CybIQ: Secure Authentication Method

Mapping Intimacies ◽

10.20944/preprints202111.0045.v1 ◽

2021 ◽

Author(s):

Raghavendra Devidas ◽

Hrushikesh Srinivasachar

Keyword(s):

Cyber Attacks ◽

Human Intelligence ◽

Computing Power ◽

Graphical Passwords ◽

Shoulder Surfing ◽

Lower Case ◽

Authentication And Authorization ◽

Secure Authentication ◽

Build Systems ◽

Computing Capacity

With increased vulnerabilities and vast technology landscapes, it is extremely critical to build systems which are highly resistant to cyber-attacks, to break into systems to exploit. It is almost impossible to build 100% secure authentication & authorization mechanisms merely through standard password / PIN (With all combinations of special characters, numbers & upper/lower case alphabets and by using any of the Graphical password mechanisms). The immense computing capacity and several hacking methods used, make almost every authentication method susceptible to cyber-attacks in one or the other way. Only proven / known system which is not vulnerable in spite of highly sophisticated computing power is, human brain. In this paper, we present a new method of authentication using a combination of computer’s computing ability in combination with human intelligence. In fact this human intelligence is personalized making the overall security method more secure. Text based passwords are easy to be cracked [6]. There is an increased need for an alternate and more complex authentication and authorization methods. Some of the Methods [7] [8] in the category of Graphical passwords could be susceptible, when Shoulder surfing/cameras/spy devices are used.

Download Full-text

A REVIEW - CAPTCHA AS GRAPHICAL PASSWORDS—A NEW SECURITY PRIMITIVE BASED ON HARD AI PROBLEMS

INTERNATIONAL JOURNAL ONLINE OF SCIENCE ◽

10.24113/ijoscience.v2i4.91 ◽

2016 ◽

Vol 2 (4) ◽

Author(s):

PANKAJ ,

Keyword(s):

Computer Science ◽

Graphical Passwords ◽

Shoulder Surfing ◽

On Line

Most of the safety primeval square measure supported mathematical issues. This analysis goals to check existing parole and to style a brand new improved graphical parole pattern. Captcha as a graphical parole. during this paper, we tend to discuss a brand new security primeval supported exhausting computer science issues, a innovative of graphical parole systems created on dominant of Captcha technology, what we are saying Captcha as graphical passwords (CaRP). CaRP is each a Captcha and a graphical parole pattern. With the mix of CAPTCHA and graphical parole addresses a like on-line estimation attacks, relay attacks, combination of with dual-view technology, and shoulder-surfing attacks. If the parole is in search nominative then CaRP parole are often found solely risk by automatic on-line estimation attack.

Download Full-text

Centralized Fog Computing Security Platform for IoT and Cloud in Healthcare System

Exploring the Convergence of Big Data and the Internet of Things - Advances in Data Mining and Database Management ◽

10.4018/978-1-5225-2947-7.ch011 ◽

2018 ◽

pp. 141-154 ◽

Cited By ~ 51

Author(s):

Chandu Thota ◽

Revathi Sundarasekar ◽

Gunasekaran Manogaran ◽

Varatharajan R ◽

Priyan M. K.

Keyword(s):

Healthcare System ◽

Data Transfer ◽

Fog Computing ◽

Asynchronous Communication ◽

Security And Privacy ◽

Sensor Data ◽

Cloud Environment ◽

Authentication And Authorization ◽

Remote Healthcare ◽

Secure Authentication

This chapter proposes an efficient centralized secure architecture for end to end integration of IoT based healthcare system deployed in Cloud environment. The proposed platform uses Fog Computing environment to run the framework. In this chapter, health data is collected from sensors and collected sensor data are securely sent to the near edge devices. Finally, devices transfer the data to the cloud for seamless access by healthcare professionals. Security and privacy for patients' medical data are crucial for the acceptance and ubiquitous use of IoT in healthcare. The main focus of this work is to secure Authentication and Authorization of all the devices, Identifying and Tracking the devices deployed in the system, Locating and tracking of mobile devices, new things deployment and connection to existing system, Communication among the devices and data transfer between remote healthcare systems. The proposed system uses asynchronous communication between the applications and data servers deployed in the cloud environment.

Download Full-text

Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords

Proceedings of the 28th international conference on Human factors in computing systems - CHI '10 ◽

10.1145/1753326.1753491 ◽

2010 ◽

Cited By ~ 48

Author(s):

Alain Forget ◽

Sonia Chiasson ◽

Robert Biddle

Keyword(s):

Eye Gaze ◽

Cued Recall ◽

Graphical Passwords ◽

Shoulder Surfing

Download Full-text

POSSIBILITIES FOR PROVIDING AN INFORMATION SECURITY DURING RETRIEVAL OF NETWORK DATA

Knowledge International Journal ◽

10.35120/kij3003689s ◽

2019 ◽

pp. 689-693

Author(s):

Veselka Stoyanova

Keyword(s):

Data Centers ◽

Cyber Attacks ◽

Security Framework ◽

Iot Security ◽

Computing Power ◽

Smart Buildings ◽

Electrical Grids ◽

Wide Range ◽

The Internet Of Things ◽

Require Data

The Internet of Things (IoT) will connect not only computers and mobile devices, but it will also interconnect smart buildings, homes, and cities, as well as electrical grids, gas, and water networks, automobiles, airplanes, etc. IoT will lead to the development of a wide range of advanced information services that need to be processed in real-time and require data centers with large storage and computing power. In this paper, we present an IoT security framework for smart infrastructures such as Smart Homes (SH) and smart buildings (SB). I also present a general threat model that can be used to develop a security protection methodology for IoT services against cyber-attacks (known or unknown).

Download Full-text

Engineering Authentication Process with Cloud Computing

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit195259 ◽

2019 ◽

pp. 246-253

Author(s):

G. Nivedhitha ◽

R. Ilakkiya

Keyword(s):

Cloud Computing ◽

Key Management ◽

Cloud Model ◽

Cloud Services ◽

Single Sign On ◽

Multiple Resources ◽

Authentication And Authorization ◽

Secure Authentication ◽

Client Side ◽

Gain Access

Cloud computing is a way to increase the capacity or add capabilities dynamically without any upfront investments. Despite the growth achieved from the cloud computing, security is still questionable which impacts the cloud model adoption. Aside of having network and application securities being adopted, there must be a security that authenticate the user when accessing the cloud services that is bound to the rules between the cloud computing provider and the client side. The existing system provides authentication based on keys Encryption algorithms either symmetric key-based or asymmetric are key-based. Both encryption approaches have a major problem related to encryption key management i.e. how to securely generate, store, access and exchange secrete keys. In this paper, an optimized infrastructure for secure authentication and authorization in Cloud Environment using SSO (Single Sign-On) is proposed. SSO is a process of authenticating once and gain access of multiple resources that aims at reducing number of login and password in heterogeneous environment and to gain balance in Security, Efficiency and Usability. Also an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks is also presented in this paper.

Download Full-text

A shoulder surfing resistance using graphical authentication system

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.7.10644 ◽

2018 ◽

Vol 7 (1.7) ◽

pp. 169

Author(s):

Rupavathy N ◽

Carmel Mary Belinda M. J ◽

Nivedhitha G

Keyword(s):

Mobile Apps ◽

Security And Privacy ◽

Experimental Result ◽

Internet Applications ◽

Multiple Camera ◽

Graphical Passwords ◽

Weakest Link ◽

Shoulder Surfing ◽

Authentication System ◽

Vertical Bars

Authentication supported passwords is employed mostly in applications for laptop security and privacy. However, human actions like selecting unhealthy passwords and inputting passwords in an insecure approach are considered “the weakest link” within the authentication chain. Instead of impulsive alphanumerical strings, users tend to decide on passwords either short or purposeful for simple learning. With internet applications and mobile apps piling up, individuals will access these applications any time and any place with numerous devices. This evolution brings nice convenience however additionally will increase the chance of exposing passwords to shoulder surfing attacks. Attackers will observe directly or use external recording devices to gather users’ credentials. To overcome this drawback, we tend to plan a unique authentication system Pass Matrix, supported graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulatory horizontal and vertical bars covering the complete scope of pass-images, Pass Matrix offers no hint for attackers to work out or slim down the password even they conduct multiple camera-based attacks. We tend to additionally enforce a Pass Matrix image on android and applied real user experiments to judge its memorability and usefulness. From the experimental result, the proposed system achieves higher resistance shoulder surfing attacks whereas maintaining usability.

Download Full-text

A Fractal-Based Authentication Technique Using Sierpinski Triangles in Smart Devices

Sensors ◽

10.3390/s19030678 ◽

2019 ◽

Vol 19 (3) ◽

pp. 678 ◽

Cited By ~ 5

Author(s):

Adnan Ali ◽

Hamaad Rafique ◽

Talha Arshad ◽

Mohammed A. Alqarni ◽

Sajjad Hussain Chauhdary ◽

...

Keyword(s):

Smart Devices ◽

Brute Force ◽

Potential Threat ◽

Graphical Passwords ◽

Sierpinski Triangle ◽

Authentication Mechanism ◽

Shoulder Surfing ◽

Physical Resources ◽

Common Technique ◽

Authentication Technique

The prevalence of smart devices in our day-to-day activities increases the potential threat to our secret information. To counter these threats like unauthorized access and misuse of phones, only authorized users should be able to access the device. Authentication mechanism provide a secure way to safeguard the physical resources as well the information that is processed. Text-based passwords are the most common technique used for the authentication of devices, however, they are vulnerable to a certain type of attacks such as brute force, smudge and shoulder surfing attacks. Graphical Passwords (GPs) were introduced as an alternative for the conventional text-based authentication to overcome the potential threats. GPs use pictures and have been implemented in smart devices and workstations. Psychological studies reveal that humans can recognize images much easier and quicker than numeric and alphanumeric passwords, which become the basis for creating GPs. In this paper a novel Fractal-Based Authentication Technique (FBAT) has been proposed by implementing a Sierpinski triangle. In the FBAT scheme, the probability of password guessing is low making system resilient against abovementioned threats. Increasing fractal level makes the system stronger and provides security against attacks like shoulder surfing.

Download Full-text

Centralized Fog Computing Security Platform for IoT and Cloud in Healthcare System

Fog Computing ◽

10.4018/978-1-5225-5649-7.ch018 ◽

2018 ◽

pp. 365-378 ◽

Cited By ~ 13

Author(s):

Chandu Thota ◽

Revathi Sundarasekar ◽

Gunasekaran Manogaran ◽

Varatharajan R ◽

Priyan M. K.

Keyword(s):

Healthcare System ◽

Data Transfer ◽

Fog Computing ◽

Asynchronous Communication ◽

Security And Privacy ◽

Sensor Data ◽

Cloud Environment ◽

Authentication And Authorization ◽

Remote Healthcare ◽

Secure Authentication

Download Full-text

Polynomial-Based Google Map Graphical Password System against Shoulder-Surfing Attacks in Cloud Environment

Complexity ◽

10.1155/2019/2875676 ◽

2019 ◽

Vol 2019 ◽

pp. 1-8 ◽

Cited By ~ 4

Author(s):

Zhili Zhou ◽

Ching-Nung Yang ◽

Yimin Yang ◽

Xingming Sun

Keyword(s):

Human Brain ◽

Identity Authentication ◽

Long Term Memory ◽

Cloud Environment ◽

Term Memory ◽

Specific Location ◽

Graphical Password ◽

Graphical Passwords ◽

Shoulder Surfing

Text password systems are commonly used for identity authentication to access different kinds of data resources or services in cloud environment. However, in the text password systems, the main issue is that it is very hard for users to remember long random alphanumeric strings due to the long-term memory limitation of the human brain. To address this issue, graphical passwords are accordingly proposed based on the fact that humans have better memory for images than alphanumeric strings. Recently, a Google map graphical password (GMGP) system is proposed, in which a specific location of Google Map is preset as a password for authentication. Unfortunately, the use of graphical passwords increases the risk of exposing passwords under shoulder-surfing attacks. A snooper can easily look over someone’s shoulder to get the information of a location on map than a text password from a distance, and thus the shoulder-surfing attacks are more serious for graphical passwords than for text passwords. To overcome this issue, we design a polynomial-based Google map graphical password (P-GMGP) system. The proposed P-GMGP system can not only resist the shoulder-surfing attacks effectively, but also need much fewer challenge-response rounds than the GMGP system for authentication. Moreover, the P-GMGP system is extended to allow a user to be authenticated in cloud environment effectively and efficiently.

Download Full-text

A study on usability and security features of the Android pattern lock screen

Information and Computer Security ◽

10.1108/ics-01-2015-0001 ◽

2016 ◽

Vol 24 (1) ◽

pp. 53-72 ◽

Cited By ~ 6

Author(s):

Panagiotis Andriotis ◽

George Oikonomou ◽

Alexios Mylonas ◽

Theo Tryfonas

Keyword(s):

Mobile Device ◽

User Authentication ◽

Hard Copy ◽

Security Assessment ◽

Android Application ◽

Content Type ◽

Graphical Passwords ◽

Shoulder Surfing ◽

Survey Results ◽

Future Work

Purpose – The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern. Design/methodology/approach – The authors conducted a survey to study the users’ understanding of the security and usability of the pattern lock screen. The authors developed an Android application that collects graphical passwords, by simulating user authentication in a mobile device. This avoids any potential bias that is introduced when the survey participants are not interacting with a mobile device while forming graphical passwords (e.g. in Web or hard-copy surveys). Findings – The findings verify and enrich previous knowledge for graphical passwords, namely, that users mostly prefer usability than security. Using the survey results, the authors demonstrate how biased input impairs security by shrinking the available password space. Research limitations/implications – The sample’s demographics may affect our findings. Therefore, future work can focus on the replication of our work in a sample with different demographics. Originality/value – The authors define metrics that measure the usability of a pattern (handedness, directionality and symmetry) and investigate their impact to its formation. The authors propose a security assessment scheme using features in a pattern (e.g. the existence of knight moves or overlapping nodes) to evaluate its security strengths.

Download Full-text