{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T18:34:48Z","timestamp":1772217288475,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,12,9]],"date-time":"2019-12-09T00:00:00Z","timestamp":1575849600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,12,9]]},"DOI":"10.1145\/3359789.3359832","type":"proceedings-article","created":{"date-parts":[[2019,11,22]],"date-time":"2019-11-22T18:41:59Z","timestamp":1574448119000},"page":"732-746","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["I know what you did last login"],"prefix":"10.1145","author":[{"given":"Ayako Akiyama","family":"Hasegawa","sequence":"first","affiliation":[{"name":"NTT Secure Platform Laboratories"}]},{"given":"Takuya","family":"Watanabe","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Laboratories"}]},{"given":"Eitaro","family":"Shioji","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Laboratories"}]},{"given":"Mitsuaki","family":"Akiyama","sequence":"additional","affiliation":[{"name":"NTT Secure Platform Laboratories"}]}],"member":"320","published-online":{"date-parts":[[2019,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.7249\/RR1187"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/AICCSA.2009.5069395"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.24"},{"key":"e_1_3_2_1_4_1","unstructured":"Amazon. 2005 (accessed June 14 2019). Amazon Mechanical Turk. https:\/\/www.mturk.com\/.  Amazon. 2005 (accessed June 14 2019). Amazon Mechanical Turk. https:\/\/www.mturk.com\/."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_22"},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 9th Workshop on the Economics of Information Security (WEIS'10)","author":"Bonneau Joseph","year":"2010","unstructured":"Joseph Bonneau and S\u00f6ren Preibusch . 2010 . The password thicket: technical and market failures in human authentication on the web . In Proceedings of the 9th Workshop on the Economics of Information Security (WEIS'10) . Joseph Bonneau and S\u00f6ren Preibusch. 2010. The password thicket: technical and market failures in human authentication on the web. In Proceedings of the 9th Workshop on the Economics of Information Security (WEIS'10)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242656"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00061"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-22263-4_1"},{"key":"e_1_3_2_1_10_1","volume-title":"Cyberstalking in a large sample of social network users: prevalence, characteristics, and impact upon victims. Cyberpsychology, Behavior, and Social Networking 17, 2","author":"Dre\u00dfing Harald","year":"2014","unstructured":"Harald Dre\u00dfing , Josef Bailer , Anne Anders , Henriette Wagner , and Christine Gallas . 2014. Cyberstalking in a large sample of social network users: prevalence, characteristics, and impact upon victims. Cyberpsychology, Behavior, and Social Networking 17, 2 ( 2014 ). Harald Dre\u00dfing, Josef Bailer, Anne Anders, Henriette Wagner, and Christine Gallas. 2014. Cyberstalking in a large sample of social network users: prevalence, characteristics, and impact upon victims. Cyberpsychology, Behavior, and Social Networking 17, 2 (2014)."},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS'14)","author":"Egelman Serge","year":"2014","unstructured":"Serge Egelman , Sakshi Jain , Rebecca S. Portnoff , Kerwell Liao , Sunny Consolvo , and David Wagner . 2014 . Are you ready to lock? Understanding User Motivations for Smartphone Locking Behaviors . In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS'14) . 750--761. Serge Egelman, Sakshi Jain, Rebecca S. Portnoff, Kerwell Liao, Sunny Consolvo, and David Wagner. 2014. Are you ready to lock? Understanding User Motivations for Smartphone Locking Behaviors. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS'14). 750--761."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 28th USENIX Conference on Large Installation System Administration (LISA'14)","author":"Flor\u00eancio Dinei","unstructured":"Dinei Flor\u00eancio , Cormac Herley , and Paul C . Van Oorschot. 2014. An Administrator's Guide to Internet Password Research . In Proceedings of the 28th USENIX Conference on Large Installation System Administration (LISA'14) . 35--52. Dinei Flor\u00eancio, Cormac Herley, and Paul C. Van Oorschot. 2014. An Administrator's Guide to Internet Password Research. In Proceedings of the 28th USENIX Conference on Large Installation System Administration (LISA'14). 35--52."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3174241"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.162"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 10th USENIX Conference on Usable Privacy and Security (SOUPS'14)","author":"Harbach Marian","year":"2014","unstructured":"Marian Harbach , Emanuel Von Zezschwitz , Andreas Fichtner , Alexander De Luca , and Matthew Smith . 2014 . It's a hard lock life: a field study of smartphone (un)locking behavior and risk perception . In Proceedings of the 10th USENIX Conference on Usable Privacy and Security (SOUPS'14) . 213--230. Marian Harbach, Emanuel Von Zezschwitz, Andreas Fichtner, Alexander De Luca, and Matthew Smith. 2014. It's a hard lock life: a field study of smartphone (un)locking behavior and risk perception. In Proceedings of the 10th USENIX Conference on Usable Privacy and Security (SOUPS'14). 213--230."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the 24th USENIX Conference on Security Symposium (SEC'15)","author":"Karapanos Nikolaos","year":"2015","unstructured":"Nikolaos Karapanos , Claudio Marforio , Claudio Soriente , and Srdjan Capkun . 2015 . Sound-proof: usable two-factor authentication based on ambient sound . In Proceedings of the 24th USENIX Conference on Security Symposium (SEC'15) . Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. 2015. Sound-proof: usable two-factor authentication based on ambient sound. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC'15)."},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of the 14th USENIX Conference on Usable Privacy and Security (SOUPS'18)","author":"Karunakaran Sowmya","year":"2018","unstructured":"Sowmya Karunakaran , Kurt Thomas , Elie Bursztein , and Oxana Comanescu . 2018 . Data Breaches: User Comprehension, Expectations, and Concerns with Handling Exposed Data . In Proceedings of the 14th USENIX Conference on Usable Privacy and Security (SOUPS'18) . 217--229. Sowmya Karunakaran, Kurt Thomas, Elie Bursztein, and Oxana Comanescu. 2018. Data Breaches: User Comprehension, Expectations, and Concerns with Handling Exposed Data. In Proceedings of the 14th USENIX Conference on Usable Privacy and Security (SOUPS'18). 217--229."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.38"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978942.1979321"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274714"},{"key":"e_1_3_2_1_21_1","volume-title":"Cratty","author":"Lyndon Amy","year":"2011","unstructured":"Amy Lyndon , Jennifer Bonds-Raacke , and Alyssa D . Cratty . 2011 . College students' Facebook stalking of ex-partners. Cyberpsychology, Behavior, and Social Networking 14, 12 (2011). Amy Lyndon, Jennifer Bonds-Raacke, and Alyssa D. Cratty. 2011. College students' Facebook stalking of ex-partners. Cyberpsychology, Behavior, and Social Networking 14, 12 (2011)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300819"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025875"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2493190.2493223"},{"key":"e_1_3_2_1_25_1","unstructured":"OWASP. (accessed September 17 2019). ASVS (Application Security Verification Standard Project). https:\/\/www.owasp.org\/index.php\/Category:OWASP_Application_Security_Verification_Standard_Project.  OWASP. (accessed September 17 2019). ASVS (Application Security Verification Standard Project). https:\/\/www.owasp.org\/index.php\/Category:OWASP_Application_Security_Verification_Standard_Project."},{"key":"e_1_3_2_1_26_1","unstructured":"OWASP. (accessed September 17 2019). Authentication Cheat Sheet (Cheat Sheet Series). https:\/\/www.owasp.org\/index.php\/Authentication_Cheat_Sheet.  OWASP. (accessed September 17 2019). Authentication Cheat Sheet (Cheat Sheet Series). https:\/\/www.owasp.org\/index.php\/Authentication_Cheat_Sheet."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586133"},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS'12)","author":"Schrittwieser Sebastian","year":"2012","unstructured":"Sebastian Schrittwieser , Peter Fruhwirt , Peter Kieseberg , Manuel Leithner , Martin Mulazzani , Markus Huber , and Edgar Weippl . 2012 . Guess Who's Texting You? Evaluating the Security of Smartphone Messaging Applications . In Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS'12) . Sebastian Schrittwieser, Peter Fruhwirt, Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Markus Huber, and Edgar Weippl. 2012. Guess Who's Texting You? Evaluating the Security of Smartphone Messaging Applications. In Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS'12)."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2891411"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3026050"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025901"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00014"},{"key":"e_1_3_2_1_33_1","volume-title":"CAPTCHA: Using Hard AI Problems for Security.. In EUROCRYPT (Lecture Notes in Computer Science)","author":"von Ahn Luis","year":"2003","unstructured":"Luis von Ahn , Manuel Blum , Nicholas J. Hopper , and John Langford . 2003 . CAPTCHA: Using Hard AI Problems for Security.. In EUROCRYPT (Lecture Notes in Computer Science) , Vol. 2656 . Springer , 294--311. Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford. 2003. CAPTCHA: Using Hard AI Problems for Security.. In EUROCRYPT (Lecture Notes in Computer Science), Vol. 2656. Springer, 294--311."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1126\/science.1160379"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00030"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.21"},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of the 14th USENIX Conference on Usable Privacy and Security (SOUPS'18)","author":"Zou Yixin","year":"2018","unstructured":"Yixin Zou , Abraham H. Mhaidli , Austin McCall , and Florian Schaub . 2018 . \" I've Got Nothing to Lose\": Consumers' Risk Perceptions and Protective Actions after the Equifax Data Breach . In Proceedings of the 14th USENIX Conference on Usable Privacy and Security (SOUPS'18) . 197--216. Yixin Zou, Abraham H. Mhaidli, Austin McCall, and Florian Schaub. 2018. \"I've Got Nothing to Lose\": Consumers' Risk Perceptions and Protective Actions after the Equifax Data Breach. In Proceedings of the 14th USENIX Conference on Usable Privacy and Security (SOUPS'18). 197--216."}],"event":{"name":"ACSAC '19: 2019 Annual Computer Security Applications Conference","location":"San Juan Puerto Rico USA","acronym":"ACSAC '19"},"container-title":["Proceedings of the 35th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3359789.3359832","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3359789.3359832","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:45:04Z","timestamp":1750203904000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3359789.3359832"}},"subtitle":["inconsistent messages tell existence of a target's account to insiders"],"short-title":[],"issued":{"date-parts":[[2019,12,9]]},"references-count":37,"alternative-id":["10.1145\/3359789.3359832","10.1145\/3359789"],"URL":"https:\/\/doi.org\/10.1145\/3359789.3359832","relation":{},"subject":[],"published":{"date-parts":[[2019,12,9]]},"assertion":[{"value":"2019-12-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}