This post discusses practical attacks against poker cheating devices designed to detect and jam these devices.
Research about the security and memorability of secret questions based of their deployment at Google. This paper won best student paper award at WWW'15.
Study of how manual account hijacking is performed based of Google data. Research include an analysis of the hijacking workflow and the best defense strategies to defend against such adversaries.
Paper about a novel generic approach to solving captchas using a single step that uses machine learning to attack the segmentation and the recognition problems simultaneously. Our tests show that this approac is able solve all the real world captcha schemes evaluated including Yahoo (5.33%) and ReCaptcha (33.34%), without any adjustments to the algorithm or its parameters. Our success against the Baidu (38.68%) and CNN (51.09%) schemes that use occluding lines as well as character collapsing leads us to believe that our approach is able to defeat occluding lines in an equally general manner.
This talk about how to use Machine learning to attack trading cards games using Hearthstone as an example.
First paper on how to use behavioral data to determine content sensitivity, via the clues that users give as to what information they consider private or sensitive through their use of Quora privacy enhancing product features. We show that data sensitivity is a nuanced measure that should be viewed on a continuum rather than as a binary concept, and advance the idea that machine learning over behavioral data can be effectively used in order to develop product features that can help keep users safe.
This paper we describe how we designed a new CAPTCHA schemes for Google that focus on maximizing usability. Our new scheme which is now an integral part of Google sign-up and is served to millions of users, achieved a 95.3% human accuracy, a 6.7% improvement compared to the old one.
We show how using a generic approach, based on advanced audio processing and machine learning algorithm, our captcha breaker "Decaptcha" is able to break all the popular audio CAPTCHA schemes, including Microsoft and Yahoo.