Analyzing the Effectiveness of Touch Keystroke Dynamic Authentication for the Arabic Language

The keystroke dynamic authentication (KDA) technique was proposed in the literature to develop a more effective authentication technique than traditional methods. KDA analyzes the rhythmic typing of the owner on a keypad or keyboard as a source of verification. In this study, we extend the findings of the system by analyzing the existing literature and validating its effectiveness in Arabic. In particular, we examined the effectiveness of the KDA system in Arabic for touchscreen-based digital devices using two KDA classes: fixed and free text. To this end, a KDA system was developed and applied to a selected device operating on the Android platform, and various classification methods were used to assess the similarity between log-in and enrolment sessions. The developed system was experimentally evaluated. The results showed that using Arabic KDA on touchscreen devices is possible and can enhance security. It attains a higher accuracy with average equal error rates of 0.0% and 0.08% by using the free text and fixed text classes, respectively, implying that free text is more secure than fixed text.

Implementation of Event-Based Dynamic Authentication on MQTT Protocol

This paper proposes an authentication mechanism on the MQ Telemetry Transport (MQTT) protocol. The exchange of data in the IoT system became an important activity. The MQTT protocol is a fast and lightweight communication protocol for IoT. One of the problems with the MQTT protocol is that there is no security mechanism in the initial setup. One security attack may occur during the client registration phase. The client registration phase has a vulnerability to accept false clients due to the absence of an authentication mechanism. An authentication mechanism has been previously made using Transport Layer Security (TLS). However, the TLS mechanism consumes more than 100 KB of data memory and is not suitable for devices that have limitations. Therefore, a suitable authentication mechanism for constraint devices is required. This paper proposes a protocol for authentication mechanisms using dynamic and event-based authentication for the MQTT protocol. The eventbased is used to reduce the computing burden of constraint devices. Dynamic usage is intended to provide different authentication properties for each session so that it can improve authentication security. As results, the applied of the event-based dynamic authentication protocol was successful in the constraint devices of microcontrollers and broker. The microcontroller, as a client, is able to process the proposed protocol. The client uses 52% of the memory for the proposed protocol and only consumes 2% higher than the protocol without security. The broker can find authentic clients and constraint devices capable of computing to carry out mutual authentication processes to clients. The broker uses a maximum of 4.3 MB of real memory and a maximum CPU usage of 3.7%.