Resist Shoulder Surfing Attack for Consumer Smart Device

Authors

  • Abisha S  PG Student, Department of Computer Science and Engineering, Ponjesly College of Engineering, Tamil Nadu, India
  • Mrs. M. Maria Sheeba  Assistant Professor, Department of Computer Science and Engineering, Ponjesly College of Engineering, Tamil Nadu, India

Keywords:

Graphical password, Authentication methods, Information security, Usability, Usefulness.

Abstract

User authentication is the process that is exercised millions of times around the globe by using different techniques and methods. The most prominent way of authentication is alphanumerical password forms that have been used for decades. Authorized access is becoming a challenging issue because of the introduction of modern technologies. In addition, traditional alphanumerical passwords have significant security issues, for example, humans forget the combination of keys due to the selection of a difficult key combination. Moreover, when they choose an easy key combination, this helps hackers to crack their passwords easily. Traditional passwords are also vulnerable to several types of attacks, for example, dictionary attack, brute force attack, and malware. To provide an easy and more secure authentication technique, a graphical password has been introduced in this paper for consumer electronic devices, which uses an image or a set of images for authentication. Here, categorized the existing graphical password methods into recognition based, cued-recall based, pure-recall based, and hybrid techniques. Due to the limitations of the existing graphical passwords, have introduced a new technique, named Graphical Random Authentication Technique (gRAT), which generates a randomized set of images every time a user tries to authenticate him/herself by maintaining the security and usability at the same time. The gRAT technique is also tested by user-centric evaluation in terms of security, usability, usefulness, and utility, and the experimental results show that the proposed technique is more secure and useful in the real-life authentication applications.

References

  1. D. Lin, N. Hilbert, C. Storer, W. Jiang, and J. Fan, “Uface: Your universal password that no one can see,” Computers & Security, vol. 77, pp. 627– 641, 2018.
  2. R. Amin, R. S. Sherratt, D. Giri, S. Islam, and M.K. Khan, “A software agent enabled biometric security algorithm for secure file access in consumer storage devices,” IEEE Trans. Consum. Electron., vol. 63, no. 1, pp. 53–61, 2017.
  3. D. Giri, R. S. Sherratt, T. Maitra, and R. Amin, “Efficient biometric and Password based mutual authentication for consumer usb mass storage devices,” IEEE Trans.Consum. Electron., vol. 61, no. 4, pp. 491–499, 2015.
  4. F. Tari, A. Ozok, and S. H. Holden, “ A comparison of perceived and real shoulder- surfing risks between alphanumeric and graphical passwords,” in Proc. 2nd ACM symposium on Usable privacy and security, 2006, pp. 56–66.
  5. P. C. Van Oorschot and T. Wan, “Twostep : An authentication method combining text and graphical passwords.” MCETECH, vol. 2009, pp. 233–239, 2009.
  6. R. Weiss and A. De Luca, “Passshapes : utilizing stroke based authentication to increase password memorability,” in Proc. 5th ACM Nordic conf. Human-computer interaction: building bridges, 2008, pp. 383–392.
  7. D. Davis, F. Monrose, and M. K. Reiter, “On user choice in graphical password schemes.” in USENIX Security Symposium, vol. 13, 2004, pp. 11–11.
  8. R. Dhamija and A. Perrig, “Deja vu-a user study: Using images for authentication,” in USENIX Security Symposium, vol. 9, 2000, pp. 4–4.
  9. K. Bicakci, N. B. Atalay, M. Yuceel H. Gurbaslar,and B. Erdeniz, “Towards usable solutions to graphical password hotspot problem,” in IEEE 33rd Int. Computer Software and Applications Conf. (COMPSAC’09), vol. 2, 2009, pp. 318–323.
  10. D. Weinshall, “Cognitive authentication schemes safe against spyware,” in IEEE Symp. Security and Privacy, 2006, pp. 6–pp.
  11. A. De Angeli, L. Coventry, G. Johnson, and K. Renaud, “Is a picture really worth a thousand words? exploring the feasibility of graphical authentication systems,” Int. jour. human- computer studies, vol. 63, no. 1, pp. 128–152,2005.
  12. E. Hayashi, R. Dhamija, N. Christin, and A. Perrig, “Use your illusion: secure authentication usable anywhere,” in Proc. 4th ACM symposium on Usable privacy and security, 2008, pp. 35–45.
  13. T. Pering, M. Sundar, J. Light, and R. Want, “Photographic authentication through untrusted terminals,” IEEE Pervasive Computing, vol. 2, no. 1, pp. 30– 36, 2003.
  14. W. Jansen, S. I. Gavrila, V. Korolev, R. P. Ayers, and R. Swanstrom, “Picture password: a visual login technique for mobile devices,” NIST Interagency /Internal Report (NISTIR)-7030, 2003.
  15. I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin, “The design and analysis of graphical passwords.” USENIX Association, 1999.
  16. S. Chakrabarti and M. Singhal, “ Password-based authentication: Preventing dictionary attacks,” Computer, vol. 40, no. 6, 2007.
  17. H.Gao,X.Liu,S.Wang,andR.Dai,“A new graphical passwordscheme against spyware by using captcha.” in SOUPS, 2009.
  18. X.Liu, J.Qiu, L.Ma, H.Gao,and Z.Ren,“A novel cued-recall graphical password scheme,” in IEEE Sixth Int. Conf. Image and Graphics (ICIG), 2011, pp. 949–956.
  19. S. Chiasson, P. C. van Oorschot, and R. Biddle, “Graphical password authentication using cued click points,” in ESORICS, vol. 7. Springer, 2007, pp. 359–374
  20. D. Giri, R. S. Sherratt, and T. Maitra, “ A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer usb mass storage devices,” IEEE Trans. Consum. Electron., vol. 62, no. 3, pp. 283–291, 2016.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2021-04-10

Issue

Volume 9, Issue 1, March-April-2021

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Abisha S, Mrs. M. Maria Sheeba, " Resist Shoulder Surfing Attack for Consumer Smart Device, International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011, Volume 9, Issue 1, pp.318-329, March-April-2021.