EvoSec 2025W Lecture 14: Difference between revisions
Created page with "==Readings== * [https://homeostasis.scs.carleton.ca/~soma/pubs/somayaji-nspw2013.pdf Somayaji, "Towards Narrative Authentication: or, against boring authentication." (NSPW 2013)] ==Discussion Questions== * How quickly can you verify that another person knows the same story that you do? Can someone who doesn't know the story fool you easily? * Are there stories that are known to friends and family but that are not written down anywhere? * Could any social media or fina..." |
|||
| Line 10: | Line 10: | ||
==Notes== | ==Notes== | ||
<pre> | |||
Lecture 14 | |||
---------- | |||
If you haven't finished your early lit review yet, please get it to me by the end of the week | |||
- for those who have submitted, I will get you feed back soon! | |||
G1 | |||
- protects against non-targeted attacks but may be more vulnerable to targeted attacks, with LLMs | |||
- if the story's generic may be easy to guess, needs to be different | |||
- sibling stories! | |||
- your social media feed tells a lot about you, as does your record of financial transactions, can even know you're pregnant before you do! | |||
- narrative authentication allows for better two-way trust, potentially | |||
- "sharing a story" could actually involve lots of differences in how the story went | |||
G2 | |||
- making up details (and waiting for the "wait a minute" remark) can help you figure out whether someone shares the same story | |||
- oral traditions in aboriginal societies | |||
- "mandela effect" - misremembering stories collectively | |||
- meaningful interactions with a site can lead to interesting stories | |||
G3 | |||
- LLM internal model would be probability based, could be hacked | |||
- social engineer details out of people | |||
- easiest attacks target people | |||
- new security issue, hacking LLMs to bypass authentication! | |||
- more complex narratives are more secure but harder to remember | |||
- if it's too much work to create authentication credentials users won't do it | |||
G4 | |||
- could LLMs guess based on context clues? | |||
- 12 year old male with an interest in baseball -> probably a predictable birthday cake | |||
- but made-up details could help you catch impersonators but could fool legit people | |||
- would need details that people wouldn't forget | |||
- instagram knows who you are creeping | |||
- link history can tell a lot, e.g., tell e-commerce site what you are interested in | |||
How do we recognize and trust each other? | |||
- and what would it mean for the same approach to apply to computational systems | |||
good narratives implicitly are based on a model of their audience | |||
- biased towards "interesting" bits with an "interesting" structure | |||
- interesting => high information content, not knowable just from priors | |||
</pre> | |||
Latest revision as of 18:48, 4 March 2025
Readings
Discussion Questions
- How quickly can you verify that another person knows the same story that you do? Can someone who doesn't know the story fool you easily?
- Are there stories that are known to friends and family but that are not written down anywhere?
- Could any social media or financial site "tell a story" about your interaction with them that isn't generally known?
Notes
Lecture 14 ---------- If you haven't finished your early lit review yet, please get it to me by the end of the week - for those who have submitted, I will get you feed back soon! G1 - protects against non-targeted attacks but may be more vulnerable to targeted attacks, with LLMs - if the story's generic may be easy to guess, needs to be different - sibling stories! - your social media feed tells a lot about you, as does your record of financial transactions, can even know you're pregnant before you do! - narrative authentication allows for better two-way trust, potentially - "sharing a story" could actually involve lots of differences in how the story went G2 - making up details (and waiting for the "wait a minute" remark) can help you figure out whether someone shares the same story - oral traditions in aboriginal societies - "mandela effect" - misremembering stories collectively - meaningful interactions with a site can lead to interesting stories G3 - LLM internal model would be probability based, could be hacked - social engineer details out of people - easiest attacks target people - new security issue, hacking LLMs to bypass authentication! - more complex narratives are more secure but harder to remember - if it's too much work to create authentication credentials users won't do it G4 - could LLMs guess based on context clues? - 12 year old male with an interest in baseball -> probably a predictable birthday cake - but made-up details could help you catch impersonators but could fool legit people - would need details that people wouldn't forget - instagram knows who you are creeping - link history can tell a lot, e.g., tell e-commerce site what you are interested in How do we recognize and trust each other? - and what would it mean for the same approach to apply to computational systems good narratives implicitly are based on a model of their audience - biased towards "interesting" bits with an "interesting" structure - interesting => high information content, not knowable just from priors