A Large-Scale Study of Web Password Habits

Total Page:16

File Type:pdf, Size:1020Kb

A Large-Scale Study of Web Password Habits WWW 2007 / Track: Security, Privacy, Reliability, and Ethics Session: Passwords and Phishing A Large-Scale Study of Web Password Habits Dinei Florencioˆ and Cormac Herley Microsoft Research One Microsoft Way Redmond, WA, USA [email protected], [email protected] ABSTRACT to gain the secret. However, challenge response systems are We report the results of a large scale study of password use generally regarded as being more time consuming than pass- and password re-use habits. The study involved half a mil- word entry and do not seem widely deployed. One time lion users over a three month period. A client component passwords have also not seen broad acceptance. The dif- on users' machines recorded a variety of password strength, ¯culty for users of remembering many passwords is obvi- usage and frequency metrics. This allows us to measure ous. Various Password Management systems o®er to assist or estimate such quantities as the average number of pass- users by having a single sign-on using a master password words and average number of accounts each user has, how [7, 13]. Again, the use of these systems does not appear many passwords she types per day, how often passwords are widespread. For a majority of users, it appears that their shared among sites, and how often they are forgotten. We growing herd of password accounts is maintained using a get extremely detailed data on password strength, the types small collection of passwords. For a user with, e.g. 30 pass- and lengths of passwords chosen, and how they vary by site. word accounts, the problem becomes not remembering 30 The data is the ¯rst large scale study of its kind, and yields distinct passwords, but rather remembering which of 5 or 6 numerous other insights into the r^olethe passwords play in passwords was used. This appears to be done using a com- users' online experience. bination of memory, pieces of paper, trial and error (trying each of the passwords in turn), and password resets. Since passwords protect accounts with valuable assets Categories and Subject Descriptors they have increasingly been subjected to harvesting attacks. K.6.5 [Management Of Computing And Information Phishing attacks, where a victim is lured into submitting her Systems]: Security and Protection|Authentication password to a malicious site masquerading as a trusted insti- tution have increased enormously in the last few years [11]. General Terms Incidences of keylogging malware, which record keystrokes on a PC have also been rising rapidly. Unlike brute force Security attacks on passwords, both phishing and keylogging harvest strong passwords as easily as weak ones. Thus the nature Keywords of the risk surrounding password authentication has altered greatly. The longstanding problem of users choosing pass- password, authentication, measurements words that are too easily brute forced [12, 6, 3] has been joined by the new problem of users unwittingly revealing 1. INTRODUCTION their passwords in the clear. Passwords play a large part of the typical web user's expe- The convenience of web access to accounts is extremely rience. The are the near universal means for gaining access compelling, and thus the r^olethey play in the average web to accounts of all kinds. Email, banks, portals, dating and users life seems likely to increase. However we ¯nd that ¯rm social networking sites all require passwords. So important data on users' actual password habits is hard to come by. It are they that HTML has a special form ¯eld to allow for is conventional wisdom that users choose weak passwords, the special treatment they require, and an important r^oleof frequently re-use passwords across multiple sites, and often SSL is protecting the secrecy of passwords from observers of forget them. In this paper we report on a large scale study of the connection. web users habits where we measured and report these and Alternative to passwords certainly exist. Hardware au- other patterns for the ¯rst time. We obtained data from thentication, e.g. [1], is sometimes used for access to corpo- over half a million users over a period of three months. This rate networks. However, this requires an issuing authority is more than 100 times more participants than any previous and seems to be limited to environments that justify the study we are aware of. cost, such as in the employer-employee relationship. Chal- Among our interesting ¯ndings is how large a r^oleweb lenge response authentication has the advantage that ob- passwords play in users lives. The average user has 6.5 serving a single successful sign in does not allow an attacker passwords, each of which is shared across 3.9 di®erent sites. Copyright is held by the International World Wide Web Conference Com- Each user has about 25 accounts that require passwords, and mittee (IW3C2). Distribution of these papers is limited to classroom use, types an average of 8 passwords per day. That users choose and personal use by others. weak passwords has been known informally for some time; WWW 2007, May 8–12, 2007, Banff, Alberta, Canada. ACM 978-1-59593-654-7/07/0005. 657 WWW 2007 / Track: Security, Privacy, Reliability, and Ethics Session: Passwords and Phishing we are able to measure exactly how weak. Users choose PRE Report: this contains: passwords with an average bitstrength 40.54 bits. The over- ² the current (primary) URL whelming majority of users choose passwords that contain ² all of the URLs previously associated with the pass- lower case letters only (i.e. no uppercase, digits, or special word (secondary URLs) characters) unless forced to do otherwise. We were able to ² time since last login at each URL previously associated measure that 0.4% of users type passwords (on an annual- with the password ized basis) at veri¯ed phishing sites, and at least 0.2% of ² time since ¯rst login at each URL previously associated users actively maintain their own router. Finally users for- with the password get passwords a lot: we estimate that at least 1.5% of Yahoo ² the password strength users forget their passwords each month. ² number of entries in the PPL, and number of PREs In the next section we cover details of the client and the ¯led by client data gathered. In Section 3 we present our results, broken ² number of unique passwords used by this client into logical sections. In Section 4 we discuss related work. ² the age of the client. 2. EXPERIMENTAL METHOD The format of the report is Our client software shipped as a component of one skew [Up; fsU0; sU1; ¢ ¢ ¢ ; sUN¡1g; ft0; t1; ¢ ¢ ¢ ; tN¡1g; of Windows Live Toolbar. Not all toolbar users received the f¿ ;¿ ; ¢ ¢ ¢ ;¿ g; PwdStr, PPLSz, NPREs, NPwds, CAge]: component. The component was optional, and users were 0 1 N¡1 presented with an opt-in agreement. The toolbar was ¯rst Suppose for example that a user has a password that is used available for download on the Microsoft web on 7/24/2006, at PayPal, Yahoo, eBay and YouTube. The ¯rst time the and a total of 544960 clients received, opted in and activated password is typed (say at eBay) it will be added to the PPL, by 10/1/2006. and no report made to the server. This password can then be typed at eBay over and over and will generate no PRE 2.1 Client Implementation reports and no additions to the PPL. The next time it is The client consists of a module within the toolbar that typed at a site other than eBay (say Yahoo) a PRE report monitors and records Password Re-use Events (PRE's). It will be sent listing www.yahoo.com as the primary URL Up contains the following main components. and www.ebay.com/login as the secondary sU0: Now typing HTML password locator: this component scans the it at PayPal will cause a PRE report listing www.paypal. document object model in search of ¯lled-out password com as Up and www.yahoo.com and www.ebay.com/login as ¯elds, and extracts the passwords. The ¯rst task merely sU0; sU1: Observe that neither the password, nor its hash involves searching the HTML for ¯elds declared are sent in the report. There is no personally identifying inputtype="password" information in the report. and extracting the value ¯eld. This search is initiated every Note: The reason that we perform the realtime password time the browser BeforeNavigate2 event occurs. Thus we check is that we wish to be sure that we catch every Pass- ¯nd completed password ¯elds before they are sent to the word Re-use Event. If a user enters a password at URL A it server. Once the password is found it is hashed and added will be entered in the PPL by the HTML password locator. to the Protected Password List (PPL). However it is possible that the password could be typed at Protected Password List: This list contains the pass- another site that does not use a HTML password ¯eld. We word hash, the full URL of the receiving server, the bit- wish to capture and report any case where a previously used strength of the password, the current time, and minutes password is typed at another site. since both the ¯rst and last time (if any) that password was sent to that server. All of the information in the PPL is 2.1.1 Privacy stored using the Data Protection API (DPAPI) provided by A number of measures were taken to protect the privacy Windows [14] (the same API that is used to protect pass- of those who opted in. No Personally Identifying Informa- words that Windows stores).
Recommended publications
  • Online Visualization of Geospatial Stream Data Using the Worldwide Telescope
    Online Visualization of Geospatial Stream Data using the WorldWide Telescope Mohamed Ali#, Badrish Chandramouli*, Jonathan Fay*, Curtis Wong*, Steven Drucker*, Balan Sethu Raman# #Microsoft SQL Server, One Microsoft Way, Redmond WA 98052 {mali, sethur}@microsoft.com *Microsoft Research, One Microsoft Way, Redmond WA 98052 {badrishc, jfay, curtis.wong, sdrucker}@microsoft.com ABSTRACT execution query pipeline. StreamInsight has been used in the past This demo presents the ongoing effort to meld the stream query to process geospatial data, e.g., in traffic monitoring [4, 5]. processing capabilities of Microsoft StreamInsight with the On the other hand, the WorldWide Telescope (WWT) [9] enables visualization capabilities of the WorldWide Telescope. This effort a computer to function as a virtual telescope, bringing together provides visualization opportunities to manage, analyze, and imagery from the various ground and space-based telescopes in process real-time information that is of spatio-temporal nature. the world. WWT enables a wide range of user experiences, from The demo scenario is based on detecting, tracking and predicting narrated guided tours from astronomers and educators featuring interesting patterns over historical logs and real-time feeds of interesting places in the sky, to the ability to explore the features earthquake data. of planets. One interesting feature of WWT is its use as a 3-D model of earth, enabling its use as an earth viewer. 1. INTRODUCTION Real-time stream data acquisition has been widely used in This demo presents the ongoing work at Microsoft Research and numerous applications such as network monitoring, Microsoft SQL Server groups to meld the value of stream query telecommunications data management, security, manufacturing, processing of StreamInsight with the unique visualization and sensor networks.
    [Show full text]
  • The Fourth Paradigm
    ABOUT THE FOURTH PARADIGM This book presents the first broad look at the rapidly emerging field of data- THE FOUR intensive science, with the goal of influencing the worldwide scientific and com- puting research communities and inspiring the next generation of scientists. Increasingly, scientific breakthroughs will be powered by advanced computing capabilities that help researchers manipulate and explore massive datasets. The speed at which any given scientific discipline advances will depend on how well its researchers collaborate with one another, and with technologists, in areas of eScience such as databases, workflow management, visualization, and cloud- computing technologies. This collection of essays expands on the vision of pio- T neering computer scientist Jim Gray for a new, fourth paradigm of discovery based H PARADIGM on data-intensive science and offers insights into how it can be fully realized. “The impact of Jim Gray’s thinking is continuing to get people to think in a new way about how data and software are redefining what it means to do science.” —Bill GaTES “I often tell people working in eScience that they aren’t in this field because they are visionaries or super-intelligent—it’s because they care about science The and they are alive now. It is about technology changing the world, and science taking advantage of it, to do more and do better.” —RhyS FRANCIS, AUSTRALIAN eRESEARCH INFRASTRUCTURE COUNCIL F OURTH “One of the greatest challenges for 21st-century science is how we respond to this new era of data-intensive
    [Show full text]
  • WWW 2013 22Nd International World Wide Web Conference
    WWW 2013 22nd International World Wide Web Conference General Chairs: Daniel Schwabe (PUC-Rio – Brazil) Virgílio Almeida (UFMG – Brazil) Hartmut Glaser (CGI.br – Brazil) Research Track: Ricardo Baeza-Yates (Yahoo! Labs – Spain & Chile) Sue Moon (KAIST – South Korea) Practice and Experience Track: Alejandro Jaimes (Yahoo! Labs – Spain) Haixun Wang (MSR – China) Developers Track: Denny Vrandečić (Wikimedia – Germany) Marcus Fontoura (Google – USA) Demos Track: Bernadette F. Lóscio (UFPE – Brazil) Irwin King (CUHK – Hong Kong) W3C Track: Marie-Claire Forgue (W3C Training, USA) Workshops Track: Alberto Laender (UFMG – Brazil) Les Carr (U. of Southampton – UK) Posters Track: Erik Wilde (EMC – USA) Fernanda Lima (UNB – Brazil) Tutorials Track: Bebo White (SLAC – USA) Maria Luiza M. Campos (UFRJ – Brazil) Industry Track: Marden S. Neubert (UOL – Brazil) Proceedings and Metadata Chair: Altigran Soares da Silva (UFAM - Brazil) Local Arrangements Committee: Chair – Hartmut Glaser Executive Secretary – Vagner Diniz PCO Liaison – Adriana Góes, Caroline D’Avo, and Renato Costa Conference Organization Assistant – Selma Morais International Relations – Caroline Burle Technology Liaison – Reinaldo Ferraz UX Designer / Web Developer – Yasodara Córdova, Ariadne Mello Internet infrastructure - Marcelo Gardini, Felipe Agnelli Barbosa Administration– Ana Paula Conte, Maria de Lourdes Carvalho, Beatriz Iossi, Carla Christiny de Mello Legal Issues – Kelli Angelini Press Relations and Social Network – Everton T. Rodrigues, S2Publicom and EntreNós PCO – SKL Eventos
    [Show full text]
  • Denying Extremists a Powerful Tool Hany Farid ’88 Has Developed a Means to Root out Terrorist Propaganda Online
    ALUMNI GAZETTE Denying Extremists a Powerful Tool Hany Farid ’88 has developed a means to root out terrorist propaganda online. But will companies like Google and Facebook use it? By David Silverberg be a “no-brainer” for social media outlets. Farid is not alone in his criticism of so- But so far, the project has faced resistance cial media companies. Last August, a pan- Hany Farid ’88 wants to clean up the In- from the leaders of Facebook, Twitter, and el in the British Parliament issued a report ternet. The chair of Dartmouth’s comput- other outlets who argue that identifying ex- charging that Facebook, Twitter, and er science department, he’s a leader in the tremist content is more difficult, presenting Google are not doing enough to prevent field of digital forensics. In the past several more gray areas, than child pornography. their networks from becoming recruitment years, he has played a lead role in creating In a February 2016 blog post, Twitter laid tools for extremist groups. programs to identify and root out two of out its official position: “As many experts Steve Burgess, president of the digital fo- the worst online scourges: child pornogra- and other companies have noted, there is rensics firm Burgess Consulting and Foren- phy and extremist political content. no ‘magic algorithm’ for identifying terror- sics, admires Farid’s dedication to projects “Digital forensics is an exciting field, es- ist content on the Internet, so global online that, according to Burgess, aren’t common pecially since you can have an impact on platforms are forced to make challenging in the field.
    [Show full text]
  • Microsoft .NET Gadgeteer a New Way to Create Electronic Devices
    Microsoft .NET Gadgeteer A new way to create electronic devices Nicolas Villar Microsoft Research Cambridge, UK What is .NET Gadgeteer? • .NET Gadgeteer is a new toolkit for quickly constructing, programming and shaping new small computing devices (gadgets) • Takes you from concept to working device quickly and easily Driving principle behind .NET Gadgeteer • Low threshold • Simple gadgets should be very simple to build • High ceiling • It should also be possible to build sophisticated and complex devices The three key components of .NET Gadgeteer The three key components of .NET Gadgeteer The three key components of .NET Gadgeteer Some background • We originally built Gadgeteer as a tool for ourselves (in Microsoft Research) to make it easier to prototype new kinds of devices • We believe the ability to prototype effectively is key to successful innovation Some background • Gadgeteer has proven to be of interest to other researchers – but also hobbyists and educators • With the help of colleagues from all across Microsoft, we are working on getting Gadgeteer out of the lab and into the hands of others Some background • Nicolas Villar, James Scott, Steve Hodges Microsoft Research Cambridge • Kerry Hammil Microsoft Research Redmond • Colin Miller Developer Division, Microsoft Corporation • Scarlet Schwiderski-Grosche‎, Stewart Tansley‎ Microsoft Research Connections • The Garage @ Microsoft First key component of .NET Gadgeteer Quick example: Building a digital camera Some existing hardware modules Mainboard: Core processing unit Mainboard
    [Show full text]
  • The World-Wide Telescope1 MSR-TR-2001-77
    The World-Wide Telescope1 Alexander Szalay, The Johns Hopkins University Jim Gray, Microsoft August 2001 Technical Report MSR-TR-2001-77 Microsoft Research Microsoft Corporation 301 Howard Street, #830 San Francisco, CA, 94105 1 This article appears in Science V. 293 pp. 2037-2040 14 Sept 2001. Copyright © 2001 by The American Association for the Advancement of Science. Science V. 293 pp. 2037-2040 14 Sept 2001. Copyright © 2001 by The American Association for the Advancement of Science 1 The World-Wide Telescope Alexander Szalay, The Johns Hopkins University Jim Gray, Microsoft August 2001 Abstract All astronomy data and literature will soon be tral band over the whole sky is a few terabytes. It is not online and accessible via the Internet. The community is even possible for each astronomer to have a private copy building the Virtual Observatory, an organization of this of all their data. Many of these new instruments are worldwide data into a coherent whole that can be ac- being used for systematic surveys of our galaxy and of cessed by anyone, in any form, from anywhere. The re- the distant universe. Together they will give us an un- sulting system will dramatically improve our ability to do precedented catalog to study the evolving universe— multi-spectral and temporal studies that integrate data provided that the data can be systematically studied in an from multiple instruments. The virtual observatory data integrated fashion. also provides a wonderful base for teaching astronomy, Already online archives contain raw and derived astro- scientific discovery, and computational science. nomical observations of billions of objects – both temp o- Many fields are now coping with a rapidly mounting ral and multi-spectral surveys.
    [Show full text]
  • Web Search As Decision Support for Cancer
    Diagnoses, Decisions, and Outcomes: Web Search as Decision Support for Cancer ∗ Michael J. Paul Ryen W. White Eric Horvitz Johns Hopkins University Microsoft Research Microsoft Research 3400 N. Charles Street One Microsoft Way One Microsoft Way Baltimore, MD 21218 Redmond, WA 98052 Redmond, WA 98052 [email protected] [email protected] [email protected] ABSTRACT the decisions of searchers who show salient signs of having People diagnosed with a serious illness often turn to the Web been recently diagnosed with prostate cancer. We aim to for their rising information needs, especially when decisions characterize and enhance the ability of Web search engines are required. We analyze the search and browsing behavior to provide decision support for different phases of the illness. of searchers who show a surge of interest in prostate cancer. We focus on prostate cancer for several reasons. Prostate Prostate cancer is the most common serious cancer in men cancer is typically slow-growing, leaving patients and physi- and is a leading cause of cancer-related death. Diagnoses cians with time to reflect on the best course of action. There of prostate cancer typically involve reflection and decision is no medical consensus about the best treatment option, as making about treatment based on assessments of preferences the primary options all have similar mortality rates, each and outcomes. We annotated timelines of treatment-related with their own tradeoffs and side effects [24]. The choice queries from nearly 300 searchers with tags indicating differ- of treatments for prostate cancer is therefore particularly ent phases of treatment, including decision making, prepa- sensitive to consideration of patients' preferences about out- ration, and recovery.
    [Show full text]
  • Microsoft Research Lee Dirks Dr
    Transforming Scholarly Communication Overview of Recent Projects from Microsoft Research Lee Dirks Dr. Camilo A. Acosta-Márquez Director, Education & Scholarly Communication Director Centro de Robótica e Informática Microsoft Research | Connections Universidad Jorge Tadeo Lozano Overview of Recent Projects from Microsoft Research Director, Education Director Centro de Robótica e Informática & Scholarly Communication Universidad Jorge Tadeo Lozano Microsoft Research | Connections | Outreach. Collaboration. Innovation. • • • • http://research.microsoft.com/collaboration/ The Scholarly Excel 2010 Windows Server HPC Collaboration Communication Windows Workflow Foundation SharePoint Lifecycle LiveMeeting Data Office 365 Collection, Research & Analysis Office OpenXML Office 2010: XPS Format Storage, •Word SQL Server & Archiving & Authoring •PowerPoint Entity Framework Preservation •Excel Rights Management •OneNote Data Protection Manager Tablet PC/UMPC Publication & Dissemination Discoverability FAST SharePoint 2010 Word 2010 + PowerPoint 2010 WPF & Silverlight “Sea Dragon” / “PhotoSynth” / “Deep Zoom” Data Curation Add-in for Microsoft Excel • California Digital Library’s Curation Center • • DataONE • • Support for versioning • Standardized date/time stamps • A “workbook builder” • Ability to export metadata in a standard format • Ability to select from a globally shared vocabulary of terms for data descriptions • Ability to import term descriptions from the shared vocabulary and annotate them locally • “Speed bumps” to discourage use of macros
    [Show full text]
  • Transcript of Rick Rashid's Keynote Address
    TechFest 2013 Keynote Rick Rashid March 5, 2013 ANNOUNCER: Ladies and gentlemen, please welcome Microsoft Chief Research Officer, Rick Rashid. (Applause.) RICK RASHID: Hi there. Well, hopefully this will be a very fun day for all of you. For me, it's interesting. It feels like we've been doing TechFest for a really, long time, but it's actually only been since 2001. So, technically, I think, this is the 13th TechFest event for Microsoft Research. Of course, in the first TechFest, it wasn't nearly as big an event as this. It was just for employees. We didn't take up nearly as much space. And we didn't even know how many people would really show up. I was actually one of the strongest skeptics about this whole idea of creating this technology show for our employees, because I wasn't really sure how many people would show up. I kept saying, “Well, gosh, it seems like it's going to be a lot of work, and I'm not sure it's going to be really valuable and worthwhile, but if you guys really think you want to do it, okay.” Of course, what happened that year was we had, I think, about 4,000 of our Puget Sound employees come over a two-day period. And of course Microsoft was a much smaller company back then, so that was just a huge fraction of our Puget Sound workforce at that time. And everybody was really excited. I mean, the researchers came away from the event really excited about being able to talk to so many of our employees, be able to interact with them, and to sort of sell their ideas, and show off what they've been doing.
    [Show full text]
  • Microsoft Research Worldwide Telescope Multi-Channel Dome/Frustum Setup Guide
    Microsoft Research WorldWide Telescope Multi-Channel Dome/Frustum Setup Guide Prepared by Beau Guest & Doug Roberts Rev. 1.4, October 2013 WorldWide Telescope Multi-Channel Setup Guide Introduction Microsoft Research WorldWide Telescope (WWT) is a free program designed to give users the ability to explore the universe in a simple easy to use interface. Recently support has been developed to include a variety of playback mediums. This document will detail the steps required for a multi-channel display setup for use in a dome or frustum environment. It is recommended before attempting to setup a multi-channel system that you familiarize yourself with WWT as a system. There are many introductory tours that will help in this process that are included with the software. WWT is an ever evolving program and the steps, descriptions, and information contained in this guide is subject to change at any time. Parts of this guide work on the premise that you have the required data regarding projector positioning and field of view/aspect ratio. Please obtain these data before attempting to start this process. WWT is a trademark of Microsoft and all rights are reserved. 2 WorldWide Telescope Multi-Channel Setup Guide Table of Contents Software Installation ......................................................................................................................................................... 4 FOV Values .....................................................................................................................................................................
    [Show full text]
  • Time-Travel Debugging for Javascript/Node.Js
    Time-Travel Debugging for JavaScript/Node.js Earl T. Barr Mark Marron Ed Maurer University College London, UK Microsoft Research, USA Microsoft, USA [email protected] [email protected] [email protected] Dan Moseley Gaurav Seth Microsoft, USA Microsoft, USA [email protected] [email protected] ABSTRACT Time-traveling in the execution history of a program during de- bugging enables a developer to precisely track and understand the sequence of statements and program values leading to an error. To provide this functionality to real world developers, we embarked on a two year journey to create a production quality time-traveling de- bugger in Microsoft’s open-source ChakraCore JavaScript engine and the popular Node.js application framework. CCS Concepts •Software and its engineering ! Software testing and debug- Figure 1: Visual Studio Code with extra time-travel functional- ging; ity (Step-Back button in top action bar) at a breakpoint. Keywords • Options for both using time-travel during local debugging Time-Travel Debugging, JavaScript, Node.js and for recording a trace in production for postmortem de- bugging or other analysis (Section 2.1). 1. INTRODUCTION • Reverse-Step Local and Dynamic operations (Section 2.2) Modern integrated development environments (IDEs) provide a that allow the developer to step-back in time to the previously range of tools for setting breakpoints, examining program state, and executed statement in the current function or to step-back in manually logging execution. These features enable developers to time to the previously executed statement in any frame in- quickly track down localized bugs, provided all of the relevant val- cluding exception throws or callee returns.
    [Show full text]
  • Machine Learning for Kinect
    Presenter: Andrew Fitzgibbon Principal Researcher Microsoft Research Cambridge BLUE SKIES, GROUND TRUTH: MACHINE LEARNING FOR KINECT Innovation into Products TECHNOLOGY TRANSFERS TECHNOLOGY IP Licensing to 3rd parties Expertise for Products PATENTS & PAPERS PATENTS MSR OUTPUTS COMPUTER VISION AT MSRC COMPUTER VISION AT MSRC COMPUTER VISION AT MSRC 6 building water building cat car cow bicycle [Shotton, Winn, Rother, road grass road road Criminisi 06 + 08] [Winn & Shotton 06] [Shotton, Johnson, Cipolla 08] COMPUTER VISION AT MSRC Ground truth Entangled Conventional A. Montillo, J. Shotton, J. Winn, J. E. Iglesias, D. Metaxas, and A. Criminisi, Entangled Decision Forests and their Application for Semantic Segmentation of CT Images, in Information Processing in Medical Imaging (IPMI), July 2011 COMPUTER VISION AT MSRC COMPUTER VISION AT MSRC From: Mark Finocchio To: Jamie Shotton Date: 11 Sept 2008 Subject: Your computer vision expertise Hi Jamie, I work on Xbox Incubation and I noticed some work you’ve done on visual recognition using contours (http://jamie.shotton.org/work/research.html). I was hoping to be able to discuss an important scenario we are trying to solve with you. Would you be able to chat? Thanks, - Mark THE CALL 10 THE SCENARIO Okada & Stenger 2008 Navaratnam et al. 2007 STATE OF THE ART 3500 mm 3000 mm 2500 mm 2000 mm 1500 mm XBox prototype, Sept 2008 . Real time . Accurate . General poses But… . Needs initialization . Limited body types . Limited agility STATE OF THE ART Generative/ Model-based Discriminative/ Regression [Hogg 1982] [Agarwal & Triggs 2004] [Navaratnam & al 2007] Detection Tracking [Bourdev & Malik 09] Whole Parts [Gavrila 2000] [Fischler & Elschlager 1973] STATE OF THE ART 1965.
    [Show full text]