scholarly journals Implementation of a Secured Authentication System using a Policy Generator with Email Notifications

For securing the login, passwords of users from intruders and hackers, the website owners and administrators are providing certain guidelines to the users to create secure and strong passwords using a mechanism called Password Checkers. These guidelines which are provided helps the users to create strong passwords, these guidelines are also becoming the raw input for the hackers as they clearly show based on which policy the password was generated which increases the risk for brute force attacking with more ease. There by increasing the success rate probability for the brute force attackers. To overcome and to decrease the success probability for brute force attacking the Dynamic Password Policy Generator is being devised.The profiles of users are built and maintained by the system automatically bases on the interaction with the monitored database in training phase. This DBSAFE system will help both the administrator as well as the users to feel secured in terms with their data security. Also whenever, an unsuccessful attempts leaving a notification through an email will always add a extra layer of security to the system. When the system’s critical files were all under watch and someone try to access those, concerned people will be intimated to verify the system security keeping the system and database safe and healthy.

2019 ◽  
Vol 9 (5) ◽  
pp. 4808-4812
Author(s):  
S. Hamid ◽  
N. Z. Bawany ◽  
S. Khan

Text-based passwords are widely used for the authentication of digital assets. Typically, password security and usability is a trade-off, i.e. easy-to-remember passwords have higher usability that makes them vulnerable to brute-force and dictionary attacks. Complex passwords have stronger security but poor usability. In order to strengthen the security in conjunction with the improved usability, we hereby propose a novel graphical authentication system. This system is a picture-based password scheme which comprises of the method of image splicing. Authentication data were collected from 33 different users. The usability of the method was evaluated via a comparison between the number of correct and incorrect authentication attempts and time taken. Additionally, a comparison was made between our proposed method and a complex text-based password authentication method using the authentication success rate. Authentication using image splicing proved to be resilient to brute-force attacks since the processing of images consumes a voluminous password space. The evaluation of the usability revealed that graphical passwords were easy-to-remember, resulting in a higher number of correct attempts. The proposed method produced 50% higher success rate compared to the text-based method. Findings motivate the use of the proposed method for securing digital assets.


Author(s):  
Yongzheng Wu ◽  
Roland H.C. Yap ◽  
Rajiv Ramnath ◽  
Felix Halim

Malware causes damage by stealing confidential data or making other software unusable. Ensuring software trustworthiness is difficult because malware may disguise itself to appear benign or trusted. This chapter explores the problem of making software more trustworthy through the use of binary integrity mechanisms. The authors review the problem of devising an effective binary integrity protection, and discuss how it complements other operating system security measures. They analyze design factors for binary integrity and compare existing systems. The authors then present a prototype which exemplifies a mandatory binary integrity mechanism and its integration within an operating system. Their system, BinAuth, demonstrates a practical, lightweight in-kernel binary authentication system for Microsoft Windows. A system like BinAuth shows that mandatory authentication is practical on complex commodity operating system like Windows. To deal with various constraints in the user’s environments, BinAuth uses a flexible scheme which does not mandate public key infrastructure (PKI) although it can take advantage of it. The authors also combine the authentication with a simple software-ID scheme which is useful for software management and vulnerability assessment.


2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Yan Ding ◽  
Pan Dong ◽  
Zhipeng Li ◽  
Yusong Tan ◽  
Chenlin Huang ◽  
...  

The root privilege escalation attack is extremely destructive to the security of the Android system. SEAndroid implements mandatory access control to the system through the SELinux security policy at the kernel mode, making the general root privilege escalation attacks unenforceable. However, malicious attackers can exploit the Linux kernel vulnerability of privilege escalation to modify the SELinux security labels of the process arbitrarily to obtain the desired permissions and undermine system security. Therefore, investigating the protection method of the security labels in the SELinux kernel is urgent. And the impact on the existing security configuration of the system must also be reduced. This paper proposes an optimization scheme of the SELinux mechanism based on security label randomization to solve the aforementioned problem. At the system runtime, the system randomizes the mapping of the security labels inside and outside the kernel to protect the privileged security labels of the system from illegal obtainment and tampering by attackers. This method is transparent to users; therefore, users do not need to modify the existing system security configuration. A tamper-proof detection method of SELinux security label is also proposed to further improve the security of the method. It detects and corrects the malicious tampering behaviors of the security label in the critical process of the system timely. The above methods are implemented in the Linux system, and the effectiveness of security defense is proven through theoretical analysis and experimental verification. Numerous experiments show that the effect of this method on system performance is less than 1%, and the success probability of root privilege escalation attack is less than 10−9.


Sensors ◽  
2019 ◽  
Vol 19 (13) ◽  
pp. 2985 ◽  
Author(s):  
Wencheng Yang ◽  
Song Wang ◽  
Jiankun Hu ◽  
Ahmed Ibrahim ◽  
Guanglou Zheng ◽  
...  

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique—steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques.


2013 ◽  
Vol 411-414 ◽  
pp. 595-599
Author(s):  
Jian Xun Zhao

HOTP generation algorithm has safety risks because the counter is easily predicted. This paper describes TOTP generation algorithm which make the counter replace with timer, and makes an improved authentication method according to Three-Protocol of HOTP authentication method based on TOTP. The improved authentication method use an authentication number threshold and a timestamp to resist brute force attacks and replay attacks, use a random number and the MD5 encryption resist Man-in-the-Middle attack. Finally, a safe and useful Web authentication system is designed by PHP language.


2019 ◽  
Vol 19 (1) ◽  
pp. 41
Author(s):  
I Gede Sujana Eka Putra ◽  
Ni Luh Putu Labasariyani

System security is important in information systems to prevent unauthorized users from accessing data. Login system applies security using encrypted passwords stored on RFID cards. This research designed login security system storing encrypted password using MD5 encryption into the Mifare Tag RFID card and equipped NFC reader to read data from RFID Card. By storing encrypted password characters on RFID cards, login system security is stronger and cannot be traced by unauthorized parties to log into systems. Some stage of system design are through study of literature, designing process flow, system algorithms, designing encryption methods and system interfaces, writing card module coding, card reading module coding, implementation, and system testing. The system login applied by scanning RFID card on the NFC reader, if the password on RFID matches then the user successfully logs into the system. Based on the testing of RFID Tag readings, the maximum distance from the reading of RFID Tag cards is up to 7 cm with a reading range of 00 to 300 with a success rate of 100% authentication. By using RFID Tag cards, increase security for logging into the system, because user cannot log in without having a card with the appropriate password.


2019 ◽  
Vol 20 (1) ◽  
pp. 101-112 ◽  
Author(s):  
Pankhuri . ◽  
Akash Sinha ◽  
Gulshan Shrivastava ◽  
Prabhat Kumar

User authentication is an indispensable part of a secure system. The traditional authentication methods have been proved to be vulnerable to different types of security attacks. Artificial intelligence is being applied to crack textual passwords and even CAPTCHAs are being dismantled within few attempts. The use of graphical password as an alternate to the textual passwords for user authentication can be an efficient strategy. However, they have been proved to be susceptible to shoulder surfing like attacks. Advanced authentication systems such as biometrics are secure but require additional infrastructure for efficient implementation. This paper proposes a novel pattern-based multi-factor authentication scheme that uses a combination of text and images resulting for identifying the legitimate users. The proposed system has been mathematically analyzed and has been found to provide much larger password space as compared to simple text based passwords. This renders the proposed system secure against brute force and other dictionary based attacks. Moreover, the use of text along with the images also mitigates the risk of shoulder surfing.


2020 ◽  
Vol 17 (4) ◽  
pp. 548-553
Author(s):  
Naziha Khlif ◽  
Ahmed Ghorbel ◽  
Walid Aydi ◽  
Nouri Masmoudi

Very well evolved, information technology made so easy the transfer of all types of data over public channels. For this reason, ensuring data security is certainly a necessary requirement. Scrambling data is one solution to hide information from non authorized users. Presenting matrix content, image scrambling can be made by only adding a mask to the real content. A user, having the appropriate mask, can recognize the image content by only subtracting it. Chaotic function is recently used for image encryption. In this paper, an algorithm of image scrambling based on three logistic chaotic functions is proposed. Defined by its initial condition and parameter, each chaotic function will generate a random signal. The set of initial conditions and parameters is the encryption key. The performance of this technique is ensured for two great reasons. First, using masks on the image makes unintelligible its content. Second, using three successive encryption processes makes so difficult attacks. This point reflects, in one hand, a sufficient key length to resist to brute force attack. In the other hand, it reflects the random aspect of the pixel distribution in the scrambled image. That means, the randomness in one mask minimizes the correlations really existent between neighboring pixels. That makes our proposed approach resistant to known attacks and suitable for applications requiring secure data transfer such as medical image exchanged between doctors


2021 ◽  
Author(s):  
Brenda Jansen ◽  
Abe Dirk Hofman ◽  
Alexander Olof Savi ◽  
Han van der Maas

Use and benefits of the possibility to choose a success rate are studied in a math-practice application that is used by a considerable percentage of Dutch primary school children. Study 1 uses data that were collected with the application, using children's practice data (N = 40329; grades 1-6). Children differed in their preference for a high, medium, or low success rate. Preferences were associated with gender, age, and ability, matching expectations that follow from the literature. Study 2 is an experimental study with 192 children from grades 3-6, using a pretest, training phase, and posttest. The possibility to choose a success rate was manipulated. Unexpectedly, beneficial effects for math practice, improvement of math skills, and self-belief concerning math were absent. Results suggest an appreciation of the possibility to choose, although beneficial effects of choosing were not observed for motivation to practice, skill improvement, and self-belief concerning math.


Author(s):  
Stian Fauskanger ◽  
Igor Semaev

Multidimensional linear cryptanalysis of block ciphers is improved in this work by introducing a number of new ideas. Firstly, formulae is given to compute approximate multidimensional distributions of the encryption algorithm internal bits. Conventional statistics like LLR (Logarithmic Likelihood Ratio) do not fit to work in Matsui’s Algorithm 2 for large dimension data, as the observation may depend on too many cipher key bits. So, secondly, a new statistic which reflects the structure of the cipher round is constructed instead. Thirdly, computing the statistic values that will fall into a critical region is presented as an optimisation problem for which an efficient algorithm is suggested. The algorithm works much faster than brute forcing all relevant key bits to compute the statistic. An attack for 16-round DES was implemented. We got an improvement over Matsui’s attack on DES in data and time complexity keeping success probability the same. With 241.81 plaintext blocks and success rate 0.83 (computed theoretically) we found 241.46 (which is close to the theoretically predicted number 241.81) key-candidates to 56-bit DES key. Search tree to compute the statistic values which fall into the critical region incorporated 245.45 nodes in the experiment and that is at least theoretically inferior in comparison with the final brute force. To get success probability 0.85, which is a fairer comparison to Matsui’s results, we would need 241.85 data and to brute force 241.85 key-candidates. That compares favourably with 243 achieved by Matsui.


Sign in / Sign up

Export Citation Format

Share Document