Author image not provided
 Markus Jakobsson

Add personal information
  Affiliation history
Bibliometrics: publication history
Average citations per article23.89
Citation Count2,246
Publication count94
Publication years1995-2014
Available for download28
Average downloads per article1,448.00
Downloads (cumulative)40,544
Downloads (12 Months)2,102
Downloads (6 Weeks)166
Arrow RightAuthor only
· Editor only
· Advisor only
· Other only
· All roles

See all colleagues of this author

See all subject areas


94 results found Export Results: bibtexendnoteacmrefcsv

Result 1 – 20 of 94
Result page: 1 2 3 4 5

Sort by:

1 published by ACM
February 2014 HotMobile '14: Proceedings of the 15th Workshop on Mobile Computing Systems and Applications
Publisher: ACM
Citation Count: 0
Downloads (6 Weeks): 0,   Downloads (12 Months): 24,   Downloads (Overall): 192

Full text available: PDFPDF
We propose a biometric authentication scheme suitable for multi-touch devices such as tablet computers. Our scheme is based on hand geometry. It improves on prior work by introducing a dynamic element, where movement challenges are issued based on static hand geometry data. Specifically, we demonstrate a set of multi-touch interactions ...
Keywords: hand geometry, biometric, multi-touch interaction

March 2011 LIGHTSEC '11: Proceedings of the 2011 Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications
Publisher: IEEE Computer Society
Citation Count: 3

Software-based attestation can be used for guaranteed detection of any active malware on a device. This promises a significant advance in the battle against malware, including mobile malware. However, most software based attestation methods are either heuristic or unsuitable for mobile computing – and often both. One recent software-based attestation ...
Keywords: detection, handsets, malware, software

October 2010 ISC'10: Proceedings of the 13th international conference on Information security
Publisher: Springer-Verlag
Citation Count: 36

Users are increasingly dependent on mobile devices. However, current authentication methods like password entry are significantly more frustrating and difficult to perform on these devices, leading users to create and reuse shorter passwords and pins, or no authentication at all. We present implicit authentication - authenticating users based on behavior ...
Keywords: implicit authentication, security, usability, behavior modelling

4 published by ACM
October 2010 CCSW '10: Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Publisher: ACM
Citation Count: 8
Downloads (6 Weeks): 11,   Downloads (12 Months): 110,   Downloads (Overall): 2,105

Full text available: PDFPDF
Cloud computing is a natural fit for mobile security. Typical handsets have input constraints and practical computational and power limitations, which must be respected by mobile security technologies in order to be effective. We describe how cloud computing can address these issues. Our approach is based on a flexible framework ...
Keywords: cloud computing, authentication, mobile computing

August 2010 HotSec'10: Proceedings of the 5th USENIX conference on Hot topics in security
Publisher: USENIX Association
Citation Count: 12

We introduce a practical software-based attestation approach. Our new method enables detection of any active malware (e.g., malware that executes or is activated by interrupts) - even if the infection occurred before our security measure was loaded. It works independently of computing platform, and is eminently suited to address the ...

6 published by ACM
March 2010 ACM Transactions on Information and System Security (TISSEC): Volume 13 Issue 2, February 2010
Publisher: ACM
Citation Count: 2
Downloads (6 Weeks): 2,   Downloads (12 Months): 8,   Downloads (Overall): 357

Full text available: PDFPDF
Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server administrators—remains a troubling source of vulnerability. An administrator's cooperation could be the resulting coercion, bribery, or a simple change of ...
Keywords: Anonymous messaging, insider threat, electronic voting, re-encryption mix-network, zero-knowledge protocol

January 2010 Towards Trustworthy Elections: new Directions in Electronic Voting
Publisher: Springer-Verlag
Citation Count: 9

We introduce a model for electronic election schemes that involves a more powerful adversary than previous work. In particular, we allow the adversary to demand of coerced voters that they vote in a particular manner, abstain from voting, or even disclose their secret keys. We define a scheme to be ...
Keywords: receipt-freeness, electronic voting, mix networks, coercion-resistance

8 published by ACM
November 2009 CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security
Publisher: ACM
Citation Count: 89
Downloads (6 Weeks): 46,   Downloads (12 Months): 558,   Downloads (Overall): 10,700

Full text available: PDFPDF
Cloud computing is clearly one of today's most enticing technology areas due, at least in part, to its cost-efficiency and flexibility. However, despite the surge in activity and interest, there are significant, persistent concerns about cloud computing that are impeding momentum and will eventually compromise the vision of cloud computing ...
Keywords: cloud computing, privacy, security

9 published by ACM
November 2009 AISec '09: Proceedings of the 2nd ACM workshop on Security and artificial intelligence
Publisher: ACM
Citation Count: 1
Downloads (6 Weeks): 1,   Downloads (12 Months): 9,   Downloads (Overall): 397

Full text available: PDFPDF
We argue that the CAPTCHA in its current incarnation may be near the end of its useful life, and propose an alternative throttling mechanism to control access to web resources. We analyze our proposed solution against a collection of realistic adversaries and conclude that it is a viable approach. As ...
Keywords: cloning, dns poisoning, malware, usability, scripting, access, cookie theft, captcha, throttle

10 published by ACM
September 2009 NSPW '09: Proceedings of the 2009 workshop on New security paradigms workshop
Publisher: ACM
Citation Count: 5
Downloads (6 Weeks): 1,   Downloads (12 Months): 12,   Downloads (Overall): 544

Full text available: PdfPdf
We review the intertwined problems of malware and online fraud, and argue that the fact that service providers often are nancially responsible for fraud causes a relative lack of incentives for clients to manage their own security well. This suggests the need for a server-side tool to determine the security ...
Keywords: incentive compatible, infection, mobile, anti-virus, detection, cell phone, malware, post-mortem, audit, fraud, retroactive

August 2009 HotSec'09: Proceedings of the 4th USENIX conference on Hot topics in security
Publisher: USENIX Association
Citation Count: 30

We introduce the notion of implicit authentication - the ability to authenticate mobile users based on actions they would carry out anyway. We develop a model for how to perform implicit authentication, and describe experiments aimed at assessing the benefits of our techniques. Our preliminary findings support that this is ...

12 published by ACM
October 2008 DIM '08: Proceedings of the 4th ACM workshop on Digital identity management
Publisher: ACM
Citation Count: 4
Downloads (6 Weeks): 2,   Downloads (12 Months): 12,   Downloads (Overall): 336

Full text available: PDFPDF
We describe a technique aimed at addressing longstanding problems for password reset: security and cost. In our approach, users are authenticated using their preferences. Experiments and simulations have shown that the proposed approach is secure, fast, and easy to use. In particular, the average time for a user to complete ...
Keywords: password reset, preference-based authentication, simulation, security question

April 2008
Citation Count: 5

This book is the most current and comprehensive analysis of the state of Internet security threats right now. The review of current issues and predictions about problems years away are critical for truly understanding crimeware. Every concerned person should have a copy and use it for reference. Garth Bruen, Project ...

April 2008
Citation Count: 5

“This book is the most current and comprehensive analysis of the state of Internet security threats right now. The review of current issues and predictions about problems years away are critical for truly understanding crimeware. Every concerned person should have a copy and use it for reference.”ï�–Garth Bruen, Project KnujOn ...

15 published by ACM
April 2008 CHI '08: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Publisher: ACM
Citation Count: 17
Downloads (6 Weeks): 4,   Downloads (12 Months): 28,   Downloads (Overall): 815

Full text available: PDFPDF
Passwords are ubiquitous, and users and service providers alike rely on them for their security. However, good passwords may sometimes be hard to remember. For years, security practitioners have battled with the dilemma of how to authenticate people who have forgotten their passwords. Existing approaches suffer from high false positive ...
Keywords: reset, security question, password, entry error, security

April 2008 Cryptologia: Volume 32 Issue 2, April 2008
Publisher: Taylor & Francis, Inc.
Citation Count: 3

While good user education can hardly secure a system, we believe that poor user education can put it at serious risk. The current problem of online fraud is exasperated by the fact that most users make security decisions, such as whether to install a given piece of software or not, ...
Keywords: cartoons, experiments, security, education

March 2008 IEEE Security and Privacy: Volume 6 Issue 2, March 2008
Publisher: IEEE Educational Activities Department
Citation Count: 9

The authors argue that user studies are vital in order to improve our understanding of online fraud and other sociotechnical security problems. They then provide an overview of common approaches and describe how to carry out the approach that they believe results in the most accurate measurements, the so-called naturalistic ...
Keywords: debriefing, deceit, phishing, fraud, subject-expectancy bias, deceit, debriefing, ethics, experiment, fraud, naturalistic, phishing, subject-expectancy bias, ethics, experiment, naturalistic

18 published by ACM
February 2008 HotMobile '08: Proceedings of the 9th workshop on Mobile computing systems and applications
Publisher: ACM
Citation Count: 14
Downloads (6 Weeks): 3,   Downloads (12 Months): 21,   Downloads (Overall): 421

Full text available: PDFPDF
We show how to convert regular keyboard-entry CAPTCHAs into clickable CAPTCHAs. The goal of this conversion is to simplify and speed-up the entry of the CAPTCHA solution, to minimize user frustration and permit the use of CAPTCHAs on devices where they would otherwise be unsuitable. We propose a technique for ...
Keywords: reverse Turing test, CAPTCHA, mobile devices, usability

February 2008 International Journal of Applied Cryptography: Volume 1 Issue 1, February 2008
Publisher: Inderscience Publishers
Citation Count: 4

We present a new authentication protocol called Delayed Password Disclosure (DPD). Based on the traditional username and password paradigm, the protocol's goal is aimed at reducing the effectiveness of phishing/spoofing attacks that are becoming increasingly problematic for Internet users. This is done by providing the user with dynamic feedback while ...
Keywords: decisional Diffie-Hellman, doppelganger, oblivious transfer, PAKE, applied cryptography, delayed password disclosure, secure user interfaces, spoofing attacks, security degradation, authentication protocols, password authenticated key exchange, phishing, static Diffie-Hellman

December 2007 ICICS'07: Proceedings of the 9th international conference on Information and communications security
Publisher: Springer-Verlag
Citation Count: 8

This paper describes an attack concept termed Drive-by Pharming where an attacker sets up a web page that, when simply viewed by the victim (on a JavaScript-enabled browser), attempts to change the DNS server settings on the victim's home broadband router. As a result, future DNS queries are resolved by ...

The ACM Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us