Takumi Yamamoto’s research while affiliated with Shizuoka University and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (10)


A Keystroke Logger Detection Using Keyboard-Input-Related API Monitoring
  • Conference Paper

September 2011

·

232 Reads

·

9 Citations

Kohei Nasaka

·

Tomohiro Takami

·

Takumi Yamamoto

·

Masakatsu Nishigaki

Recently, keystroke logger is becoming a major security issue. Keystroke logger is a malware that steels user's keyboard input without his or her informed consent. Keyboard input related Application Programming Interfaces (APIs) are commonly used by keystroke logger software to illegally record users' keystrokes. This paper proposes a security scheme to protect against keystroke loggers by using a DLL to detect illegal use of APIs. By executing a program with the DLL, we can check whether the program includes any of these keyboard-input-related APIs or not.


A Study on a Practical Measure against Billing Frauds

September 2011

·

22 Reads

·

3 Citations

Recently, the damage of billing fraud has been increasing, in which a fraudster asks a victim by telephone to pay money into the fraudster's bank account. So far, although several measures against billing fraud have been proposed, their usability and detection accuracies are still insufficient. Moreover, most of the measures will only work during conversation between the victim and the fraudster. Once conversation starts, the fraudster can cheat the victim with cajoling words. Therefore the measure against billing fraud should have the capability to detect and block the hone call from the fraudster automatically, or a function which allows victims to confirm the authenticity of the caller before the conversation starts. In this paper we study a measure to resolve these problems in a practical manner.


A Proposal of Four-Panel Cartoon CAPTCHA: The Concept

September 2010

·

66 Reads

·

13 Citations

CAPTCHA is a technique that is used to prevent automatic programs from being able to acquire free e-mail or online service accounts. However, as many researchers have already reported, conventional CAPTCHA could be overcome by state-of-the-art malware since the capabilities of computers are approaching those of humans. Therefore, CAPTCHA should be based on even more advanced human-cognitive-processing abilities. In addition, it is also important to keep in mind that answering CAPTCHA is an added annoyance for users, who feel troublesome to prove that they are human at every Web access. So, CAPTCHA should be enjoyable for users. To cope with these issues, this paper focuses on using the human ability to understand humor, which represents the ultimate in human cognitive processing abilities, and propose a new CAPTCHA that uses four-panel cartoons.



CAPTCHA using strangeness in machine translation

January 2010

·

96 Reads

·

30 Citations

CAPTCHA is a technique that is used to prevent automatic programs from being able to acquire free e-mail or online service accounts. However, as many researchers have already reported, conventional CAPTCHA could be overcome by state-of-the-art malware since the capabilities of computers are approaching those of humans. Therefore, CAPTCHA should be based on even more advanced human-cognitive-processing abilities. We propose using the human ability of recognizing “strangeness” to achieve a new CAPTCHA. This paper focuses on strangeness in machine-translated sentences as an example, and proposes CAPTCHA using Strangeness in Sentences (SS-CAPTCHA), which detects malware by checking if users can distinguish natural sentences created by humans from machine-translated sentences. We discuss possible threats to SS-CAPTCHA and countermeasures against these threats. We also carried out basic experiments to confirm its usability by human users.


A Proposal of Efficient Remote Biometric Authentication Protocol

October 2009

·

75 Reads

·

6 Citations

Lecture Notes in Computer Science

ZeroBio has been proposed for a secure biometric authentication over the network by conducting secret computing between prover and verifier. The existing ZeroBio are based on zero-knowledge proof that a committed number lies in an interval, or on oblivious neural network evaluation. The purpose of ZeroBio is to give verifier a mean to authenticate provers with perfectly concealing provers’biometric information from verifier. However, these methods need high computational complexity and heavy network traffic. In this paper, we propose another type of ZeroBio protocol that can accomplish remote biometric authentication with lower computational complexity and lighter network traffic by tolerating small decline of security level.


Advantages of User Authentication Using Unclear Images—Automatic Generation of Decoy Images

May 2009

·

28 Reads

A user authentication system using "unclear images" as pass-images has been proposed, in which only legitimate users can understand their meaning by viewing the original images corresponding to these unclear pass-images, which are meaningless to unauthorized users. Hence, it is difficult for attackers to memorize them, even though they may have observed authentication trials by legitimate users. This paper reports another advantage of the user-authentication system using unclear images: their adaptation enables decoy images to be automatically generated, which are displayed along with the pass-images in the authentication window. Here, we explore various methods of automatically generating decoy images.



A Shoulder-Surfing-Resistant Image-Based Authentication System with Temporal Indirect Image Selection.

January 2009

·

149 Reads

·

21 Citations

Although image-based user authentication systems have gotten a lot of attention recently to reduce the burden of memorizing passwords, they can be vulnerable to shoulder- surfing attacks. To overcome this problem, shoulder-surfing- resistant image-based authentications with indirect image selection (indirect image-based authentication, or I-IBA) have been proposed. However, because they spatially arrange image-sets over a wide space, two problems with these schemes are that they require a large screen and that it is difficult for authorized users to find and select their pass- images in the wide area. Therefore, by temporally arranging the image-sets, we implemented another indirect image-based authentication scheme (temporal I-IBA, or TI-IBA) that is not constrained by the screen size and makes it easy for authorized users to recognize their pass-images. We conducted fundamental experiments to study the feasibility of TI-IBA.


Citations (9)


... The paper describes two different protocols that achieve this property for different threat models. In [52] the authors show a method for using human visual capabilities to digital rights management and user authentication based on schemas in visual memory. There have also been proposals for a method for authenticating pervasive devices with human protocols [53] and a way for message authentication for humans [54]. ...

Reference:

Review of the use of human senses and capabilities in cryptography
Making Use of Human Visual Capability to Improve Information Security
  • Citing Conference Paper
  • April 2009

... They created a risk assessment method that has been widely adopted ever since. By solving the combination of countermeasures that maximise the following formula as a combinatorial optimisation formulation (COF), they created a method that can be implemented even by people without expertise [3,17]. ...

A Security Measure Selection Scheme with Consideration of Potential Lawsuits.
  • Citing Conference Paper
  • January 2010

... Although, our proposed AUIs were still insufficient, we believe these results represent a huge step toward making image-based authentication systems feasible. To further reduce the cognitive confusion caused by AUIs, it would be more effective to use information about passimages with words [8]. We expected that when a brief explanation of unclear pass-images is given in words, only legitimate users can use the explanation as a cue to recognizing his/her pass-images, while no illegal users will be able to understand the cue as was confirmed in the previous studies [6] [8]. ...

Improvement of User Authentication Using Schema of Visual Memory: Guidance by Verbal Cue.
  • Citing Conference Paper
  • January 2007

... By overlaying text onto background images after applying filters, some provide a word or short phrase and ask the user to click on the corresponding characters in the image in the correct sequence to verify users. [89] proposes SS-CAPTCHA, which leverages the human ability to recognise strangeness in translated sentences to detect malware. correction. ...

CAPTCHA using strangeness in machine translation
  • Citing Conference Paper
  • January 2010

... A machine translation program is used to translate natural sentences from the non-mother tongue into a mother-tongue language. Yamamoto et al. [75] developed a Four Panel CAPTCHA. It is a funny CAPTCHA because the user must be able to understand the humor. ...

A Proposal of Four-Panel Cartoon CAPTCHA: The Concept
  • Citing Conference Paper
  • September 2010

... A Backdoor is a malicious code or program that can pass and break authentication or other security controls to access an operating system or computer's data. Backdoors allow the attackers to gain access with no authentication and execute commands in the compromised system [5]. ...

A Keystroke Logger Detection Using Keyboard-Input-Related API Monitoring
  • Citing Conference Paper
  • September 2011

... Therefore, there shall be need to eliminate this technique. The measure against this type of fraud will be discussed later [7]. Billing fraud has been classified into four by the Tokyo Metropolitan Police Department; "It's Me!" fraud, fictitious claims fraud, Loan guarantee fraud, and money repayment fraud. ...

A Study on a Practical Measure against Billing Frauds
  • Citing Conference Paper
  • September 2011

... Eine Möglichkeit, um dieses Problem zu lösen, wären biometrische Zero-Knowledge-Proof (ZKP) Verfahren (vgl. Tran et al. 2022;Sakashita et al. 2009), die es dem Sensor ermöglichen würden, zu beweisen, dass er gerade die Biometrie einer bestimmten Person gemessen hat, ohne die Messdaten an den Identity Agent weiterzugeben. Allerdings sind diese ZKP-Verfahren nur für den 1 W 1-Vergleich, also die biometrische Authentifizierung einer Person und nicht für den 1 W N -Abgleich, also die biometrische Identifizierung geeignet. ...

A Proposal of Efficient Remote Biometric Authentication Protocol
  • Citing Conference Paper
  • October 2009

Lecture Notes in Computer Science