Identifying User Authentication Methods on Connections for SSH Dictionary Attack Detection

2013 ◽  
Author(s):  
Akihiro Satoh ◽  
Yutaka Nakamura ◽  
Takeshi Ikenaga
Keyword(s):  
User Authentication ◽  
Attack Detection ◽  
Dictionary Attack

scholarly journals Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

2017 ◽  
Vol 2017 ◽  
pp. 1-14 ◽  
Author(s):  
Chenyu Wang ◽  
Guoai Xu
Keyword(s):  
Open Channel ◽  
Reference Model ◽  
User Authentication ◽  
Forward Secrecy ◽  
Dictionary Attack ◽  
Online Services ◽  
Remote User Authentication ◽  
Authentication Schemes ◽  
Remote User ◽  
Dictionary Attacks

Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from offline dictionary attack or fail to achieve forward secrecy and user anonymity. It is worth mentioning that we divide offline dictionary attacks into two categories: (1) the ones using the verification from smart cards and (2) the ones using the verification from the open channel. The second is more complicated and intractable than the first type. Such distinction benefits the exploration of better design principles. We also discuss some practical solutions to the two kinds of attacks, respectively. Furthermore, we proposed a reference model to deal with the first kind of attack and proved its effectiveness by taking one of our cryptanalysis schemes as an example.

scholarly journals User Authentication Using Grid Based Method

2018 ◽  
Vol 7 (2.14) ◽  
pp. 97
Author(s):  
Siti Noratiqah Md Ariffin ◽  
Mohd Fadzil Abdul Kadir ◽  
Ahmad Nazari Mohd Rose ◽  
Mohamad Afendee Mohamed ◽  
Abd Rasid Mamat
Keyword(s):  
User Authentication ◽  
Brute Force ◽  
Dictionary Attack ◽  
Grid Based

Grid recognition authentication is a method of securing user logins. This project is based on user authentication in Smartphone using grid, images, and pattern. It is an innovation from the existing security lock that used in the Smartphone. A smartphone usually consists the authentication techniques such as draw a pattern or inserting a password. But nowadays, those techniques are not completely secure because it is very easy to break through different type of attack like brute force, dictionary attack or key logger. In this project, a tool based Grid Based Method will be developed which is important to increase the security of the smartphone that using an iOS platform. By using this tool, the codes are difficult to break because the grids are hidden behind the image. Users can identify the cells that were selected in a grid during the registration stage. 

scholarly journals Fingerprint Presentation Attack Detection using Referential Quality Metrics and Minutiae Count

2021 ◽  
Author(s):  
Akhilesh Verma ◽  
Anshadha Gupta ◽  
Mohammad Akbar ◽  
Arun Kumar Yadav ◽  
Divakar Yadav
Keyword(s):  
Neural Network ◽  
Error Rate ◽  
State Of The Art ◽  
User Authentication ◽  
Attack Detection ◽  
Classification Error ◽  
The Public ◽  
The Past ◽  
Biometric Systems ◽  
Presentation Attack Detection

Abstract The fingerprint presentation attack is still a major challenge in biometric systems due to its increased applications worldwide. In the past, researchers used Fingerprint Presentation Attack Detection (FPAD) for user authentication, but it suffers from reliable authentication due to less focus on reducing the ‘error rate’. In this paper, we proposed an algorithm, based on referential image quality (RIQ)-metrics and minutiae count using neural network, k-NN and SVM for FPAD. We evaluate and validate the error rate reduction with different machine learning models on the public domain, such as LivDet crossmatch dataset2015 and achieved an accuracy of 88% with a neural network, 88.6% with k-NN and 88.8% using SVM. In addition, the average classification error (ACE) score is 0.1197 for ANN, 0.1138 for k-NN and 0.1117 for SVM. Thus, the results obtained show that it was achieved a reasonable accuracy with a low ACE score with respect to other state-of-the-art methods.

scholarly journals An Enhanced User Authentication Protocol Based on Elliptic Curve Cryptosystem in Cloud Computing Environment

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Chenyu Wang ◽  
Ke Ding ◽  
Bin Li ◽  
Yiming Zhao ◽  
Guoai Xu ◽  
...  
Keyword(s):  
Cloud Computing ◽  
User Authentication ◽  
Limited Resource ◽  
Authentication Scheme ◽  
Security Requirements ◽  
Cloud Environment ◽  
Computing Environment ◽  
Dictionary Attack ◽  
Cloud Computing Environment ◽  
User Authentication Scheme

With the popularity of cloud computing, information security issues in the cloud environment are becoming more and more prominent. As the first line of defense to ensure cloud computing security, user authentication has attracted extensive attention. Though considerable efforts have been paid for a secure and practical authentication scheme in cloud computing environment, most attempts ended in failure. The design of a secure and efficient user authentication scheme for cloud computing remains a challenge on the one hand and user’s smart card or mobile devices are of limited resource; on the other hand, with the combination of cloud computing and the Internet of Things, applications in cloud environments often need to meet various security requirements and are vulnerable to more attacks. In 2018, Amin et al. proposed an enhanced user authentication scheme in cloud computing, hoping to overcome the identified security flaws of two previous schemes. However, after a scrutinization of their scheme, we revealed that it still suffers from the same attacks (such as no user anonymity, no forward secrecy, and being vulnerable to offline dictionary attack) as the two schemes they compromised. Consequently, we take the scheme of Amin et al. (2018) as a study case, we discussed the inherent reason and the corresponding solutions to authentication schemes for cloud computing environment in detail. Next, we not only proposed an enhanced secure and efficient scheme, but also explained the design rationales for a secure cloud environment protocol. Finally, we applied BAN logic and heuristic analysis to show the security of the protocol and compared our scheme with related schemes. The results manifest the superiority of our scheme.

scholarly journals Research and Development of User Authentication using Graphical Passwords: A Prospective Methodology

2019 ◽  
Vol 8 (9S3) ◽  
pp. 385-390
Keyword(s):  
User Authentication ◽  
Brute Force ◽  
Computer User ◽  
Dictionary Attack ◽  
Password Authentication ◽  
Graphical Password ◽  
Graphical Passwords ◽  
A New Technique ◽  
Guessing Attack ◽  
Brute Force Attack

Nowadays in information security user authentication is a very important task. In most of the computer, user authentication depends on the alphanumeric username and password. It means text-based password. But, this is not highly secure because of hackers can easily break the password. Brute force attack, dictionary attack, guessing attack etc. these all are some possible attacks on the password. If the user chooses a difficult password to prevent the system from the attackers which is very much harder for the user to remember such a difficult password. So, to resolve this problem introduced a new technique called graphical password authentication. This paper presents a detailed survey of user authentication techniques using a graphical password. It contains basically two type approaches. They are recognition-based and recall-based approaches. This survey discusses the different techniques about Graphical password authentication and their advantages and limitations. The survey provides a roadmap for the development of new graphical authentication scheme.

scholarly journals Password Authentication System using Coordinates & Location

2019 ◽  
Vol 9 (1) ◽  
pp. 1531-1535
Keyword(s):  
Graphical User Interface ◽  
User Authentication ◽  
Geographical Location ◽  
Brute Force ◽  
Dictionary Attack ◽  
Password Authentication ◽  
Cryptographic Keys ◽  
Frame Work ◽  
Authentication System ◽  
Location Point

Password authentication system is a very important factor for every system which needs to be secure. Every password is easy to crack and people are looking for a strong password to their systems. Here we use a password authentication system that is designed for high security and could be easily put into old system. In our frame work we are using cryptographic representation for converting location point into coordinates. Our primary aim is to prevent hacking through all kinds of brute force algorithms. It is concerned with including client’s geographical location as an important authentication factor to enhance security. Techniques to integrate location as an authentication factor as well as techniques to generate location based cryptographic keys are reviewed and discussed .Most importantly our system combine graphical user authentication and location coordinates .Existing system was vulnerable to dictionary attack algorithm and salt data algorithm ,so efforts are been taken to generate non repeatable graphical user interface system using coordinates .

scholarly journals A Review on Shoulder Surfing Attack in Authentication Technique using Cued Click Point (CCP)

2021 ◽  
pp. 141-144
Author(s):  
Jasmin P. Bhootwala ◽  
Dr Subhash G. Desai
Keyword(s):  
User Authentication ◽  
Social Engineering ◽  
Image Point ◽  
Dictionary Attack ◽  
Graphical Password ◽  
Graphical Passwords ◽  
Security Authentication ◽  
Shoulder Surfing ◽  
Brute Force Attack ◽  
Graphical System

Security important now a days. Users of primary preference to security. Authentication process provide security to the user. Authentication process of identifying the person’s identity or conforming the identity of person. There are various authentication method, but most commonly used method is textual password. Combination of alphabet and number create a secure password. But some drawbacks i.e. it easily guess by also called attacker. If it make complex then it hard to memorize. Also various attacks brute force attack, dictionary attack, social engineering attack, evesdropping, etc. of textual password graphical password system introduced. Graphical system is easy to memorize but it undergo shoulder surfing attack which big problem. any entity or person can observe users password directly or by using any device. So as an alternative Graphical Passwords are introduced to resist the Shoulder surfing attack. the above mentioned attacks the new scheme highlights cued click point (CCP), Using graphical password as input and grid lines for image point verification. This paper survey shoulder surfing attacks in graphical password approach.

scholarly journals Security Analysis on “Anonymous Authentication Scheme for Smart Home Environment with Provable Security”

2020 ◽  
Vol 2020 ◽  
pp. 1-4
Author(s):  
Meijia Xu ◽  
Qiying Dong ◽  
Mai Zhou ◽  
Chenyu Wang ◽  
Yangyang Liu
Keyword(s):  
Smart Home ◽  
User Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Dictionary Attack ◽  
Anonymous Authentication ◽  
Smart Home Environment ◽  
User Authentication Scheme ◽  
Authentication Schemes ◽  
The Internet Of Things

As an important application of the Internet of Things, smart home has greatly facilitated our life. Since the communication channels of smart home are insecure and the transmitted data are usually sensitive, a secure and anonymous user authentication scheme is required. Numerous attempts have been taken to design such authentication schemes. Recently, Shuai et al. (Computer & Security 86(2019):132146) designed an anonymous authentication scheme for smart home using elliptic curve cryptography. They claimed that the proposed scheme is secure against various attacks and provides ideal attributes. However, we show that their scheme cannot resist inside attack and offline dictionary attack and also fails to achieve forward secrecy. Furthermore, we give some suggestions to enhance the security of the scheme. These suggestions also apply to other user authentication schemes with similar flaws.

Sign in / Sign up

Export Citation Format

Share Document