Top PDF A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

A Survey On Resisting Shoulder Surfing Attack Using Graphical Password

The variable Frame scheme, the Intersection scheme, and the Triangle scheme are proposed in 2010, Paul and Briggs [3]. This three schemes are helpful for resisting the shoulder surfing using graphical password schemes. In above mention three schemes two schemes have high failure rates that are Movable Frame scheme and Intersection scheme . The user has to choose and remember several pass-icons as his password in Triangle scheme. To secure login the system, the user has to correctly pass the predestined number of task. The chosen icons are displayed on the login screen, and then click inside the invisible triangle created by those three pass-icons which is selected by the user from the set of pass icon provided on randomly login screen perform this in each task. The Convex Hull Click Scheme (CHC) as an improved version of the Triangle scheme which is proposed in 2006,
Show more

5 Read more

A Comprehensive Survey On Graphical Passwords And Shoulder Surfing Resistant Technique Analysis

A Comprehensive Survey On Graphical Passwords And Shoulder Surfing Resistant Technique Analysis

Abstract: For any organization, it is essential to protect its all private resources from security threats from all over the world. The most general computer authentication method is to use alphanumerical usernames and passwords. Traditional alphanumerical passwords are vulnerable to many attacks. Graphical passwords are introduced as alternatives to textual passwords to overcome these problems . For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is hard to remember. To solve this problem, some researchers have developed authentication methods that use pictures as passwords. The fact is that humans can remember pictures better than text . During password creation, the user selects a theme consisting of photos in thumbnail size and set a sequence of pictures as a password. During authentication, user must recognize the images in the correct order. Each thumb nail image is assigned a numerical value, thus the sequence of the chosen images will create a numerical password. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. This paper publishes the analysis of graphical passwords and shoulder surfing resistant technique. Shoulder-surfing is a known risk where an attacker can capture a password by direct observation or by recording the authentication session.
Show more

7 Read more

Survey Of Graphical Password Authentication Techniques

Survey Of Graphical Password Authentication Techniques

Now-a-days, user authentication is an important topic in the field of information security. To enforce security of information, passwords were introduced. Text based password is a popular authentication method used from ancient times. However text based passwords are prone to various attacks such as dictionary attacks, guessing attacks, brute force attacks, social engineering attacks etc. Numerous graphical password schemes have been proposed so far as it improves password usability and security. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. We can categorize these techniques into four: recognition-based, pure recall-based, cued-recall based and hybrid approaches. Here we analyze the strengths and drawbacks of each method. This survey will be particularly useful for researchers who are interested in developing new graphical password algorithms as well as industry practitioners who are interested in deploying graphical password techniques.
Show more

8 Read more

A Survey on Shoulder Surfing Resistant Graphical Authentication Systems

A Survey on Shoulder Surfing Resistant Graphical Authentication Systems

ABSTRACT: Authentication based on passwords is used largely in applications for computer security and privacy. However, humanactions such a choosing wrong passwords and inputted passwords in an not secure way are regarded as” the weakest connection” in theauthentication chain. Rather than arbitrary alphanumeric character, users tend to select a password either short or his name related for easymemorization. With web site applications and mobile phone apps charging up, peoples can get access this typeof application anytime and anywhere with multiple devices. This evolution brings good convenience but also improves the probability of exposing passwords to shoulder surfingattacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To come this problem, weproposed a novel authentication system Pass Matrix, based on graphical passwords to resist shoulder surfing attacks. Many authentications methods are presented, but users are familiar with textual password method. Textual password methods are vulnerable to shoulder surfing andkey loggers. To come this problem many other authentication system like token based authentication, biometric bases authentication systems, graphical password methods have been proposed. In pair based system, the proposed of session password scheme uses Text and colors for generating session password. In the proposed scheme, theuser can easily and efficiently login system.
Show more

5 Read more

Text Based Shoulder Surfing Resistant Using Graphical Password (CAPTCHA)

Text Based Shoulder Surfing Resistant Using Graphical Password (CAPTCHA)

ABSTRACT: A Lot of security primitives are depend on more challenges and it will be resolved by some mathematical formulations. For security using high AI Problems and it’s become an evaluation for new pattern of security, but not explored well. In our studies we define Captcha as graphically password, graphically password system build on captcha technology mainly on hard AI problems we will present new security primitives. Captcha is combination of captcha and graphical password. CaRP is address multiple security issue like shoulder surfing attack, if combined with dual view technology, relay attack and online guessing attack. CaRP alone becomes inefficient to prevent all security, hence this paper makes a survey of the various security measures for secure password schemes and gives a clear picture of the efficiencies of the different techniques. For improving online security highly secure password offers usability and reasonable security and appears suit well with practical applications.
Show more

6 Read more

Secured Hybrid Authentication Schemes using Session Password and Steganography

Secured Hybrid Authentication Schemes using Session Password and Steganography

To overcome these problem graphical schemes were used. In graphical password there is also problem for shoulder surfing. But here user is authenticated using session to enter the different password. Its not possible that any one technique is very strong and fully secured. We need to make transaction very strong when we used two –three techniques simultaneously. Now when literature survey was done we come to know session passwords are more secure. When the session is over then that password is of no use for next session and current session gets terminated. Session password provides more security as every time the session starts a new password is created. Also steagnography is the technique that can be implemented so that we can secure our secret data while transaction. But LSB had some limitations like not supporting all file formats also not supporting 24-bit color images.
Show more

7 Read more

Implementation of Shoulder Surfing Graphical Password Schemas Using VSK and OTP, LTP Verification

Implementation of Shoulder Surfing Graphical Password Schemas Using VSK and OTP, LTP Verification

Starting form 1999 [3], different graphical password schemes include as an option or alternatives to simple and easy text-based password authentication. This section paper provides analytical overview and comprehensive system of published research work in this domain, viewing the both the features such as security aspects, usability and along with that system opinion. This survey first documents the existing or already prevailing approaches, innovative and enlightening new features of the individual styles and finding the key features of security advantages or usability ease. This paper takes into account the usability parameters for knowledge-based authentication and authorization as being applied to pictorial secure passwords and detect the security issues getting addressed that these techniques must identify and analyze, discuss technical problems concerned with performance evaluation, and search the research areas for further improvement and study. With text based passwords or credentials, users try out for unsecure coping technique, like making use of exact passwords for different transactional accounts to avoid forgetting memorizing different passwords and avoiding the passwords for different his/her accounts, change in security level cannot be alone addressed by the basic technical security of the system. Major problems that actually impact significantly in real life are about usability of that system. GUI (Graphical User Interface) design strategies and approaches may intentionally or unintentionally sway users’ behavior or tendency towards less secure transactional behaviors. Thus these most and powerful secure applications system must constraint high GUI related constraints based on necessary research work including the shortcomings and capabilities of the targeted users. In pictorial passwords, human nature for memorizing objects or visual passwords will provide appropriate and the optimal selection use of high level secure and passwords that have very low predictability, refraining users from unsecure practices.
Show more

8 Read more

DIGITAL PASSWORD SURVEYMr. Dipak P. Umbarkar1, Prof. Megha singh2

DIGITAL PASSWORD SURVEYMr. Dipak P. Umbarkar1, Prof. Megha singh2

Wiedenbeck et al. [3] proposed in 2006, the Convex Hull Click Scheme (CHC) as a superior version of the Triangle scheme with better security and usability. At the time of login the user has to properly answer some challenges. In each challenge, the user has to find any three pass-icons displayed on the login screen, and then click inside the invisible convex hull designed by all the showed pass-icons. But, the disadvantage of Convex-Hull Click scheme is login time which may be too long. In 2009, Gao et al. [4] proposed a shoulder surfing resistant graphical password scheme with color Login, in which the background color is a working issue for declining the login time. Still, the possibility of unintended login of Color Login is too high and the space of password is too small. In 2009, Yamamoto et al. [9] also proposed a shoulder surfing resistant graphical password scheme i.e. TI-IBA, in which icons are presented spatially and temporally. TI-IBA is less embarrassed by the screen size and easier for the user to find his pass-icons. Fatefully, TI- IBA’s resistance to unintended login is not tough. And, it may be problematic for some users to find his pass-icons temporally displayed on the login display.
Show more

6 Read more

CUED CLICK POINT (CCP) ALGORITHM FOR GRAPHICAL PASSWORD TO AUTHENTICATE SHOULDER SURFING RESISTANCE

CUED CLICK POINT (CCP) ALGORITHM FOR GRAPHICAL PASSWORD TO AUTHENTICATE SHOULDER SURFING RESISTANCE

From the above literature surveys, we have came to conclusion that there are many attacks taking place regarding the authentication process of the existing system.So we come up with the new authentication system which includes cued click point algorithm to resist shoulder surfing attack based on image password selected by user from image grid and image point is stored in the form of rows and coloumns as password ..

7 Read more

Shoulder Surfing Attack Prevention using Color Pass Method

Shoulder Surfing Attack Prevention using Color Pass Method

Shoulder surfing attacks are not new. In literature, we find many graphics based techniques to prevent such shoulder surfing attacks. However, we will discuss here a number of the partially observable schemes to propose the color Pass scheme. It includes number of various techniques like Movable Frame theme, the Intersection theme, the triangle theme, convex Hull Click theme (CHC), graphical password scheme that uses color login but generally there's possibility of password recognized by the third person or hacker. The problem is password isn't protected by the existing techniques. The proposed solution is somewhat more efficient than the existing ones. Colorpass strategies are comparatively new fields of password preventions that are being explored for advancement within the existing preventive techniques. The colorpass strategies makes use of the concept of entering the PIN ofuser without revealing the actual PIN and hence prevent from shoulder surfing attacks.
Show more

10 Read more

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

A SHOULDER SURFING RESISTANT GRAPHICAL AUTHENTICATION SYSTEM

There are lot of research on password based on authentication has been done in the literature. Among all of these proposed schemes, from this paper focuses mainly on the graphical-based authentication systems along with a virtual keyboard shuffling. It defines that the keys will be hidden and shuffled after we pressed a password key by using fisher Yates shuffling algorithm. To avoid the shoulder surfing and key logger attack, we introduced the above concepts. We need to choose image. After the image is accepted to split into 7*11 matrixes, we need to specify the cell to set as password. After the cell is selected as password, login indicator will be generated based on cell which is selected. At initial stage we need to create with a username. To avoid key loggers attack while we typing username and other authentication based, keys are shuffled by using above mentioned algorithm.
Show more

8 Read more

S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

S3PAS:A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme

To resist random-click attack, users are required to click several times followed by some click-rule just like the ba-sic S3PAS scheme. Recall the example shown in Section 3, if the password is “A1B3”, the user has to click four times to login. The problem is that whether four-character pass-word is long enough to resist the random-click attack? If the attacker is “lucky” enough, he/she might be able to click inside the correct triangle regions correctly just by random-clicks. We observe that the size of the pass-triangle area greatly affects S3PAS's security level. If the size of every pass-triangle area is too large, attackers are able to click in-side the right areas with higher probabilities. To evaluate the security level, we should find out the expected average size of the pass-triangle areas, which is an important mea-sure of S3PAS's security level.
Show more

6 Read more

Implementation of Graphical Authentication System for Shoulder Surfing Attacks

Implementation of Graphical Authentication System for Shoulder Surfing Attacks

In this paper author propose and evaluate new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords. Graphical input devices enable the user to decouple the position of inputs from the temporal order in which those inputs occur, and we show that this decoupling can be used to generate password schemes with substantially larger (memorable) password spaces. In order to evaluate the security of one of our schemes, we devise a novel way to capture a subset of the "memorable" passwords that, we believe, is itself a contribution.
Show more

9 Read more

A Shoulder Surfing Resistant Graphical Verification System

A Shoulder Surfing Resistant Graphical Verification System

considered, in applications for PC security and insurance. Regardless, human exercises, for instance, picking unpleasant passwords and contributing passwords in an unverifiable way are seen as "the weakest association" in the affirmation chain. Rather than self-self-assured alphanumeric strings, customers tend to pick passwords either short or noteworthy for straightforward recognition. With web applications and convenient applications loading up, people can get to these applications at whatever point and wherever with various devices. This advancement brings magnificent solace yet also grows the probability of displaying passwords to hold up under surfing attacks. Aggressors can observe clearly or use external narrative contraptions to accumulate customers' accreditations. To vanquish this issue, we proposed a novel confirmation system PassMatrix, in perspective of graphical passwords to contradict hold up under surfing strikes. With a one-time considerable login marker and circulative level and vertical bars covering the entire degree of pass-pictures, PassMatrix offers no knowledge for attackers to comprehend or restrict the watchword even they coordinate various camera-based ambushes. We in like manner executed a PassMatrix demonstrate on Android and finished bona fide customer examinations to evaluate its memorability and usability. From the exploratory result, the proposed system achieves better security from bear surfing attacks while taking care of convenience.
Show more

9 Read more

HoneyPass: A Shoulder Surfing Resistant Graphical Authentication System using Honeypot

HoneyPass: A Shoulder Surfing Resistant Graphical Authentication System using Honeypot

Abstract: In today's modern world, securing the organization’s data has become a major concern. To provide security, the most widely recognized authentication methods are credentials, OTP, LTP etc. These methods are more prone to Brute Force Attack, Shoulder Surfing Attack, and Dictionary Attack. Shoulder Surfing Attack (SSA) is a data theft approach used to obtain the personal identification numbers or passwords by looking over the user's shoulder or by external recording devices and video capturing devices. Since SSA occurs in a benevolent way, it goes unnoticed most of the times. It is one of the simple and easy methods for hackers to steal one's sensitive information. The hacker has to simply peek in while the user types in the password without any much effort involved. Therefore, this phenomenon is widely unknown to people all over the world. Textual passwords are a ubiquitous part of digital age. Web applications/mobile applications demand a strong password with at least one capital letter and a special letter. People tend to give easy passwords in order to remember them which can be easily shoulder surfed. To overcome this, graphical password techniques are used to provide a more secure password. In the graphical authentication system, the users click on target images from a challenge set for authentication. Various graphical systems have been proposed over the years which are shown to be more secure when compared to other authentication systems. In this paper, a shoulder surfing resistant graphical authentication system is implemented using honeypot concept.
Show more

11 Read more

Graphical password schemes design: enhancing memorability features using autobiographical memories

Graphical password schemes design: enhancing memorability features using autobiographical memories

There is a commonly known tradeoff between memorability and security of password authentication systems. Being that more secure passwords are less memorable. To redeem this flaw, a number of authentication methods and techniques has been put forward but memorability and security issues still remain as each limitations. These two factors influence the success of passwords. Many schemes are not memorable just because the required memory feature does not portray what people remember most in their design. In the light of this , we have proposed authentication system which is based on autobiographical memories of the users to improve memorability of graphical passwords and randomly generated digits are displayed on the screen for user to enter digits corresponding to the password via keyboard rather than graphical input devices like mouse and stylus in order to resist shoulder surfing attack. Currently we are working on the scheme implementation and performance analysis in order to address some important issues like memorability , security and even the user’s factor of our scheme and they will be published soonest.
Show more

7 Read more

Implementing Authentication, Authorization and Access Technique using Session Password with Pair based Scheme

Implementing Authentication, Authorization and Access Technique using Session Password with Pair based Scheme

todays computing world is with “AAA” that is Authentication, Authorization and Access. Out of which the authentication mechanism is to use alphanumeric usernames and passwords that are most time prone to the dictionary attack, shoulder surfing attack, etc. Instead if the password should get validated with the numerals and special characters, one cannot avoid the above mention attack. So, after some time the literature studies suggested that Graphical password scheme is introduce, that makes the combination of alpha numerals along with images and try to add one more level of security. But still this scheme is also more vulnerable to shoulder surfing attack. So, to address this kinds of issues we will try to propose the new scheme of session password, i.e. the password once user has been entered is not valid for the next login session. And along with this we have choose the pair based scheme to choose our session password which is much more vulnerable to shoulder surfing attack and as the password is valid only for single session and for the next session one has to entered the new password it will definitely add the stronger security to authentication process.In this paper, we have implemented multilevel security framework that support AAA mechanism for providing the security by taking the example of online banking application.
Show more

5 Read more

Shoulder Surfing Resistance Graphical
Password Autentication


     V.D.Janani, V.Anwar, M .Ravi Sankar Abstract PDF  IJIRMET160204008

Shoulder Surfing Resistance Graphical Password Autentication V.D.Janani, V.Anwar, M .Ravi Sankar Abstract PDF IJIRMET160204008

We have proposed CaRP, a new security primitive relying on unsolved hard AI problems. CaRP is both a Captcha and a graphical password scheme. The notion of CaRP introduces a new family of graphical passwords, which adopts a new approach to counter online guessing attacks: a new CaRP image, which is also a Captcha challenge, is used for every login attempt to make trials of an online guessing attack computationally independent of each other. A password of CaRP can be found only probabilistically by automatic online guessing attacks including brute-force attacks, a desired security property that other graphical password schemes lack. Hotspots in CaRP images can no longer be exploited to mount automatic online guessing attacks, an inherent vulnerability in many graphical password systems. CaRP forces adversaries to resort to significantly less efficient and much more costly human-based attacks. In addition to offering protection from online guessing attacks, CaRP is also resistant to Captcha relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks. CaRP can also help reduce spam emails sent from a Web email service. Our usability study of two CaRP schemes we have implemented is encouraging. For example, more participants considered Animal Grid and Click Text easier to use than PassPoints and a combination of text password and Captcha. Both Animal Grid and Click Text had better password memo ability than the conventional text passwords. On the other hand, the usability of CaRP can be further improved by using images of different levels of difficulty based on the login history of the user and the machine used to log in. The optimal tradeoff between security and usability remains an open question for CaRP, and further studies are needed to refine CaRP for actual deployments.
Show more

11 Read more

Securing Image Password by using Persuasive
          Cued Click Points with AES Algorithm

Securing Image Password by using Persuasive Cued Click Points with AES Algorithm

Abstract — In Digital environment authentication plays a major role. For authentication purpose the graphical based technique is used. The purpose of this paper is increasing the security space and avoiding the weakness of conventional password. The most common computer authentication method is to use alphanumeric user name and passwords. User often creates passwords that are memorable which is easy for attackers to guess, but strong system assigned passwords are difficult for users to remember. So researchers of modern days have gone for alternative methods where in graphical picture are used as a password. By using graphical password scheme shoulder surfing attack, masquerading and eavesdropping can be minimized. In this paper, we have changed the way of clicking on the images and to make the password more secure Advanced Encryption Standard (AES) technique is used so that authentication can become more secure and password can be generated, authenticated & protected easily. This paper presents the idea of new graphical idea for authentication. This system can be used for any online/offline system.
Show more

6 Read more

Secure Graphical Password Requirements

Secure Graphical Password Requirements

The similarity of the images generated during the authentication is of great importance, since it determines how efficiently the scheme protects the password against shouldersurfing. The images should be similar enough to confuse any attacker looking on, but be distinguishable for the user. Further work in this direction should therefore look at the design of sound measures of perceptual similarity of images used as decoys. These requirements, although sufficient in producing secure schemes, can be strengthened by investigating other mechanisms to reduce shoulder-surfing over and above the use of decoys. An example of this would be to enforce hard-to-see selection methods when the user chooses their password from the given set of selection of different passwords. This study further notes that an important factor is the amount of time required when users try to authenticate themselves. More detailed studies are required to determine exactly what amount of time users would consider tolerable for the authentication process.
Show more

8 Read more

Show all 10000 documents...