International Journal of Computer Networks and Applications (IJCNA)

Published By EverScience Publications

ISSN : 2395-0455

International Journal of Computer Networks and Applications (IJCNA)

International Journal of Computer Networks and Applications (IJCNA)

Published By EverScience Publications

ISSN : 2395-0455

Security Enhancement in Shoulder Surfing Attacks using Passpoints for Random Similar Images (PRSIm)

Author NameAuthor Details

A. Meiappane, V. Prasanna Venkataesan, V. Premanand

A. Meiappane[1]

V. Prasanna Venkataesan[2]

V. Premanand[3]

[1]Associate Professor, Manakula Vinayagar Institute of Technology, Pondicherry, India.

[2]Department of Banking Technology, Pondicherry University, Pondicherry, India.

[3]PG Student, Manakula Vinayagar Institute of Technology, Pondicherry, India.

Abstract

There exists many security primitives which use an alphanumeric password which uses hard cryptographic methods. Also the users struggle to remember the password for various internet services and if the user has a same password for various services then it is insecure. To avoid this, graphical passwords are designed and made more secure, memorable and also easier to use since the user is going to just click certain passpoints rather than typing an alphanumeric password. However, this scheme has achieved a limited success and due to its simple architecture it is not used widely. Passpoints also suffer a major drawback of shoulder surfing attacks when the passpoints are exposed in front of others. So to improve the security of this system we introduce a new system called Passpoints for Random Similar Images (PRSIm). This system use a set of similar images and have a common passpoints from which the password is been derived. While logging in a user a random image is generated and displayed from which the user have to identify a common passpoints which is already registered. So the user clicks the passpoints to derive the password which confuses the attackers while we have multiple login in front of them. Thus it is more secure than any other passpoints scheme and also eliminates the shoulder surfing attacks which are analyzed and the results are been given.

Index Terms

Graphical Passwords

Passpoints

authentication

tolerance value and security

Reference

  1. 1.
    R. Dhamija and A. Perrig, "Deja Vu: A User Study Using Images for Authentication," in Proceedings of 9th USENIX Security Symposium, 2000.
  2. 2.
    M. Kotadia, "Microsoft: Write down your passwords," in ZDNet Australia, May 23, 2005.
  3. 3.
    Xiaoyuan Suo, Ying Zhu, Owen, G.S, “Graphical passwords: a survey” Computer Security Applications Conference, 21st Annual 5-9 Dec. 2005, 1063-9527, IEEE, Computer Security Application.
  4. 4.
    M. Boroditsky, \Passlogix Password Schemes" (2002). http://www.passlogix.com.
  5. 5.
    Lashkari, A. H., Towhidi, F., Saleh, R. & Farmand, S. (2009) A complete comparison on Pure and Cued Recall-Based Graphical User Authentication Algorithms, Second International Conference on Computer and Electrical Engineering.
  6. 6.
    Blonder, G., 1996. Graphical Passwords. United States Patent, 5: 559-961.
  7. 7.
    V Premanand, A Meiappane and V Arulalan. “Survey on Captcha and its Techniques for BOT Protection” International Journal of Computer Applications109 (5):1-4, January 2015.
  8. 8.
    Suo, X., Zhu, Y. & Owen, G.S. Graphical Passwords: A Survey.
  9. 9.
    Arulalan.V, Balamurugan.G, Premanand. V “A Survey on Biometric Recognition Techniques” International Journal of Advanced Research in Computer and Communication Engineering Vol. 3, Issue 2, February 2014.
  10. 10.
    Biddle, R., Chiasson, S. & Oorschot, P. (2011) Graphical Passwords: Learning from the First Twelve Years.
  11. 11.
    Wiedenbeck, S., Waters, J., Birget, J.C., Brodskiy, A. and Memon, N. Authentication using graphical passwords: Basic Results. Proc. Human-Computer Interaction International 2005, in press.
  12. 12.
    Gao, H., Liu, X., Dai, R., Wang, S. & Liu, H. (2009) Design and Analysis of a Graphical Password Scheme, Fourth International Conference on Innovative Computing, Information and Control.
  13. 13.
    L. Sobrado and J. C. Birget, “Graphical passwords,” The Rutgers Scholar, An Electronic Bulletin for Undergraduate Research, vol. 4, 2002.
  14. 14.
    Are Passfaces more usable than passwords? A field trial investigation - Brostoff, Sasse – 2000.
  15. 15.
    Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K. Reiter, and Aviel D. Rubin "The Design and Analysis of Graphical Passwords", Proceedings of the 8th USENIX Security Symposium Washington, D.C., USA, August 23–26, 1999.
  16. 16.
    Lashkari, A. H., Towhidi, F., Saleh, R. & Farmand, S. (2009) A complete comparison on Pure and Cued Recall-Based Graphical User Authentication Algorithms, Second International Conference on Computer and Electrical Engineering.
  17. 17.
    A.F. Syukri, E. Okamoto, M. Mambo, “A User Identification System Using Signature Written with Mouse,” In Proceeding(s) of the Third Australasian Conference on Information Security and Privacy (ACISP), pp. 403-441, 1998.
  18. 18.
    J.Thorpe, P.C. Van Oorschot, “Towards secure design choices for implementing graphical passwords”, Computer Security Applications Conference (2004). [24] Khandelwal, A., Singh, S. & Satnalika, N. User Authentication by Secured Graphical Password Implementation.
  19. 19.
    Lashkari, A. & Towhidi, F. (2010) Graphical User Authentication (GUA), LAP LAMBERT Academic Publishing, Germany.
  20. 20.
    Wiedenbeck, S., Waters, J., Birget, J.C., Brodskiy, A. and Memon, N. PassPoints: Design and longitudinal evaluation of a graphical password system. Special Issue on HCI Research in Privacy and Security, International Journal of Human-Computer Studies, in press.
  21. 21.
    Paivio, A., Rogers, T.B. and Smythe, P.C. Why are pictures easier to recall than words? Psychonomic Science 11, 4 (1976), 137-138.
  22. 22.
    J. Findlay, “The visual stimulus for saccadic eye movement in human observers”, Perception (1980) 7-21.
  23. 23.
    J. Senders, “Distribution of attention in static and dynamic scenes”, Proc. of SPIE, 3016 (1997) 186-194.
  24. 24.
    D. Comaniciu, P. Meer, “Mean shift analysis and applications”, 7th International Conference on Computer Vision (1999) 1197-1203.
  25. 25.
    D. Comaniciu, P. Meer, “Mean shift: A robust approach toward feature space analysis”, IEEE Transactions on pattern analysis and machine intelligence 24(5) (2002) 603-619.
  26. 26.
    Lashkari A.H. and Farmand S. (2009) A survey on usability and security features in graphical user authentication algorithms International Journal of Computer Science and Network Security (IJCSNS), VOL.9 No.9, Singapore.
  27. 27.
    Masrom M., Towhidi F., Lashkari A.H. (2009) Pure and cued recall-based graphical user authentication, Application of Information and Communication Technologies (AICT).
  28. 28.
    Lashkari A.H., Saleh R., Farmand F., Zakaria O.B. (2009) A Wide range Survey on Recall Based Graphical User Authentications Algorithms Based on ISO and Attack Patterns“, International Journal of Computer Science and Information Security (IJCSIS), Vol. 6, No. 3.
IJCNA NPC