USENIX Enigma 2016 - Server-side Second Factors... logo

USENIX Enigma 2016 - Server-side Second Factors...

Feb 22, 2016
David Freeman, Head of Anti-Abuse Engineering, LinkedIn Corporation In this work we propose a statistical framework for measuring the validity of a login attempt. We built a prototype implementation and tested on real login data from LinkedIn using only two features: IP address and browser’s useragent. We find that we can achieve good accuracy using only user login history and reputation systems; in particular, a nascent service with no labeled account takeover data can still use our framework to protect its users. When combined with labeled data, our system can achieve even higher accuracy. Sign up to find out more about Enigma conferences: Watch all Enigma 2016 videos at: