Visible to the public Biblio

Filters: Keyword is password guessing  [Clear All Filters]
2020-04-06
Asmat, Nida, Qasim, Hafiz Syed Ahmed.  2019.  Conundrum-Pass: A New Graphical Password Approach. 2019 2nd International Conference on Communication, Computing and Digital systems (C-CODE). :282–287.
Graphical passwords are most widely used as a mechanism for authentication in today's mobile computing environment. This methodology was introduced to enhance security element and overcome the vulnerabilities of textual passwords, pins, or other trivial password methodologies which were difficult to remember and prone to external attacks. There are many graphical password schemes that are proposed over time, however, most of them suffer from shoulder surfing and could be easily guessed which is quite a big problem. The proposed technique in this paper allows the user to keep the ease-to-use property of the pattern lock while minimizing the risk of shoulder surfing and password guessing. The proposed technique allows the user to divide a picture into multiple chunks and while unlocking, selecting the previously defined chunks results successfully in unlocking the device. This technique can effectively resist the shoulder surfing and smudge attacks, also it is resilient to password guessing or dictionary attacks. The proposed methodology can significantly improve the security of the graphical password system with no cost increase in terms of unlocking time.
2020-02-17
Pandelea, Alexandru-Ionut, Chiroiu, Mihai-Daniel.  2019.  Password Guessing Using Machine Learning on Wearables. 2019 22nd International Conference on Control Systems and Computer Science (CSCS). :304–311.
Wearables are now ubiquitous items equipped with a multitude of sensors such as GPS, accelerometer, or Bluetooth. The raw data from this sensors are typically used in a health context. However, we can also use it for security purposes. In this paper, we present a solution that aims at using data from the sensors of a wearable device to identify the password a user is typing on a keyboard by using machine learning algorithms. Hence, the purpose is to determine whether a malicious third party application could extract sensitive data through the raw data that it has access to.
2017-12-20
Althamary, I. A., El-Alfy, E. S. M..  2017.  A more secure scheme for CAPTCHA-based authentication in cloud environment. 2017 8th International Conference on Information Technology (ICIT). :405–411.

Cloud computing is a remarkable model for permitting on-demand network access to an elastic collection of configurable adaptive resources and features including storage, software, infrastructure, and platform. However, there are major concerns about security-related issues. A very critical security function is user authentication using passwords. Although many flaws have been discovered in password-based authentication, it remains the most convenient approach that people continue to utilize. Several schemes have been proposed to strengthen its effectiveness such as salted hashes, one-time password (OTP), single-sign-on (SSO) and multi-factor authentication (MFA). This study proposes a new authentication mechanism by combining user's password and modified characters of CAPTCHA to generate a passkey. The modification of the CAPTCHA depends on a secret agreed upon between the cloud provider and the user to employ different characters for some characters in the CAPTCHA. This scheme prevents various attacks including short-password attack, dictionary attack, keylogger, phishing, and social engineering. Moreover, it can resolve the issue of password guessing and the use of a single password for different cloud providers.