Visible to the public Biblio

Found 546 results

Filters: First Letter Of Last Name is T  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S [T] U V W X Y Z   [Show ALL]
T
T, Baby H., R, Sujatha B..  2016.  Chaos based Combined Multiple Recursive KEY Generator for Crypto-Systems. 2016 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT). :411–415.

With the ever increasing growth of internet usage, ensuring high security for information has gained great importance, due to the several threats in the communication channels. Hence there is continuous research towards finding a suitable approach to ensure high security for the information. In recent decades, cryptography is being used extensively for providing security on the Internet although primarily used in the military and diplomatic communities. One such approach is the application of Chaos theory in cryptosystems. In this work, we have proposed the usage of combined multiple recursive generator (CMRG) for KEY generation based on a chaotic function to generate different multiple keys. It is seen that negligible difference in parameters of chaotic function generates completely different keys as well as cipher text. The main motive for developing the chaos based cryptosystem is to attain encryption that provides high security at comparatively higher speed but with lower complexity and cost over the conventional encryption algorithms.

T, Nirmalraj, Jebathangam, J..  2022.  A Novel Password Secure Mechanism using Reformation based Optimized Honey Encryption and Decryption Technique. 2022 6th International Conference on Intelligent Computing and Control Systems (ICICCS). :877–880.
The exponential rise of online services has heightened awareness of safeguarding the various applications that cooperate with and provide Internet users. Users must present their credentials, such as user name and secret code, to the servers to be authorized. This sensitive data should be secured from being exploited due to numerous security breaches, resulting in criminal activity. It is vital to secure systems against numerous risks. This article offers a novel approach to protecting against brute force attacks. A solution is presented where the user obtains the keypad on each occurrence. Following the establishment of the keypad, the webserver produces an encrypted password for the user's Computer/device authentication. The encrypted password will be used for authentication; users must type the amended one-time password (OTP) every time they access the website. This research protects passwords using reformation-based encryption and decryption and optimal honey encryption (OH-E) and decryption.
ISSN: 2768-5330
T. Long, G. Yao.  2015.  "Verification for Security-Relevant Properties and Hyperproperties". 2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom). :490-497.

Privacy analysis is essential in the society. Data privacy preservation for access control, guaranteed service in wireless sensor networks are important parts. In programs' verification, we not only consider about these kinds of safety and liveness properties but some security policies like noninterference, and observational determinism which have been proposed as hyper properties. Fairness is widely applied in verification for concurrent systems, wireless sensor networks and embedded systems. This paper studies verification and analysis for proving security-relevant properties and hyper properties by proposing deductive proof rules under fairness requirements (constraints).

T. S. Chaware, B. K. Mishra.  2015.  "Secure communication using TPC and chaotic encryption". 2015 International Conference on Information Processing (ICIP). :615-620.

Compression, encryption, encoding and modulation at the transmitter side and reverse process at the receiver side are the major processes in any wireless communication system. All these steps were carried out separately before. But, in 1978 R. J. McEliece had proposed the concept of combining security and channel encoding techniques together. Many schemes are proposed by different researchers for this combine approach. Sharing the information securely, but at the same time maintaining acceptable bit error rate in such combine system is difficult. In this paper, a new technique for robust and secure wireless transmission of image combining Turbo Product Code (TPC) with chaotic encryption is proposed. Logistic map is used for chaotic encryption and TPC for channel encoding. Simulation results for this combined system are analyzed and it shows that TPC and chaotic combination gives secure transmission with acceptable data rate.

T⊘ndel, Inger Anne, Vefsnmo, Hanne, Gjerde, Oddbj⊘rn, Johannessen, Frode, Fr⊘ystad, Christian.  2021.  Hunting Dependencies: Using Bow-Tie for Combined Analysis of Power and Cyber Security. 2020 2nd International Conference on Societal Automation (SA). :1—8.
Modern electric power systems are complex cyber-physical systems. The integration of traditional power and digital technologies result in interdependencies that need to be considered in risk analysis. In this paper we argue the need for analysis methods that can combine the competencies of various experts in a common analysis focusing on the overall system perspective. We report on our experiences on using the Vulnerability Analysis Framework (VAF) and bow-tie diagrams in a combined analysis of the power and cyber security aspects in a realistic case. Our experiences show that an extended version of VAF with increased support for interdependencies is promising for this type of analysis.
Ta-Yuan Liu, Mukherjee, P., Ulukus, S., Shih-Chun Lin, Hong, Y.-W.P..  2014.  Secure DoF of MIMO Rayleigh block fading wiretap channels with No CSI anywhere. Communications (ICC), 2014 IEEE International Conference on. :1959-1964.

We consider the block Rayleigh fading multiple-input multiple-output (MIMO) wiretap channel with no prior channel state information (CSI) available at any of the terminals. The channel gains remain constant in a coherence time of T symbols, and then change to another independent realization. The transmitter, the legitimate receiver and the eavesdropper have nt, nr and ne antennas, respectively. We determine the exact secure degrees of freedom (s.d.o.f.) of this system when T ≥ 2 min(nt, nr). We show that, in this case, the s.d.o.f. is exactly (min(nt, nr) - ne)+(T - min(nt, nr))/T. The first term can be interpreted as the eavesdropper with ne antennas taking away ne antennas from both the transmitter and the legitimate receiver. The second term can be interpreted as a fraction of s.d.o.f. being lost due to the lack of CSI at the legitimate receiver. In particular, the fraction loss, min(nt, nr)/T, can be interpreted as the fraction of channel uses dedicated to training the legitimate receiver for it to learn its own CSI. We prove that this s.d.o.f. can be achieved by employing a constant norm channel input, which can be viewed as a generalization of discrete signalling to multiple dimensions.

Ta, H. Q., Kim, S. W..  2019.  Covert Communication Under Channel Uncertainty and Noise Uncertainty. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1-6.

Covert or low probability of detection communication is crucial to protect user privacy and provide a strong security. We analyze the joint impact of imperfect knowledge of the channel gain (channel uncertainty) and noise power (noise uncertainty) on the average probability of detection error at the eavesdropper and the covert throughput in Rayleigh fading channel. We characterize the covert throughput gain provided by the channel uncertainty as well as the covert throughput loss caused by the channel fading as a function of the noise uncertainty. Our result shows that the channel fading is essential to hiding the signal transmission, particularly when the noise uncertainty is below a threshold and/or the receive SNR is above a threshold. The impact of the channel uncertainty on the average probability of detection error and covert throughput is more significant when the noise uncertainty is larger.

Tabak, Z., Keko, H., Sučić, S..  2022.  Semantic data integration in upgrading hydro power plants cyber security. 2022 45th Jubilee International Convention on Information, Communication and Electronic Technology (MIPRO). :50—54.
In the recent years, we have witnessed quite notable cyber-attacks targeting industrial automation control systems. Upgrading their cyber security is a challenge, not only due to long equipment lifetimes and legacy protocols originally designed to run in air-gapped networks. Even where multiple data sources are available and collection established, data interpretation usable across the different data sources remains a challenge. A modern hydro power plant contains the data sources that range from the classical distributed control systems to newer IoT- based data sources, embedded directly within the plant equipment and deeply integrated in the process. Even abundant collected data does not solve the security problems by itself. The interpretation of data semantics is limited as the data is effectively siloed. In this paper, the relevance of semantic integration of diverse data sources is presented in the context of a hydro power plant. The proposed semantic integration would increase the data interoperability, unlocking the data siloes and thus allowing ingestion of complementary data sources. The principal target of the data interoperability is to support the data-enhanced cyber security in an operational hydro power plant context. Furthermore, the opening of the data siloes would enable additional usage of the existing data sources in a structured semantically enriched form.
Tabakhpour, Adel, Abdelaziz, Morad M. A..  2019.  Neural Network Model for False Data Detection in Power System State Estimation. 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE). :1-5.

False data injection is an on-going concern facing power system state estimation. In this work, a neural network is trained to detect the existence of false data in measurements. The proposed approach can make use of historical data, if available, by using them in the training sets of the proposed neural network model. However, the inputs of perceptron model in this work are the residual elements from the state estimation, which are highly correlated. Therefore, their dimension could be reduced by preserving the most informative features from the inputs. To this end, principal component analysis is used (i.e., a data preprocessing technique). This technique is especially efficient for highly correlated data sets, which is the case in power system measurements. The results of different perceptron models that are proposed for detection, are compared to a simple perceptron that produces identical result to the outlier detection scheme. For generating the training sets, state estimation was run for different false data on different measurements in 13-bus IEEE test system, and the residuals are saved as inputs of training sets. The testing results of the trained network show its good performance in detection of false data in measurements.

Tabassum, Anika, Nady, Anannya Islam, Rezwanul Huq, Mohammad.  2019.  Mathematical Formulation and Implementation of Query Inversion Techniques in RDBMS for Tracking Data Provenance. 2019 7th International Conference on Information and Communication Technology (ICoICT). :1–6.
Nowadays the massive amount of data is produced from different sources and lots of applications are processing these data to discover insights. Sometimes we may get unexpected results from these applications and it is not feasible to trace back to the data origin manually to find the source of errors. To avoid this problem, data must be accompanied by the context of how they are processed and analyzed. Especially, data-intensive applications like e-Science always require transparency and therefore, we need to understand how data has been processed and transformed. In this paper, we propose mathematical formulation and implementation of query inversion techniques to trace the provenance of data in a relational database management system (RDBMS). We build mathematical formulations of inverse queries for most of the relational algebra operations and show the formula for join operations in this paper. We, then, implement these formulas of inversion techniques and the experiment shows that our proposed inverse queries can successfully trace back to original data i.e. finding data provenance.
Tabatt, P., Jelonek, J., Schölzel, M., Lehniger, K., Langendörfer, P..  2022.  Code Mutation as a mean against ROP Attacks for Embedded Systems. 2022 11th Mediterranean Conference on Embedded Computing (MECO). :1–4.
This paper presents a program-code mutation technique that is applied in-field to embedded systems in order to create diversity in a population of systems that are identical at the time of their deployment. With this diversity, it becomes more difficult for attackers to carry out the very popular Return-Oriented-Programming (ROP) attack in a large scale, since the gadgets in different systems are located at different program addresses after code permutation. In order to prevent the system from a system crash after a failed ROP attack, we further propose the combination of the code mutation with a return address checking. We will report the overhead in time and memory along with a security analysis.
Tabiban, Azadeh, Jarraya, Yosr, Zhang, Mengyuan, Pourzandi, Makan, Wang, Lingyu, Debbabi, Mourad.  2020.  Catching Falling Dominoes: Cloud Management-Level Provenance Analysis with Application to OpenStack. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.

The dynamicity and complexity of clouds highlight the importance of automated root cause analysis solutions for explaining what might have caused a security incident. Most existing works focus on either locating malfunctioning clouds components, e.g., switches, or tracing changes at lower abstraction levels, e.g., system calls. On the other hand, a management-level solution can provide a big picture about the root cause in a more scalable manner. In this paper, we propose DOMINOCATCHER, a novel provenance-based solution for explaining the root cause of security incidents in terms of management operations in clouds. Specifically, we first define our provenance model to capture the interdependencies between cloud management operations, virtual resources and inputs. Based on this model, we design a framework to intercept cloud management operations and to extract and prune provenance metadata. We implement DOMINOCATCHER on OpenStack platform as an attached middleware and validate its effectiveness using security incidents based on real-world attacks. We also evaluate the performance through experiments on our testbed, and the results demonstrate that DOMINOCATCHER incurs insignificant overhead and is scalable for clouds.

Tabiban, Azadeh, Majumdar, Suryadipta, Wang, Lingyu, Debbabi, Mourad.  2018.  PERMON: An OpenStack Middleware for Runtime Security Policy Enforcement in Clouds. 2018 IEEE Conference on Communications and Network Security (CNS). :1–7.

To ensure the accountability of a cloud environment, security policies may be provided as a set of properties to be enforced by cloud providers. However, due to the sheer size of clouds, it can be challenging to provide timely responses to all the requests coming from cloud users at runtime. In this paper, we design and implement a middleware, PERMON, as a pluggable interface to OpenStack for intercepting and verifying the legitimacy of user requests at runtime, while leveraging our previous work on proactive security verification to improve the efficiency. We describe detailed implementation of the middleware and demonstrate its usefulness through a use case.

Tacliad, Francisco, Nguyen, Thuy D., Gondree, Mark.  2017.  DoS Exploitation of Allen-Bradley's Legacy Protocol Through Fuzz Testing. Proceedings of the 3rd Annual Industrial Control System Security Workshop. :24–31.
EtherNet/IP is a TCP/IP-based industrial protocol commonly used in industrial control systems (ICS). TCP/IP connectivity to the outside world has enabled ICS operators to implement more agile practices, but it also has exposed these cyber-physical systems to cyber attacks. Using a custom Scapy-based fuzzer to test for implementation flaws in the EtherNet/IP software of commercial programmable logic controllers (PLC), we uncover a previously unreported denial-of-service (DoS) vulnerability in the Ethernet/IP implementation of the Rockwell Automation/Allen-Bradley MicroLogix 1100 PLC that, if exploited, can cause the PLC to fault. ICS-CERT recently announces this vulnerability in the security advisory ICSA-17-138-03. This paper describes this vulnerability, the development of an EtherNet/IP fuzzer, and an approach to remotely monitor for faults generated when fuzzing.
Tadeo, Diego Antonio García, John, S.Franklin, Bhaumik, Ankan, Neware, Rahul, Yamsani, Nagendar, Kapila, Dhiraj.  2021.  Empirical Analysis of Security Enabled Cloud Computing Strategy Using Artificial Intelligence. 2021 International Conference on Computing Sciences (ICCS). :83—85.
Cloud Computing (CC) has emerged as an on-demand accessible tool in different practical applications such as digital industry, academics, manufacturing, health sector and others. In this paper different security threats faced by CC are discussed with suitable examples. Moreover, an artificial intelligence based security enabled CC is also discussed based on suitable empirical data. It is found that an artificial neural network (ANN) is an effective system to detect the level of risk factors associated with CC along with mitigating those risk issues with appropriate algorithms. Hence, it provides a desired level of protection against cyber attacks, internal confidential threats and external threat of data theft from a cloud computing system. Levenberg–Marquardt (LMBP) algorithms are also found as a significant tool to estimate the level of security performance around a cloud computing system. ANN is used to improve the performance level of data security across a cloud computing network and make it security enabled to ensure a protected data transmission to clients associated with the system.
Taggu, A., Mungoli, A., Taggu, A..  2018.  ReverseRoute: An Application-Layer Scheme for Detecting Blackholes in MANET Using Mobile Agents. 2018 3rd Technology Innovation Management and Engineering Science International Conference (TIMES-iCON). :1–4.

Mobile Ad-Hoc Networks (MANETs) are prone to many security attacks. One such attack is the blackhole attack. This work proposes a simple and effective application layer based intrusion detection scheme in a MANET to detect blackholes. The proposed algorithm utilizes mobile agents (MA) and wtracert (modified version of Traceroute for MANET) to detect multiple black holes in a DSR protocol based MANET. Use of MAs ensure that no modifications need to be carried out in the underlying routing algorithms or other lower layers. Simulation results show successful detection of single and multiple blackhole nodes, using the proposed detection mechanism, across varying mobility speeds of the nodes.

Taggu, Amar, Marchang, Ningrinla.  2019.  Random-Byzantine Attack Mitigation in Cognitive Radio Networks using a Multi-Hidden Markov Model System. 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA). :1—5.
Cognitive Radio Networks (CRN) are opportunistic networks which aim to harness the white space in the television frequency spectrum, on a need-to-need basis, without interfering the incumbent, called the Primary User (PU). Cognitive radios (CR) that sense the spectrum periodically for sensing the PU activity, are called Secondary Users (SU). CRNs are susceptible to two major attacks, Byzantine attacks and Primary User Emulation Attack (PUEA). Both the attacks are capable of rendering a CRN useless, by either interfering with the PU itself or capturing the entire channel for themselves. Byzantine attacks detection and mitigation is an important security issue in CRN. Hence, the current work proposes using a multi-Hidden Markov Model system with an aim to detect different types of random-Byzantine attacks. Simulation results show good detection rate across all the attacks.
Taghanaki, Saeid Rafiei, Arzandeh, Shohreh Behnam, Bohlooli, Ali.  2021.  A Decentralized Method for Detecting Clone ID Attacks on the Internet of Things. 2021 5th International Conference on Internet of Things and Applications (IoT). :1–6.
One of the attacks in the RPL protocol is the Clone ID attack, that the attacker clones the node's ID in the network. In this research, a Clone ID detection system is designed for the Internet of Things (IoT), implemented in Contiki operating system, and evaluated using the Cooja emulator. Our evaluation shows that the proposed method has desirable performance in terms of energy consumption overhead, true positive rate, and detection speed. The overhead cost of the proposed method is low enough that it can be deployed in limited-resource nodes. The proposed method in each node has two phases, which are the steps of gathering information and attack detection. In the proposed scheme, each node detects this type of attack using control packets received from its neighbors and their information such as IP, rank, Path ETX, and RSSI, as well as the use of a routing table. The design of this system will contribute to the security of the IoT network.
Tagliaferri, M., Aldini, A..  2018.  A Trust Logic for Pre-Trust Computations. 2018 21st International Conference on Information Fusion (FUSION). :2006–2012.
Computational trust is the digital counterpart of the human notion of trust as applied in social systems. Its main purpose is to improve the reliability of interactions in online communities and of knowledge transfer in information management systems. Trust models are formal frameworks in which the notion of computational trust is described rigorously and where its dynamics are explained precisely. In this paper we will consider and extend a computational trust model, i.e., JØsang's Subjective Logic: we will show how this model is well-suited to describe the dynamics of computational trust, but lacks effective tools to compute initial trust values to feed in the model. To overcome some of the issues with subjective logic, we will introduce a logical language which can be employed to describe and reason about trust. The core ideas behind the logical language will turn out to be useful in computing initial trust values to feed into subjective logic. The aim of the paper is, therefore, that of providing an improvement on subjective logic.
Taha, Bilal, Hatzinakos, Dimitrios.  2019.  Emotion Recognition from 2D Facial Expressions. 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE). :1–4.
This work proposes an approach to find and learn informative representations from 2 dimensional gray-level images for facial expression recognition application. The learned features are obtained from a designed convolutional neural network (CNN). The developed CNN enables us to learn features from the images in a highly efficient manner by cascading different layers together. The developed model is computationally efficient since it does not consist of a huge number of layers and at the same time it takes into consideration the overfitting problem. The outcomes from the developed CNN are compared to handcrafted features that span texture and shape features. The experiments conducted on the Bosphours database show that the developed CNN model outperforms the handcrafted features when coupled with a Support Vector Machines (SVM) classifier.
Taha, Mohammad Bany, Chowdhury, Rasel.  2020.  GALB: Load Balancing Algorithm for CP-ABE Encryption Tasks in E-Health Environment. 2020 Fifth International Conference on Research in Computational Intelligence and Communication Networks (ICRCICN). :165–170.
Security of personal data in the e-healthcare has always been challenging issue. The embedded and wearable devices used to collect these personal and critical data of the patients and users are sensitive in nature. Attribute-Based Encryption is believed to provide access control along with data security for distributed data among multiple parties. These resources limited devices do have the capabilities to secure the data while sending to the cloud but instead it increases the overhead and latency of running the encryption algorithm. On the top of if confidentiality is required, which will add more latency. In order to reduce latency and overhead, we propose a new load balancing algorithm that will distribute the data to nearby devices with available resources to encrypt the data and send it to the cloud. In this article, we are proposing a load balancing algorithm for E-Health system called (GALB). Our algorithm is based on Genetic Algorithm (GA). Our algorithm (GALB) distribute the tasks that received to the main gateway between the devices on E-health environment. The distribution strategy is based on the available resources in the devices, the distance between the gateway and the those devices, and the complexity of the task (size) and CP-ABE encryption policy length. In order to evaluate our algorithm performance, we compare the near optimal solution proposed by GALB with the optimal solution proposed by LP.
Tahat, Amer, Joshi, Sarang, Goswami, Pronnoy, Ravindran, Binoy.  2019.  Scalable Translation Validation of Unverified Legacy OS Code. 2019 Formal Methods in Computer Aided Design (FMCAD). :1–9.

Formally verifying functional and security properties of a large-scale production operating system is highly desirable. However, it is challenging as such OSes are often written in multiple source languages that have no formal semantics - a prerequisite for formal reasoning. To avoid expensive formalization of the semantics of multiple high-level source languages, we present a lightweight and rigorous verification toolchain that verifies OS code at the binary level, targeting ARM machines. To reason about ARM instructions, we first translate the ARM Specification Language that describes the semantics of the ARMv8 ISA into the PVS7 theorem prover and verify the translation. We leverage the radare2 reverse engineering tool to decode ARM binaries into PVS7 and verify the translation. Our translation verification methodology is a lightweight formal validation technique that generates large-scale instruction emulation test lemmas whose proof obligations are automatically discharged. To demonstrate our verification methodology, we apply the technique on two OSes: Google's Zircon and a subset of Linux. We extract a set of 370 functions from these OSes, translate them into PVS7, and verify the correctness of the translation by automatically discharging hundreds of thousands of proof obligations and tests. This took 27.5 person-months to develop.

Taher, Bahaa Hussein, Wei, Lu Hong, Yassin, Ali A..  2018.  Flexible and Efficient Authentication of IoT Cloud Scheme Using Crypto Hash Function. Proceedings of the 2018 2Nd International Conference on Computer Science and Artificial Intelligence. :487–494.
The Internet of Things and cloud computing (IoT Cloud) have a wide resonance in the Internet and modern communication technology, which allows laptops, phones, sensors, embedded devices, and other things to connect and exchange information via the Internet. Therefore, IoT Cloud offers several facilities, such as resources, storage, sharing, exchange, and communication. However, IoT Cloud suffers from security problems, which are a vital issue in the information technology world. All embedded devices in IoT Cloud need to be supported by strong authentication and preservation of privacy data during information exchange via the IoT Cloud environment. Malicious attacks (such as replay, man-in-the-middle [MITM], and impersonation attacks) play the negative role of obtaining important information of devices. In this study, we propose a good scheme that overcomes the mentioned issues by resisting well-known attacks, such as MITM, insider, offline password guessing, dictionary, replay, and eavesdropping. Our work achieves device anonymity, forward secrecy, confidentiality, and mutual authentication. Security and performance analyses show that our proposed scheme is more efficient, flexible, and secure with respect to several known attacks compared with related schemes.
Taher, Kazi Abu, Mohammed Yasin Jisan, Billal, Rahman, Md. Mahbubur.  2019.  Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection. 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST). :643–646.
A novel supervised machine learning system is developed to classify network traffic whether it is malicious or benign. To find the best model considering detection success rate, combination of supervised learning algorithm and feature selection method have been used. Through this study, it is found that Artificial Neural Network (ANN) based machine learning with wrapper feature selection outperform support vector machine (SVM) technique while classifying network traffic. To evaluate the performance, NSL-KDD dataset is used to classify network traffic using SVM and ANN supervised machine learning techniques. Comparative study shows that the proposed model is efficient than other existing models with respect to intrusion detection success rate.
Taher, Kazi Abu, Nahar, Tahmin, Hossain, Syed Akhter.  2019.  Enhanced Cryptocurrency Security by Time-Based Token Multi-Factor Authentication Algorithm. 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST). :308–312.
A noble multi-factor authentication (MFA) algorithm is developed for the security enhancement of the Cryptocurrency (CR). The main goal of MFA is to set up extra layer of safeguard while seeking access to a targets such as physical location, computing device, network or database. MFA security scheme requires more than one method for the validation from commutative family of credentials to verify the user for a transaction. MFA can reduce the risk of using single level password authentication by introducing additional factors of authentication. MFA can prevent hackers from gaining access to a particular account even if the password is compromised. The superfluous layer of security introduced by MFA offers additional security to a user. MFA is implemented by using time-based onetime password (TOTP) technique. For logging to any entity with MFA enabled, the user first needs username and password, as a second factor, the user then needs the MFA token to virtually generate a TOTP. It is found that MFA can provide a better means of secured transaction of CR.