Top PDF Shoulder Surfing Attack Prevention using Color Pass Method

Shoulder Surfing Attack Prevention using Color Pass Method

Shoulder Surfing Attack Prevention using Color Pass Method

Shoulder surfing attacks are not new. In literature, we find many graphics based techniques to prevent such shoulder surfing attacks. However, we will discuss here a number of the partially observable schemes to propose the color Pass scheme. It includes number of various techniques like Movable Frame theme, the Intersection theme, the triangle theme, convex Hull Click theme (CHC), graphical password scheme that uses color login but generally there's possibility of password recognized by the third person or hacker. The problem is password isn't protected by the existing techniques. The proposed solution is somewhat more efficient than the existing ones. Colorpass strategies are comparatively new fields of password preventions that are being explored for advancement within the existing preventive techniques. The colorpass strategies makes use of the concept of entering the PIN ofuser without revealing the actual PIN and hence prevent from shoulder surfing attacks.
Show more

10 Read more

DIGITAL PASSWORD SURVEYMr. Dipak P. Umbarkar1, Prof. Megha singh2

DIGITAL PASSWORD SURVEYMr. Dipak P. Umbarkar1, Prof. Megha singh2

At present predictable secret word patterns are subjected to eves dropping, dictionary attacks and shoulder surfing, numerous shoulder surfing unchanged graphical password patterns proposed. At the same time, the utmost public techniques used for authentication are textual passwords. A number of graphical password schemes that are planned in past years. A most of user’s used word-based passwords than pure graphical passwords, so we have proposed word- based graphical password schemes. Undesirably, none of existing schemes are create hybrid digital graphical password scheme. In this paper, we propose an improved mainly textual-based, numerical based shoulder surfing resistant and other attacks like social engineering resistant, eves dropping and dictionary attacks resistant graphical password by using colors. In the predictable scheme, the operator can robustly, simply and efficiently login system and observe the security, usability and resistance to various attack of the designed system.
Show more

6 Read more

3D SECURE PASSWORD

3D SECURE PASSWORD

Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, a technique is proposed to generate session passwords using colors which are resistant to shoulder surfing. This method is suitable for Personal Digital Assistants.
Show more

5 Read more

Secured Hybrid Authentication Schemes using Session Password and Steganography

Secured Hybrid Authentication Schemes using Session Password and Steganography

ABSTRACT: The most common method is textual passwords that were used for authentication. Unfortunately, these passwords can be easily guessed or cracked. The next best techniques are graphical passwords. Since, there are many graphical password schemes that are proposed in the last decade, But most of them suffer from shoulder surfing which is also a big problem. Also, there are few graphical passwords schemes that have been proposed which are resistant to various attacks. In this paper two new authentication schemes are proposed with steganography algorithm for any transaction . Any authentication process gets very secure when two or three techniques used together for a system. For every login process, user input different passwords. We proposed two different shoulder surfing resistance graphical password authentication scheme methods one is AS3PAS and second is hybrid textual scheme using color code also Advanced LSB which removes the drawback of simple LSB that it supports all image format.
Show more

7 Read more

Authentication Scheme for Passwords using Color and Text

Authentication Scheme for Passwords using Color and Text

In any organization, regardless the size and nature of the company, information security is a major concern. The protection of information and implementation of adequate security mechanisms with respect to confidentiality, integrity and authenticity are especially important in today's increasingly interconnected business environment. Traditional textual passwords are perhaps the most prevalent and convenient authentication method because they are familiar to all users, easy to use, and cheap to implement. The known weakness of traditional user authentication is a tendency to choose passwords with predictable characteristics, which in turn reduces password strength and makes it vulnerable to various attacks as mentioned in [2]. Sufficiently secure password should be at least eight characters or longer, random, without any semantic content, with mix of uppercase and lowercase letters, digits, and special symbols. Generally, users ignore any tips and recommendations for creating a secure password. Moreover, some users write down their passwords on a piece of paper, share passwords with others or use the same password for multiple accounts. Most of the common attacks namely brute force search attack, dictionary attack, guessing attack, shoulder surfing attack, spyware attack, and social engineering
Show more

8 Read more

Securing Image Password by using Persuasive
          Cued Click Points with AES Algorithm

Securing Image Password by using Persuasive Cued Click Points with AES Algorithm

Abstract — In Digital environment authentication plays a major role. For authentication purpose the graphical based technique is used. The purpose of this paper is increasing the security space and avoiding the weakness of conventional password. The most common computer authentication method is to use alphanumeric user name and passwords. User often creates passwords that are memorable which is easy for attackers to guess, but strong system assigned passwords are difficult for users to remember. So researchers of modern days have gone for alternative methods where in graphical picture are used as a password. By using graphical password scheme shoulder surfing attack, masquerading and eavesdropping can be minimized. In this paper, we have changed the way of clicking on the images and to make the password more secure Advanced Encryption Standard (AES) technique is used so that authentication can become more secure and password can be generated, authenticated & protected easily. This paper presents the idea of new graphical idea for authentication. This system can be used for any online/offline system.
Show more

6 Read more

A Novel Approach to Resist Shoulder Surfing Attack

A Novel Approach to Resist Shoulder Surfing Attack

No special mathematical knowledge is required to use our scheme. Thus the scheme can be easily used by any type of users which widens the scope of applicability of our scheme. However one problem associated with our scheme is that scheme cannot be used by color blind people. As the scheme is based on colors only, Except this limitation our methodology is quite powerful against attacks such as guessing PIN, shoulder surfing attack, side channel attack and yet provides a simple to use interface which consumes a very low login time. 5. C ONCLUSIONS
Show more

6 Read more

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

To overcome the disadvantages of textual password we proposed the graphical password in a banking sector as a real time scenario. Graphical password and a virtual keyboard shuffling method is used to protect the traditional password attacks while we using textual password. Our proposal system overcomes the disadvantages of textual password attacks. Due to encryption of our data additional security will be provided.

8 Read more

CUED CLICK POINT (CCP) ALGORITHM FOR GRAPHICAL PASSWORD TO AUTHENTICATE SHOULDER SURFING RESISTANCE

CUED CLICK POINT (CCP) ALGORITHM FOR GRAPHICAL PASSWORD TO AUTHENTICATE SHOULDER SURFING RESISTANCE

Authentication plays an important role in security of the user system , without which the performance of user system will not be yield very significant improvement. The need of authentication is required for high security .There are various methods to provide authentication like password authentication but this type of authentication cannot provide in the fields like banking application, military, forensic labs, etc. [1].Textual passwords are attacked by Masquerading, Eaves dropping, Dictionary attack, Shoulder surfing attack, Spyware and Guessing attack [7]. To overcome this drawbacks, graphical passwords were introduced. Using graphical password user is able to set up a complex authentication password and is able to recollect it, even if the memory is not activated periodically [3]. This paper focuses on the issues and eliminates them resulting more secure, reliable and useable for users.
Show more

7 Read more

A Shoulder Surfing Resistance using HMAC Algorithm

A Shoulder Surfing Resistance using HMAC Algorithm

Textual passwords have been the most widely used authentication method for decades. Comprised of numbers and upper- and lower-case letters, textual passwords are considered strong enough to resist against brute force attacks. Image-based passwords are vulnerable to shoulder surfing attacks (SSAs). This type of attack either uses direct observation, such as watching over someone’s shoulder or applies video capturing techniques to get passwords, PINs, or other sensitive personal information. To provides authentication by blocking the user account if wrong password injected to the server frequently but recover password using SMS verification.
Show more

5 Read more

A Survey of Various Password Authentication Schemes Shritika Waykar 1, Tejaswini Barhate2 , Nidhi Iche 3

A Survey of Various Password Authentication Schemes Shritika Waykar 1, Tejaswini Barhate2 , Nidhi Iche 3

Textual passwords generally are used for authentication. Graphical password is introduced opposite method to textual passwords. Most users are aware with textual password than pure graphical password. Shoulder-surfing is a known hazard where an attacker can seizure a password by direct show or by listening the verification session. Text can be combined with alphabet, digit, images or colors to generate session passwords for authentication. In early days Textual passwords are used for security of session but these passwords are vulnerable to the various attacks like Dictionary attack, Shoulder surfing, eves dropping, etc. Further graphical passwords and bio-metric password methods are created for authentication. These two methods are good to carry out but they have their own disadvantages. Such as it requires additional period for login and more expensive respectively. Session password strategy in which the passwords are used only once for each and when session is terminated the password is no longer in use. The session password scheme uses Pair Based Authentication scheme for generating session password. The paper discusses various approaches of passwords authentication schemes.
Show more

5 Read more

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

In 2014, S. Sheen et al. [7] also proposed a text- based shoulder surfing resistant graphical password scheme by using colors. Clearly, as the user has to additionally memorize the order of several colors, the memory burden of the user is high. In the same year, Kim et al. [16] proposed a text based shoulder surfing resistant graphical password scheme, and employed an analysis method for accidental login resistance and shoulder surfing resistance to analyze the security of their scheme. Unfortunately, the resistance of Kim et al.’s scheme to accidental login is not satisfactory. In 2006, Welly. [8] proposed a text based shoulder surfing resistant graphical password scheme, PPC. To login the system, the user has to mix his textual password to produce several pass-pairs, and then follow four predefined rules to get his session password on the login screen. However, the login process of PPC is too complicated and tedious. Mathews et al. [9] proposed PassPoints in which the user picks up several points (3 to 5) in an image during the password creation phase and re-enters each of these pre-selected click-points in a correct order within its tolerant square during the login phase. Comparing to traditional PIN and textual passwords, the Pass-Points scheme substantially increases the password space and enhances password memorability.
Show more

5 Read more

Study and Analysis of Shoulder-Surfing Methods

Study and Analysis of Shoulder-Surfing Methods

implementing user interface we have assigned unique colors to each Ci (i varies from 0 to 9) (shown in TABLE II). Ten colors is chosen in such a way so that each color is clearly distinguishable from other. The actual interface is shown in Fig. 1. For convenience we have marked each table number by white font to distinguish it from other digits (which are marked using black font) in the table. As the color cells position in each table is fixed so user can locate the desired colored cell quite quickly. This contributes in getting faster login time. Similarities between keypads in Color Pass, as shown in Fig.2 and classical PIN entry method makes our methodology more user friendly. Only the two extreme keys at the bottom row are kept unused. If user chooses Yellow Pink Violate Grey and receives challenge values 6 3 5 6 then seeing the interface in Fig.1 user will enter 5 3 7 2 using the key board showing at Fig. 2.[4]
Show more

7 Read more

Human Interaction in Shoulder Surfing Security

Human Interaction in Shoulder Surfing Security

Human adversaries can be more powerful than expected when shoulder surfing. The covert attentional shoulder surfing proposed in this paper is to our knowledge the first sophisticated counterattack of humans against the system, previously evaluated to be secure. What we have learned from the weaknesses of the improved BW method is that achieving both security and usability is truly challenging and prone to erroneous designs due to the lack of formal treatment. We adapted this multi-color number panel for resolving this problem because it is effective in modeling a skilled user. The estimated performance in our modeling was quite close to the experimental results. Our novel idea of modeling the adversary was also effective in analyzing security and devising an improved method. The new attack was successfully modeled and experimented. It was interesting that participants who enjoy fast-paced video games were better at shoulder surfing, and the training effect was remarkable. The proposed system is effective in achieving the output in a time span less than what the Black and White method took for producing the output. Also has a good critical path variation in the design part rather than with user interface difficulty of our proposed system.
Show more

5 Read more

Text Based Shoulder Surfing Resistant Using Graphical Password (CAPTCHA)

Text Based Shoulder Surfing Resistant Using Graphical Password (CAPTCHA)

With our study database to train and test on human seeded attack also we define 10-fold cross validation analysis which is based on macro model, provide information how the attacker attacks with the help these method ideal and used human computed dataset. In our studies we focus on hot spot in click based graphical password, and hoe impact on the securities. We define attack dictionary for the click based graphical password. In our studies we proposed and explored the use of human computation to generate graphical dictionary. We define that this method is suitable rather that other types of graphical password where user can having free choices.
Show more

6 Read more

Safe validation of shoulder surfing using the concept of secret password with PassMatrix

Safe validation of shoulder surfing using the concept of secret password with PassMatrix

pictures/icons/symbols as input during an authentication session. Also the most common computer authentication method is to use alphanumerical username and password which has significant drawbacks, thus making them vulnerable to “shoulder-surfingattack because the visual interface by function is easily observed by others. When users input their passwords in a public place, they may be at risk of attackers stealing their password. An attacker can capture a password by direct observation or by recording the individual’s authentication session. This is referred to as shoulder surfing. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user's actual password. However, there are many situations where the user can still be exposed to any kind of shoulder surfing attack. So, we use graphical authentication as a solution.
Show more

5 Read more

HoneyPass: A Shoulder Surfing Resistant Graphical Authentication System using Honeypot

HoneyPass: A Shoulder Surfing Resistant Graphical Authentication System using Honeypot

Abstract: In today's modern world, securing the organization’s data has become a major concern. To provide security, the most widely recognized authentication methods are credentials, OTP, LTP etc. These methods are more prone to Brute Force Attack, Shoulder Surfing Attack, and Dictionary Attack. Shoulder Surfing Attack (SSA) is a data theft approach used to obtain the personal identification numbers or passwords by looking over the user's shoulder or by external recording devices and video capturing devices. Since SSA occurs in a benevolent way, it goes unnoticed most of the times. It is one of the simple and easy methods for hackers to steal one's sensitive information. The hacker has to simply peek in while the user types in the password without any much effort involved. Therefore, this phenomenon is widely unknown to people all over the world. Textual passwords are a ubiquitous part of digital age. Web applications/mobile applications demand a strong password with at least one capital letter and a special letter. People tend to give easy passwords in order to remember them which can be easily shoulder surfed. To overcome this, graphical password techniques are used to provide a more secure password. In the graphical authentication system, the users click on target images from a challenge set for authentication. Various graphical systems have been proposed over the years which are shown to be more secure when compared to other authentication systems. In this paper, a shoulder surfing resistant graphical authentication system is implemented using honeypot concept.
Show more

11 Read more

A Shoulder Surfing Resistant Graphical Password System             

A Shoulder Surfing Resistant Graphical Password System             

Authentication is the first security mechanism that can be used to prevent unauthorized access to the system. In addition, textual password (text-based password) is the most famous authentication mechanism which has been used for several years. In this authentication method, a user selects a combination of characters as his password, which is required to memorize by him. However, in order to have a secure password, the generated password must follow several requirements such as minimum 8 characters, a combination of capital and small characters, alphanumeric, using special characters, ... etc. Thus, this makes the password to be complex (e.g. "@bu*%183bDIK), which also makes difficulties for a hacker to guess (dictionary attack) or break (brute force attack) it. Similarly, the generated complex password provides this challenge for the users to memorize it for further access. Thus, the users tend to pen down their long and random passwords somewhere or take the easy passwords instead. Graphical password is an alternative authentication password which can solve the problem of remembering the complex passwords in textual password approach. In this case, several images are used to represent a user password, rather than the text. Later on, upon login to the system, a user can select or produce the same graphic image correctly for accessing to the system. Since remembering the image is easier than the text, the selected images as the password is complex as well as easy to remember by the user at the same time. Additionally, the other advantage of graphical password is to prevent stealing the passwords if a keystroke logger such as malicious software (Trojan) is installed by a hacker in order to capture the text-based passwords. In general, there are three graphical password approaches such as recognition-based, pure recall-based and cued recall based. In the recognition- based approach, the user can pick several images such as icons or symbols which he recently selected in user
Show more

5 Read more

Defending Shoulder Surfing Attacks in Secure Transactions Using Session Key Method

Defending Shoulder Surfing Attacks in Secure Transactions Using Session Key Method

ABSTRACT: To improve security of the various devices, the graphical password is memorable authentication method for authorization. But when a Personal Identification Number (PIN) entered as a numeric password in mobile or stationary systems, the Shoulder Surfing Attack (SSA) becomes great concern. To prevent SSA and to establish a secure transaction, The Multi color Technique and The Session key mechanism is proposed. In Multi color method, every numeric key is visually split into two halves and each half filled with two distinct colors simultaneously; So there exist four color groups on the numeric keypad and two colors for every numeric key. Session key mechanism constructed based on the basic layout of vertical array of digits from 0 to 9 with another array of ten familiar Symbols. This method make harder for a criminal to obtain PINs even if the iteration are fully observes the entire input of a PIN entry procedure. For Secure transaction, A One Way Hash is generated to Validated PIN and is sent to Server in public channel so that an active attacker cannot extract the PIN by monitoring the channel. Once Server Authenticated the PIN, Quick Response for the Mobile App will be redirect the user to the Services.
Show more

10 Read more

REVIEW ON COLOR PASSWORD TO RESIST SHOULDER SURFING ATTACK

REVIEW ON COLOR PASSWORD TO RESIST SHOULDER SURFING ATTACK

Abstract- Since conventional password schemes are vulnerable to shoulder surfing, many shoulder surfing resistant graphical password schemes have been proposed. However, as most users are more familiar with textual passwords than pure graphical passwords, text-based graphical password schemes have been proposed. Unfortunately, both the text-based password schemes and graphical password schemes are not secure and efficient enough and not adopted. Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with colors to generate secure passwords for authentication. The user passwords can be used only once and every time a new password is generated. In this paper, the user propose an improved text-based shoulder surfing resistant graphical password scheme by using color PIN entry mechanism which are resistant to shoulder surfing. In the proposed scheme, the user can easily and efficiently log in into the system. This proposed work gives more security over the password from shoulder surfing and accidental log in.
Show more

7 Read more

Show all 10000 documents...