Top PDF A Shoulder Surfing Resistant Graphical Verification System

A Shoulder Surfing Resistant Graphical Verification System

A Shoulder Surfing Resistant Graphical Verification System

As the portable showcasing insights accumulation by Danyl, the versatile shipments had overwhelmed PC shipments in 2011, and the quantity of portable clients likewise surpassed work area clients at 2014, which shut to 2 billion [17]. Be that as it may, bear surfing assaults have represented an awesome risk to clients' security and secrecy as cell phones are getting to be indis-pensable in current life. Individuals may sign into web administrations and applications openly to get to their own records with their PDAs, tablets or open gadgets, similar to bank ATM. Shoulder-surfing assailants can watch how the passwords were entered with the assistance of reflecting glass windows, or not to mention screens hanging wherever openly puts. Passwords are presented to dangerous conditions, regardless of whether the passwords themselves are perplexing and secure. A safe confirmation framework ought to have the capacity to protect against bear surfing assaults and ought to be pertinent to a wide range of gadgets. Validation plots in the writing, for example, those in [6], [18], [19], [20], [21], [22], [23], [24], [25] are impervious to bear surfing, however they have either ease of use confinements or little secret key space. Some of them are not appropriate to be connected in cell phones and the vast majority of them can be effortlessly bargained to bear surfing assaults if assailants utilize video catching systems like Google Glass [15], [26]. The impediments of ease of use incorporate issues, for example, setting aside greater opportunity to sign in, passwords being excessively troublesome, making it impossible to review after a timeframe, and the confirmation strategy being excessively convoluted for clients without legitimate training and practice.
Show more

9 Read more

A Sophisticated Approach to Graphical Password

A Sophisticated Approach to Graphical Password

As the mobile marketing statistics compilation by Danyl, the mobile shipments had overtaken PC shipments in 2011, and the number of mobile users also overtaken desktop users at 2014, which closed to 2 billion. However, shoulder surfing attacks have posed a great threat to users’ privacy and confidentiality as mobile devices are becoming essential thing in modern life. People may log into web services and apps in public to access their personal accounts with their smart phones, tablets or public devices, like bank ATM. Shoulder-surfing attackers can observe how the passwords were entered with the help of reflecting glass windows, or alone monitors hanging everywhere in public places. Passwords are exposed to risky environments, even if the passwords themselves are complex and secure. A secure authentication system need to be able to defend against shoulder surfing attacks and should be applicable to all kinds of devices. Authentication schemes in the literature such as those in [6] are resistant to shoulder-surfing, but they have either usability limitations or small password space. The limitations of usability include issues such as taking more time to log in, passwords being too difficult to recall after a period of time, and the authentication method being too complicated for users without proper education and practice. In 2006, Wiedenbeck et al. proposed PassPoints [5] in which the user picks up several points (3 to 5) in an image during the password creation phase and re-enters each of these pre-selected click-points in a correct order within its tolerant square during the login phase. Comparing to traditional PIN and textual passwords, the Pass- Points scheme substantially increases the password space and enhances password memorability. Unfortunately, this method of graphical authentication scheme is vulnerable to shoulder surfing attacks. Hence, based on the PassPoints, we implement the idea of using one-time session passwords and PassMatrix authentication system that is resistant to shoulder surfing attacks.
Show more

5 Read more

Graphical password schemes design: enhancing memorability features using autobiographical memories

Graphical password schemes design: enhancing memorability features using autobiographical memories

password information onscreen for an even shorter period. The onlooker is not given a chance to observe a complete user password onscreen [10]. Forget , et la. Proposed a gaze-based authentication system called Cued Gaze-Points (CGP) and designed to resist shoulder surfing problem. It is a cued-recall graphical password scheme using eye-gaze as an input mechanism [11] where users select points on a sequence of images with their eye-gaze instead of mouse- clicks. The main idea of the scheme is to make it difficult for onlooker see the login credential through mouse movement and clicking. Haichang et al. designed a recognition-based scheme inspired by DAS drawing input method and the association mnemonics in Story for sequence retrieval was proposed [12]. This scheme is an improvement of Story scheme and has a wanted usability for PDAs. In this scheme, to create a password, user chooses several images from the set as his/her pass-images which are connected mentally with a story to remember them correctly during authentication. To authenticate, user draws a curve across both pass-images and decoys in the right order. The drawing input trick along with the complementary measures, such as erasing the drawing trace, showing tainted images, and starting and ending with randomly designated images provide a good resistance to shoulder- surfing [12]. Another textual-graphical password scheme designed to provide resistance against Shoulder-surfing is S3PAS [13] . The acronym stands for Scalable Shoulder- Surfing Resistant Textual-Graphical Password Authentication Scheme . The scheme exists in three different variants and each serves different security environments.
Show more

7 Read more

Shoulder Surfing Attack Prevention using Color Pass Method

Shoulder Surfing Attack Prevention using Color Pass Method

© 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1368 special rule to mix his textual password to get a session password to login the system is proposed by H. Zhao and X. Li [2], S3PAS: A scalable shoulder-sarong resistant textual graphical password authentication scheme. A text-based shoulder surfing resistant graphical password scheme by using colors is proposed by Sreelatha et al. 'M. Sreelatha, M. Anirudh, Md. grand Turk Ahamer, and V. Manoj Kumar [3]. Authentication schemes for session passwords using color and images, International Journal of Network Security & Its applications'. Clearly, as the user has got to additionally study the order of many colours, the memory burden of the user is high. To avoid the above drawbacks we'll describe a straightforward and efficient technique for the shoulder surfing Attack using Texts and color primarily based graphical password scheme [4], it uses ten decimal numbers.
Show more

10 Read more

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

In order to protect users’ digital property, authentication is required every time they try to access their personal account and data. However, conducting the authentication process in public might result in potential shoulder surfing attacks. Even a more complex password can be cracked easily through shoulder surfing. Using traditional textual passwords or PIN method, users need to type their passwords to validate themselves and thus these passwords can be revealed easily if someone peeks over shoulder or uses video recording devices such as cell phones or google glass. To overcome this problem, we proposed a shoulder surfing resistant authentication system based on graphical passwords, named PassMatrix and PairBased. Using a one-time login indicator per image, users can point out the location of their pass-square without directly clicking or touching it, which is an action vulnerable to shoulder surfing attacks. Because of the design of the horizontal and vertical bars that cover the entire pass image, it offers no clue for attackers to narrow down the password space even if they have more than one login records of that account.
Show more

5 Read more

A New Methodology On Resistant Graphical Authentication Scheme

A New Methodology On Resistant Graphical Authentication Scheme

Abstract: Graphical scheme is commonly used for authentication but this scheme is vulnerable to dictionary attack, shoulder surfing attack, accidental login. Hence the text-based shoulder surfing resistant graphical password schemes is proposed. This proposed system based on partially identification attacker model is partially observe the login procedure. Classical PIN entry is a popular scheme is greatly balances the usability as well as security aspects of a system. .A personal identification number (PIN) entered in to numeric password in mobile and stationary systems. The Shoulder Surfing Attack (SSA) becomes great unease. The Session key mechanism is proposed the proposed system introduces number of Virtual Random Keyboard and a secure intellectual OTP and LTP methods for securing the authentication at a higher level. Thus the proposed system provide user securely login without any attack probability by multiple level security and advanced attack preventing system. Our results demonstrate that gaze-based password entry requires marginal additional time over using a keyboard error rates is similar to every keyboard and subjects preferred the gaze-based password entry approach over traditional methods.
Show more

8 Read more

Shoulder Surfing Resistance Graphical
Password Autentication


     V.D.Janani, V.Anwar, M .Ravi Sankar Abstract PDF  IJIRMET160204008

Shoulder Surfing Resistance Graphical Password Autentication V.D.Janani, V.Anwar, M .Ravi Sankar Abstract PDF IJIRMET160204008

The user can start up the server after system is opened. Then the user can upload the file to the storage with the key to access it. The key process is done with Grid selection and Pass Point algorithm. By clicking particular point at the given image, the position of the image pixel is taken as X & Y Co-ordinates as key. These co-ordinates were assigns as X1, Y1 and by clicking on different position 2 nd coordinates were assigned as X2, Y2.In this a password guess tested in an unsuccessful trial is determined than traditional approaches.

11 Read more

PASSMATRIX  An Authentication System to Resist Shoulder Surfing Attacks

PASSMATRIX An Authentication System to Resist Shoulder Surfing Attacks

pattern based password. These patterns based authentication system is vulnerable to shoulder surfing attack as well as the Smudge Attacks. The attacker can easily get the password pattern by observing the smudge left on the touch screen. Defining bad and easily crackable password and/or login using password in insecure environment mainly causes loopholes in password authentication security. There is a need of secured password authentication system which overcomes the drawbacks of existing text and image based password schemes. To overcome these problems biometrical password scheme is introduced. In biometric password authentication system user voice, retina, thumbprint, face are used as a passwords. There are various types of biometric sensors which as able to authenticate user. Such schemes are secured but hardware specific. Special sensor devices are required for authentication. It is impractical to have such authentication system to regular web based resources and such system installation and maintenance is costly. This proposed work provides a graphical authentication system. This system is able to restrict shoulder surfing attack. To resist shoulder surfing attack it uses session password technique. In session password user will add new password at every login attempt. The added password is valid for only single login session. Pass-matrix technique is proposed in this work. This technique uses pass-point clicking. This technique uses more than one image as a password. For every image it defines the click points as a pass-square. If user is not being able to click on correct pass square then system displays a wrong image for next pass input. This wrong image is treated as a warning to the user. To define session password for pass square click, a hint is provided to the user. Based on the given hint user will select the password for that session.
Show more

6 Read more

Implementation of Shoulder Surfing Graphical Password Schemas Using VSK and OTP, LTP Verification

Implementation of Shoulder Surfing Graphical Password Schemas Using VSK and OTP, LTP Verification

Certain type cryptography algorithms in the communication system, by their mathematical properties cannot be fake by brute-force. Example of this secure way is the one time password (OTP) algorithm [7], where individual plain text bit has an equivalent and corresponding key bit. One-time passwords or OTPs depend on the capability to produce the actual new and unique random sequence of key bits. A brute force attack would gradually show the original decoding, and also all the other possible combinations of bits and would have no medium of differentiating one from another. A very little i.e. 100-byte, one-time-password (OTP) encoded string considered for a brute force attack would truly reveal every 100-byte string possible, including the original OTP as an answer, but with very low probability. Now the analysis of one-time password (OTP) algorithm for safe and secure transactions over the network available today based on email authentication or mobile authentication is completed and also the analysis of the possible attacks over the one- time password (OTP) algorithms have studied.
Show more

8 Read more

S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

Moreover, it is much more difficult to carry out brute-force attacks against textual-graphical passwords than text-based passwords. The attack programs need to automati-cally generate accurate mouse motion to imitate human in-puts, which is particularly difficult for S3PAS. People can recognize a login image in less than one second, whereas computers spend a considerable amount of time processing millions of bytes of information regardless of whether the login image is a face, a landscape, or a meaningless shape.

6 Read more

A Pattern-Based Password Authentication Scheme for Minimizing Shoulder Surfing Attack

A Pattern-Based Password Authentication Scheme for Minimizing Shoulder Surfing Attack

Shoulder surfing attack can be minimized using text and color based on graphical password scheme that was proposed by [24]. This method needs the user to choose the length of the password which is between 8 to 15 characters and chooses one color as his pass color from 8 colors that are given by the system. As the seven colors remaining, it will be the decoy colors. As usual, users also need to register an e-mail address for re-enabling his account when he enters a wrong password. The most important things in this scheme are user need to carried the registration process in an environment that is free from shoulder surfing. During the login process, a circle will display which is composed of 8 sectors of equal size when a user sends a login request. The colors of the arcs of each sector are different that can be identified by the color of its arc. Besides, there is a button for rotating the circle clockwise, anti-clockwise, the “confirm” button and the “login” button as well [24]. The user has to rotate the sector which contains the characters of the password and has to move the character in the sector which color is selected by the user until they have their password. As the conclusion, the system that proposed which uses text and color based graphical password is useful to reduce the shoulder surfing attack. Using this authentication method, the user can log in the system without caring about shoulder surfing because they can enter their password without using the physical keyboard. The user can also easily and efficiently login to the system if they use this authentication method as they are familiar with both password scheme that is textual password and color based graphical password.
Show more

7 Read more

Survey Of Graphical Password Authentication Techniques

Survey Of Graphical Password Authentication Techniques

Zhao and Li [14] proposed a Textual- Graphical Password Authentication scheme (S3PAS) to resist the shoulder surfing attacks. This scheme combines advantages of both textual and graphical passwords and is resistant to shoulder-surfing, spyware and hidden-camera attacks. At the time of registration, user has to select a string k as the original textual password. Password length may vary on different environments and for different security requirements. During login, user has to find the original password in the login image and then click inside the invisible triangles, called “passtriangles”, created by the original password.
Show more

8 Read more

Secured Hybrid Authentication Schemes using Session Password and Steganography

Secured Hybrid Authentication Schemes using Session Password and Steganography

1. Advanced Scalable Shoulder-Surfing Resistant Graphical Password Authentication Scheme (AS3PAS): In the proposed system the user has to create its own region in AS3PAS. The smaller the region the security is more. Clicking on three times on a given complicated image. During registration process the user is provided with the complicated images. What user has to do is, he has to click on image three times creating a triangular region.

7 Read more

Authentication Scheme for Passwords using Color and Text

Authentication Scheme for Passwords using Color and Text

In 2002 Sobrado and Birget developed a new graphical password scheme called Triangle algorithm as mentioned in [5] that is aimed to deal with shoulder surfing problem. At registration phase user is asked to choose a certain number of pass objects from 1000 proposed objects. Later, to authenticate, the system displays a variety of objects on the screen and the user is asked to click inside the area that the previously selected objects form. The action repeats for several times but every time the icons on the screen will shuffle and appear in different place. Major disadvantage of this scheme refers to a very crowded display, so the user cannot distinguish the objects on the screen. Also the average registration and login time is much longer than in the traditional text-based approach. On the other hand, using fewer objects may lead to a smaller password space.
Show more

8 Read more

A Novel Two-Factor Authentication System Robust Against Shoulder Surfing

A Novel Two-Factor Authentication System Robust Against Shoulder Surfing

Another sort of prevention and resistance against bystanders is presented by (De Luca et al.,, 2010) to make the method of entering digits dimmer to bystanders at ATM machines. As authentication takes place, according to three colours associated with letters users enter a series of alphabets which indicates the real numeric passphrase. As the relationship between the entered phrases with the real passphrase is one-to-one relation, the primary weakness can be found via intersection attack after several times of observations but still resistant against one time observation. In another research which has been conducted by De Luca et al., , 2013), fake cursors used to obscure bystanders sights. According to their findings, the most efficient and effective case is about participation of 16 cursors, no colour and randomized on a virtual keyboard. One of the drawbacks can be found in relative speed of cursors. If active cursors moved faster than others, it would be easier for intruders by looking at video or even onlookers to know which one is an active cursor.
Show more

7 Read more

A Novel Approach to Resist Shoulder Surfing Attack

A Novel Approach to Resist Shoulder Surfing Attack

The most common method used for authentication is textual password. The vulnerabilities of this method like evesdropping, dictionary attack, social engineering and shoulder surfing are well known. Random and lengthy passwords can make the system secure. But the main problem is the difficulty of remembering those passwords. Studies have shown that users tend to pick short passwords or passwords that are easy to remember. Unfortunately, these passwords can be easily guessed or cracked. The alternative techniques are graphical passwords and biometrics. But these two techniques have their own disadvantages. Biometrics, such as finger prints, iris scan or facial recognition have been introduced but not yet widely
Show more

6 Read more

A Shoulder Surfing Resistant Image Augmented Multi Password Authentication System with Key Store Time Log in & Coordination Comparison

A Shoulder Surfing Resistant Image Augmented Multi Password Authentication System with Key Store Time Log in & Coordination Comparison

The general concept behind a token-based authentication system is simple. Allow users to enter their user name and password in order to obtain a token which allows them to fetch a specific resource without using their user name and password. Once their token has been obtained, the user can offer the token which offers access to a specific resource for a time period to the remote site. Method of Loci. It also uses recall based technique. IBA is based on a user’s successful identification of his image password set. After the user name is sent to the authentication module, it responds by displaying an image set, which consists of images from the user’s password set mixed with other images. The user is authenticated by correctly identifying the password images. The human brain is more adept in recalling a previously seen image than a previously seen text.
Show more

5 Read more

Defending Shoulder Surfing Attacks in Secure Transactions Using Session Key Method

Defending Shoulder Surfing Attacks in Secure Transactions Using Session Key Method

A. Bianchi, I. Oakley, and D.-S. Kwon, introduced a Spinlock technique which is novel any model non – visual interaction technique [12] which is used for PIN entry in public terminals such as ATMs, door locks, etc. This is a more secure technique which is resistant to brute force and observation attacks. Spinlock is based on the rotating dial for traditional safe. This system unlocked by input a dial as a clockwise and anticlockwise rotation. The more safe PIN entry will be 2-anti clockwise, 8-clockwise, and 7–clockwise. Spinlock was introduced for the Apple iPhone and iPod touch devices. The users interact with the system by selecting the edge of the circular dial widget and drag the cursor around the rim.
Show more

10 Read more

Password Authentication by graphical And Keylogging-Resistant Visual System

Password Authentication by graphical And Keylogging-Resistant Visual System

Now a days, due to advancements in technology, it is easier to hack into various kinds of computer systems. We live in era marked by technological advancements. Due to this, people have started using net banking and other critical services on their mobiles, tablets, etc. Because of this , they are exposed to environments where adversaries can steal their passwords by using various methods. Cyber-security is not a recent topic. In fact, there have been many researches and many techniques have been implemented to achieve security. But, still many people face problem pertaining to cyber thefts. We try to tackle and eventually eliminate issues such as shoulder surfing, smudge attack, dictionary attack and brute force attack. The graphical password works by having the user select from images, in a specific order, presented graphical user interface. For this reason it is also called as Graphical user authentication (GUA). It can be categorized in two ways
Show more

6 Read more

Shoulder Surfing Resistant Graphical Authentication Scheme for Web Based Applications

Shoulder Surfing Resistant Graphical Authentication Scheme for Web Based Applications

Varenhorst et al developed Pass-doodles in 2004 using recall based technique. It is a hand- written design usually drawn with stylus unto touch sensitive screen. A doodle in this case is an ordered set of points which is drawn (Figure 1.1 is an example of a doodle) and saved during registration. In addition to the doodle drawn, the speed used in drawing the doodle is also calculated and saved. This graphical authentication scheme provides an easy way for users to remember the pass-doodle drawn but it

13 Read more

Show all 10000 documents...