đź“ť
Lu's Notes
  • Personal paper reading review
  • Data Mining
    • ABF-FNN: A new fuzzy neural network for predicting coal mine gas concentration hazard
    • FNDaaS: Content-agnostic Detection of Fake News sites
    • Robust Fraud Detection via Supervised Contrastive Learning
    • FNDaaS: Content-agnostic Detection of Fake News sites
  • Education
    • Combining Demographic Tabular Data with BERT Outputs for Multilabel Text Classification in Higher Ed
  • Environment
    • Predicting Impression Evaluation of Building Exterior Appearance Using Street Image Big Data and Dee
    • Combat Greenwashing with GoalSpotter: Automatic Sustainability Objective Detection in Heterogeneous
    • A Multi-task Model for Sentiment Aided Stance Detection of Climate Change Tweets
  • LLM
    • Can ChatGPT Reproduce Human-Generated Labels? A Study of Social Computing Tasks
    • What Can Large Language Models Tell Us about Time Series Analysis
  • Library Science
    • Analyzing academic mobility of U.S. professors based on ORCID data and the Carnegie Classificationtl
  • Security
    • How WEIRD is CHI
    • How WEIRD is Usable Privacy and Security Research?
    • Batman Hacked My Password: A Subtitle-Based Analysis of Password Depiction in Movies
    • Darknet
      • “It was honestly just gambling”: Investigating the Experiences of Teenage Cryptocurrency Users on Re
      • Does Online Anonymous Market Vendor Reputation Matter?
    • IllicitPromotion
      • Understanding Cross-Platform Referral Traffic for Illicit Drug Promotion
      • Seeing is Not Always Believing: An Empirical Analysis of Fake Evidence Generators
      • Unveiling the Risks of NFT Promotion Scams
      • Moderating Illicit Online Image Promotion for Unsafe User-Generated Content Games Using Large Vision
      • DarkGram: A Large-Scale Analysis of Cybercriminal Activity Channels on
      • Lifting the Grey Curtain: Analyzing the Ecosystem of Android Scam Apps
  • Social Media
    • Getting Meta A Multimodal Approach for Detecting Unsafe Conversations within Instagram Direct Messag
    • Sliding into My DMs: Detecting Uncomfortable or Unsafe Sexual Risk Experiences within Instagram Dire
    • Cross-Lingual and Cross-Domain Crisis Classification for Low-Resource Scenarios
    • On Xing Tian and the Perseverance of Anti-China Sentiment Online
    • Auditing Algorithmic Explanations of Social Media Feeds: A Case Study of TikTok Video Explanations
    • COVIDSenti: A Large-Scale Benchmark Twitter Data Set for COVID-19 Sentiment Analysis
    • “Go eat a bat, Chang!”: On the Emergence of Sinophobic Behavior on Web Communities in the Face of CO
    • TikTok and the Art of Personalization: Investigating Exploration and Exploitation on Social Media Fe
  • image
    • Title
  • Smart Aquaculture
    • Animal Re-identification
      • An Intelligence Cattle Reidentification System Over Transport by Siamese Neural Networks and YOLO
      • Convolutional Neural Networks for individual identification in the Southern Rock Lobster supply chai
      • Few-Shot Learning for Palmprint Recognition via Meta-Siamese Network
      • Re-identification of fish individuals of undulate skate via deep learning within a few-shot context
    • Computer Vision
      • Adapting Grad-CAM for Embedding Networks
      • CLIP-ReID: Exploiting Vision-Language Model for Image Re-Identificationwithout Concrete Text Labels
      • FastReID: A Pytorch Toolbox for General InstanceRe-identification
      • GW-net: An efficient grad-CAM consistency neural network with weakening of random erasing features f
      • Style Normalization and Restitution for Generalizable Person Re-Identification
    • Hyperspectral Imaging
      • Hyperspectral imaging–based assessment of fresh meat quality: Progress and applications
    • Sensor Data
      • A Survey on Graph Neural Networks for Time Series: Forecasting, Classification, Imputation, and Anom
      • Big Data Driven Marine Environment Information Forecasting: A Time Series Prediction Network
      • Free nitrous acid prediction in ANAMMOX process using hybrid deep neural network model
      • Predicting ammonia nitrogen in surface water by a new attention-based deep learning hybrid model
      • Prediction of dissolved oxygen in a fishery pond based on gated recurrent unit (GRU)
      • Real-time in situ prediction of ocean currents
Powered by GitBook
On this page
  • Summary
  • Data & Methods
  • Results
  • Depiction of Password Attacks
  • My personal thoughts
  1. Security

Batman Hacked My Password: A Subtitle-Based Analysis of Password Depiction in Movies

Link: https://www.usenix.org/conference/soups2024/presentation/raphael

Conference: SOUPS 2024

Keywords: Usable Security, Passwords, Movies, Subtitles

Supplement: https://www.itsec.uni-hannover.de/de/usec/forschung/medien/password-depiction-in-movies#c89784

Summary

People learn knowledge from movies, influencing their perceptions about cybersecurity including heir mindset about passwords.

Data & Methods

Torrents from Reddit r/DataHoarder. The torrent contains a database (opensubs.db, 136.8 GB) of 5,719,123 subtitle files, crawled on July 24, 2022. It also contains a metadata file (subtitles_all.txt.gz, 309 MB) that includes information such as movie name, year, language, content type (movie, TV show), season, episode, IDs (IMDB, OpenSubti- tle), upload date, frame rate, and file format.

After filtering out non-English and non-movie subtitles, resulting in 97,709 movies' subtitles and metadata.

Keyword search: Password. 9 lines before and after the keyword (That said, 19 lines in total). 5,982 scenes in total

Qualitativly analyze 50 scenes by 2 authors with MaxQDA.

Analyze Password Topics and Password Attacks

Record all passwords in the subtitles and measure their strength using zxcvbn and Password Guessability Service (PGS).

Compare their strength with The Popular-200 (200 most used passwords of 2023), The Ignis 1M wordlist, and A list from the RockYou data breach.

Watch part of 21 moives to get deeper qualitative insights.

Results

Types of password-contained movies, password behavior in movie scenes, password life cycle, password sharing, and Security Best Practices.

Depiction of Password Attacks

Password guessing, where a human actively guesses candidate password based on frequent passwords, specific knowledge about a person known old passwords. (220 cases) Password hacking, where other techniques are used to obtain the password such as social engineering or shoulder surfing or using automated tools for (brute-force) guessing. (63 cases)

My personal thoughts

Pros

Leverage data from an unexpected source (movie subtitles) to analyze a real world problem (password)

Cons

The logics of relecting password-related behavior in movies to real-world behavior is not so concrete. Qualitative analysis is kinda subjective and may not be generalizable.

PreviousHow WEIRD is Usable Privacy and Security Research?NextDarknet

Last updated 3 months ago