Cookies Policy
The website need some cookies and similar means to function. If you permit us, we will use those means to collect data on your visits for aggregated statistics to improve our service. Find out More
Accept Reject
  • Menu
Interest
Topics
Details

Details

001
Publications

2020

Skeptic: Automatic, Justified and Privacy-Preserving Password Composition Policy Selection

Authors
Johnson, SA; Ferreira, JF; Mendes, A; Cordry, J;

Publication
CoRR

Abstract

2020

Evaluating the Accuracy of Password Strength Meters using Off-The-Shelf Guessing Attacks

Authors
Pereira, D; Ferreira, JF; Mendes, A;

Publication
2020 IEEE International Symposium on Software Reliability Engineering Workshops, ISSRE Workshops, Coimbra, Portugal, October 12-15, 2020

Abstract
In this paper we measure the accuracy of password strength meters (PSMs) using password guessing resistance against off-the-shelf guessing attacks. We consider 13 PSMs, 5 different attack tools, and a random selection of 60,000 passwords extracted from three different datasets of real-world password leaks. Our results show that a significant percentage of passwords classified as strong were cracked, thus suggesting that current password strength estimation methods can be improved. © 2020 IEEE.

2019

Lost in disclosure: On the inference of password composition policies

Authors
Johnson, SA; Ferreira, J; Mendes, A; Cordry, J;

Publication
Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019

Abstract
Large-scale password data breaches are becoming increasingly commonplace, which has enabled researchers to produce a substantial body of password security research utilising real-world password datasets, which often contain numbers of records in the tens or even hundreds of millions. While much study has been conducted on how password composition policies-sets of rules that a user must abide by when creating a password-influence the distribution of user-chosen passwords on a system, much less research has been done on inferring the password composition policy that a given set of user-chosen passwords was created under. In this paper, we state the problem with the naive approach to this challenge, and suggest a simple approach that produces more reliable results. We also present pol-infer, a tool that implements this approach, and demonstrates its use in inferring password composition policies. © 2019 IEEE.

2019

Logic, Algebra, and Geometry at the Foundation of Computer Science

Authors
Hoare, T; Mendes, A; Ferreira, JF;

Publication
Formal Methods Teaching - Third International Workshop and Tutorial, FMTea 2019, Held as Part of the Third World Congress on Formal Methods, FM 2019, Porto, Portugal, October 7, 2019, Proceedings

Abstract
This paper shows by examples how the Theory of Programming can be taught to first-year CS undergraduates. The only prerequisite is their High School acquaintance with algebra, geometry, and propositional calculus. The main purpose of teaching the subject is to support practical programming assignments and projects throughout the degree course. The aims would be to increase the student’s enjoyment of programming, reduce the workload, and increase the prospect of success. © 2019, Springer Nature Switzerland AG.

2019

Open and interactive learning resources for algorithmic problem solving

Authors
Ferreira, JF; Mendes, A;

Publication
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Abstract
Algorithmic problem solving is a way of approaching and solving problems by using the advances that have been made in the principles of correct-by-construction algorithm design. The approach has been taught at first-year undergraduate level since September 2003 and, since then, a substantial amount of learning materials have been developed. However, the existing materials are distributed in a conventional and static way (e.g. as a textbook and as several documents in PDF format available online), not leveraging the capabilities provided by modern collaborative and open-source platforms. In this paper, we propose the creation of an online, open-source repository of interactive learning materials on algorithmic problem solving. We show how the existing framework Mathigon can be used to support such a repository. By being open and hosted on a platform such as GitHub, the repository enables collaboration and anyone can create and submit new material. Furthermore, by making the material interactive, we hope to encourage engagement with and a better understanding of the materials. © Springer Nature Switzerland AG 2020.