract: In today's increasingly interconnected world, a person with a laptop computer can sit at a coffee shop in London and trade stocks listed on the New York Stock Exchange, transfer funds from a bank account in Zurich to an account in Tokyo, chat on an Internet phone call with a friend in Estonia, check in on his child's daycare center through a live video feed, upload a video clip of his brother's stand-up comedy performance onto You Tube, and place a bet with an online casino in Costa Rica Such are the conveniences of today's communications technology [ILLUSTRATION OMITTED] But if that same person were more maliciously inclined, he might hack into the stock exchange and alter share price information to send a target company into a downward spiral, use a stolen identity to pilfer funds from a victim's savings account, use a pseudonymous email address and encryption technology to send secret information to his spy handler, or upload to a jihadi website a video of Osama Bin Laden calling for a new wave of attacks against the United States The only constraints on his capacity to do harm are his level of technological sophistication, the defenses put in place by his intended targets, and governments' capabilities to learn about his activities and stop them A New Weapon A decade ago, when the World Wide Web was still in its infancy, the scenarios just posited would have been derided as alarmist If it was a person from the information technology industry speaking, he would have been accused of scaring people into buying new security tools If it was a policy wonk, he would have been accused of not understanding the robust and resilient nature of Internet technology And if it was a government official, he would have been accused of searching for a new mission--or new reasons for government funding--in the post-Cold War world Today skepticism about the cyber threat is more difficult to find Government agencies, companies, and individuals are all too aware of the harm that computer viruses and hackers can cause The problem now is not so much recognizing vulnerability to computer-based threats as understanding just what those threats are and what should be done to stop them One year the main concern seems to be teenage hackers defacing websites or breaking into computer networks for the thrill of causing a disruption; the next year the primary concern is fast-spreading viruses that shut down corporate networks for a few hours or even days; and the next it is international criminal groups stealing and selling credit card and social security numbers While the public face of the cyber threat changes frequently, there is an abiding spectrum of threats that is far broader, and far more dangerous, than is typically appreciated While citizens today are fearful of identity theft and the US government is focused on preventing a full-scale civil war in Iraq and avoiding another Hurricane Katrina catastrophe, the United States' current and potential adversaries--whether radical Islamic terrorists, Iran, or China--are looking for the weaknesses in the US information infrastructure and mapping out where and how they would mount a cyber attack Re-learning the Lessons of September 11 The terrorist attacks of September 11, 2001, demonstrated all too clearly the vulnerability of the United States to foreign attack Once comfortable with its physical distance from the ancient quarrels that plague the rest of the world, the United States became aware that its relatively open borders, democratic liberties, and modern technology could be turned against it to devastating effect Since September 11, the US government has focused on measures to prevent similar attacks--strengthening airport security, hardening cockpit doors, and putting air marshals on commercial flights Far less attention has been devoted to other forms of attack, some of which could be even more destructive than the September 11 attacks …

Cyber security: Threats, Vulnerabilities and Countermeasures - A Perspective on the State of Affairs in Mauritius

Abstract: Recent incident analysis from CERT-MU has found that there have been an increase in cybercrime activities including unauthorised access, electronic fraud, identity theft, denial of service, spamming and fake accounts. This paper describes the most common global vulnerabilities and threats and also provide an overview of countermeasures such as encryption, back-tracing and the use of common security standards and protocols such as ISO 127K. In addition, the security issues of emerging technologies such as IPv6, Internet of Things, and Cloud Computing are investigated. The system and infrastructure of the Mauritian Cybersecurity framework is also reviewed and recommendations are provided to build a strong and resilient cyber security framework in the country. This is particularly important given that Mauritius is embarking on the ambitious project of deploying smart cities with the integration of all these emerging technologies. Security must indeed be at the centre of all considerations in this endeavour.

Identity theft prevention in CyberCIEGE

Abstract: : The increase in online activities which involve people's identification information means that identity theft has become a widespread computer security issue. Identity theft is defined as the misuse of personal information and identity. To address this problem, an Information Assurance training tool, such as CyberCIEGE, can be used for user awareness and education. This thesis incorporated current research on identity theft attacks and prevention techniques into a customized scenario definition file for the CyberCIEGE game engine. The scenario teaches players about methods of identity theft prevention in computing and networked environments by focusing on four main prevention techniques: updating antivirus protection regularly, being cautious about executable email attachments, resisting phishing attacks, and using secure web browser connections for online transactions. After scenario development, an informal test process of the Identity Theft scenario was conducted. Testing found that the experienced and expected results coincided. Recommendations for improvement of the CyberCIEGE game engine, Scenario Definition Tool, and Identity Theft scenario were also provided.

Removing Personally Identifiable Information from Shared Dataset for Keystroke Authentication Research

Abstract: Research on keystroke dynamics has the good potential to offer continuous authentication that complements conventional authentication methods in combating insider threats and identity theft before more harm can be done to the genuine users. Unfortunately, the large amount of data required by free-text keystroke authentication often contain personally identifiable information, or PII, and personally sensitive information, such as a user’s first name and last name, username and password for an account, bank card numbers, and social security numbers. As a result, there are privacy risks associated with keystroke data that must be mitigated before they are shared with other researchers. We conduct a systematic study to remove PII’s from a recent large keystroke dataset. We find substantial amounts of PII’s from the dataset, including names, usernames and passwords, social security numbers, and bank card numbers, which, if leaked, may lead to various harms to the user, including personal embarrassment, blackmails, financial loss, and identity theft. We thoroughly evaluate the effectiveness of our detection program for each kind of PII. We demonstrate that our PII detection program can achieve near perfect recall at the expense of losing some useful information (lower precision). Finally, we demonstrate that the removal of PII’s from the original dataset has only negligible impact on the detection error tradeoff of the free-text authentication algorithm by Gunetti and Picardi. We hope that this experience report will be useful in informing the design of privacy removal in future keystroke dynamics based user authentication systems.