Visible to the public Biblio

Filters: Author is Banday, M. T.  [Clear All Filters]
2021-03-18
Banday, M. T., Sheikh, S. A..  2020.  Improving Security Control of Text-Based CAPTCHA Challenges using Honeypot and Timestamping. 2020 Fourth International Conference on Computing Methodologies and Communication (ICCMC). :704—708.

The resistance to attacks aimed to break CAPTCHA challenges and the effectiveness, efficiency and satisfaction of human users in solving them called usability are the two major concerns while designing CAPTCHA schemes. User-friendliness, universality, and accessibility are related dimensions of usability, which must also be addressed adequately. With recent advances in segmentation and optical character recognition techniques, complex distortions, degradations and transformations are added to text-based CAPTCHA challenges resulting in their reduced usability. The extent of these deformations can be decreased if some additional security mechanism is incorporated in such challenges. This paper proposes an additional security mechanism that can add an extra layer of protection to any text-based CAPTCHA challenge, making it more challenging for bots and scripts that might be used to attack websites and web applications. It proposes the use of hidden text-boxes for user entry of CAPTCHA string which serves as honeypots for bots and automated scripts. The honeypot technique is used to trick bots and automated scripts into filling up input fields which legitimate human users cannot fill in. The paper reports implementation of honeypot technique and results of tests carried out over three months during which form submissions were logged for analysis. The results demonstrated great effectiveness of honeypots technique to improve security control and usability of text-based CAPTCHA challenges.

2021-03-04
Mehraj, S., Banday, M. T..  2020.  Establishing a Zero Trust Strategy in Cloud Computing Environment. 2020 International Conference on Computer Communication and Informatics (ICCCI). :1—6.
The increased use of cloud services and its various security and privacy challenges such as identity theft, data breach, data integrity and data confidentiality has made trust management, which is one of the most multifaceted aspect in cloud computing, inevitable. The growing reputation of cloud computing technology makes it immensely important to be acquainted with the meaning of trust in the cloud, as well as identify how the customer and the cloud service providers establish that trust. The traditional trust management mechanisms represent a static trust relationship which falls deficit while meeting up the dynamic requirement of cloud services. In this paper, a conceptual zero trust strategy for the cloud environment has been proposed. The model offers a conceptual typology of perceptions and philosophies for establishing trust in cloud services. Further, importance of trust establishment and challenges of trust in cloud computing have also been explored and discussed.