AUTHENTICATION SCHEME USING ROTATING PATTERN PASSWORD MUHAMMAD FAISAL BIN DAUD

Transcription

1 AUTHENTICATION SCHEME USING ROTATING PATTERN PASSWORD MUHAMMAD FAISAL BIN DAUD BANCHELOR OF COMPUTER SCIENCE (NETWORK SECURITY) FACULTY INFORMATICS AND COMPUTING UNIVERSITI SULTAN ZAINAL ABIDIN 2018

2 DECLARATION I hereby declare that this project is based on my own effort with helps getting information from sources that I have confessing. All section of the text and results which have been obtained from other workers or sources are fully references. I understand that are cheating and plagiarism constitute a breach of university regulations and will be dealt with accordingly. Name:... Date:.

3 CONFIRMATION I hereby declare that this report is based on my original work except for quotations and citations, which have been duly acknowledged. I also declare that it has not been previously or concurrently submitted for any other degree at Universiti Sultan Zainal Abidin or other university. Name:... Date:.

4 DEDICATION I am using this opportunity to express my greatest gratitude to everyone who supported me throughout my final year project which is Authentication Scheme Using Rotating Pattern Password. I am overwhelmingly thankful to them for their aspiring guidance, invaluably constructive criticism and friendly advice during the project work. I am sincerely grateful to them for truthful illuminating views on a number of issues related to the project. Firstly, I want to express a very special thanks to Madam Nor Aida Binti Mahiddin as my supervisor for guiding, monitoring and encouraging me throughout the course of this final year project. And also I want to take this opportunity to thank my family and all lecturers of Faculty of Informatics and Computing for their attention, guidance and meaningful advices during the development of this project. I would like to give a special appreciation thanks to all my friends and classmates for their valuable comments and suggestions on this project which gave me an inspiration and brilliant ideas to improve this project. Lastly, I want to say thank you to all people who help me directly and indirectly to complete this project. Thank You, Muhammad Faisal Bin Daud

5 ABSTRACT Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eavesdropping, dictionary attacks, social engineering and shoulder surfing. Random and lengthy passwords can make the system secure but difficulty of remembering those password has become the main problem. Studies have stated that most users tend to pick a short and easy-to-remember password. Unfortunately, these passwords can be easily cracked and guessed. Hence, a Graphical password is introduced as alternative techniques to textual passwords. In this thesis, DAS technique is proposed to generate a rotating pattern password for Android.

6 TABLE OF CONTENTS PAGE FRONT PAGE.....i DECLARATION..ii CONFIRMATION...iii DEDICATION..iv ABSTRACT..v TABLE OF CONTENTS vii LIST OF FIGURES.. x CHAPTER 1 INTRODUCTION 1.1 Introduction Project Background Problem Statement Objectives Scope Limitation of Works Report Organizing 3 CHAPTER 2 LITERATURE REVIEW 2.1 Introduction Project and Research Paper

7 2.2.1 Dhamija and Perrig Passfaces Convex Hull Authentication Scheme Signature Authentication Scheme Jansen Pair-Based Authentication Scheme Hybrid Textual Authentication Scheme DAS Technique Shoulder Surfing Technique Chapter Summary 12 CHAPTER 3 METHODOLOGY 3.1 Introduction Methodology Phases Planning Phase Requirement Analysis Phase Design Phase Framework DAS Technique Flow of the Process Implementation Phase Testing Phase Deployment Phase 21

8 3.3 Chapter Summary 21 CHAPTER 4 PROJECT DESIGN AND MODELLING 4.1 Introduction Framework Chapter Summary 24 CHAPTER 5 IMPLEMENTATION AND TESTING 5.1 Introduction Hardware Software Adding New Library Designing Layout Writing Function Java Function of Rotation Pattern Lock View Rotation of Password Chapter Summary 34

9 CHAPTER 6 CONCLUSION 6.1 Introduction Result Project Constraint Future Work Conclusion 37 REFERENCES GANT CHART 41-42

10 LIST OF FIGURES FIGURE NO. Figure 2.1 Figure 2.2 Figure 2.3 Figure 2.4 Figure 2.5 Figure 2.6 Figure 2.7 Figure 2.8 Figure 2.9 Figure 2.10 Figure 3.1 Figure 3.2 Figure 3.3 Figure 3.4 Figure 3.5 Figure 3.6 Figure 3.7 Figure 4.1 Figure 5.1 Figure 5.2 Figure 5.3 Figure 5.4 TITLE Random images used by Dhamija and Perrig Examples of Passfaces Example of convex hull Example of signature technique Login Interface Intersection letter for pair AN Rating colour by user Login Interface Draw-A-Secret Technique DAS and Story Combination Technique Iterative and Incremental model Framework of the scheme View of DAS Technique Registration Process Drawing Process Login Process User access of Application The Complete Framework for Authentication Scheme Xiomi Redmi Note 5A Android Studio Main Screen Adding New Library Designing The Layout

11 Figure 5.5 Figure 5.6 Figure 5.7 Figure 5.8 Figure 5.9 Figure 5.10 Figure 6.1 Java Code Implementing the rotation using java code Pattern Lock View First Attempt of Drawing the Password Second Attempt To Login by Drawing The Same Pattern Drawing 90 Degree Rotated Password Main Layout of this Project

12 CHAPTER 1 INTRODUCTION 1.1 Introduction This chapter presents an introduction to the project proposal. It starts with an overview of the key concept related to the project problems addressed. Then, the solution is proposed to overcome the problem of the project. Further, it will explain the aims and limitations of this project. 1.2 Project Background Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eavesdropping, dictionary attacks, social engineering and shoulder surfing. Random and lengthy passwords can make the system secure but the difficulty to remember the password has become the main problem. Studies have stated that most users tend to pick a short and easy-to-remember password. Unfortunately, these passwords can be easily cracked and guessed. Graphical passwords are introduced as alternative techniques to textual passwords. In this project, DAS or know as Draw-A-Secret technique is proposed to generate rotating pattern passwords for Android.

13 1.3 Problem Statement A textual password is the most common method used for authentication in many platforms like Android and IOS. However, a textual password is vulnerable to eavesdropping, dictionary attack, social engineering and shoulder surfing. User may pick a length and strong password to make it more secure but the difficulty of remembering random and lengthy textual passwords is becoming the main problem. Mostly, user tend to pick short textual passwords which easy to be guessed and cracked. 1.4 Objectives There are three objectives that aim to be achieved through this project. The aims are as follows: 1. To analyse the drawbacks of textual passwords. 2. To develop a graphical password that is rotating pattern password. 3. To implement a technique to replace the textual password which provides more security from vulnerabilities using a rotating pattern password on Android. 1.5 Scope of Project The scope of this project is to design and develops a graphical password that can overcome the vulnerabilities. User: A user needs to register their password by drawing the password on nine dots of screen layout. When the first step is done, user can first log in by orderly re-drawing the predefined password. The user is required to draw on the dots of pattern orderly rather than clicking on them directly. However, for every time the user want to log into the app, the dots pattern is rotating 90 degrees clockwise.

14 The rotation is infinite which means the rotation will happens every time when the user enters the login screen. 1.6 Limitation of Work This project is developed for Android so it is only can be used on android based devices. 1.7 Report Organizing The thesis organize each chapter that has on the thesis. It arranges with refer to the specific format and it easy for readers to understand the whole of report. The report is started with chapter 1 that explains about Introduction, this chapter will explain roughly about this project. The next chapter is chapter 2 Literature Review, this chapter tells more about the study on some references and research for the system development. The chapter 3 Methodology is explaining about methodology and requirement of software and hardware that guide the system development. Chapter 4 Project Modelling and Design are the core part in the development process, the chapter 5 Implementation and Testing are explaining more about the complete the system to the perfect without any lack, and lastly the chapter 6 Conclusion and Discussion are explaining about the conclusion that form the project development.

15 CHAPTER 2 LITERATURE REVIEW 2.1 Introduction This thesis will discuss the previous journals and research papers. Data and information have been gathered to get a better understanding of the method used and applied to this project. 2.2 Project and Research Paper Dhamija and Perrig Figure 2.1 Random images used by Dhamija and Perrig

16 This scheme is a graphical authentication scheme which user make the authentication using the pre-defined images. In this scheme, the user needs to register by selecting a set of images which is later on the user has to select it during the login time to prove the authentication. However, this scheme is quite vulnerable to shoulder-surfing Passfaces Figure 2.2 Examples of Passfaces This new scheme was introduced as Passfaces. In this scheme, there is a grid that consists of nine faces and user needs to select images from the grid. First, user needs to choose four faces of human as their selected images. Then, the user has to select one of the four selected images from eight images. Since there are four images that the user has selected, thus user need to do it four times. However, this scheme is quite vulnerable and easy to be attacked by guessing or trying many times.

17 2.2.3 Convex Hull Authentication Scheme Figure 2.3Example of convex hull Describe a graphical password scheme using convex hull method towards Shoulder Surfing attacks. A user needs to recognize pass-objects and click inside the convex hull formed by all the pass-objects. In order to make the password hard to guess large number of objects can be used but it will make the display very crowded and the objects almost indistinguishable, but using fewer objects may lead to a smaller password space, since the resulting convex hull can be large.

18 2.2.4 Signature Authentication Scheme Figure 2.4 Example of signature technique This technique included two stages, registration and verification. At the time of registration stage the user draws signature with a mouse, after that the system extracts the signature area. In the verification stage it takes the user signature as input and does the normalization and then extracts the parameters of the signature. The disadvantage of this technique is the forgery of signatures. Drawing with mouse is not familiar to many people, it is difficult to draw the signature in the same perimeters at the time of registration.

19 2.2.5 Jansen Proposed a graphical password scheme for mobile devices. During password creation, a user selects a theme consisting of photos in thumbnail size and set a sequence of pictures as a password. During authentication, user must recognize the images in the correct order. Each thumb nail image is assigned a numerical value, thus the sequence of the chosen images will create a numerical password. As the no. of images is limited to 30, the password space of this scheme is not large Pair-Based Authentication Scheme During registration user submits the password. Minimum length of the password is 8. The secret pass should contain even number of characters. During the login phase, when the user enters his username an interface consisting of a grid is displayed. The grid is of size 6 x 6 and it consists of alphabets and numbers. These are randomly placed on the grid and the interface changes every time. Figure 2.5 Login Interface Figure 2.5 shows the login interface. User has to enter the password depending upon the secret pass. User has to consider his secret pass in terms of pairs. The session password consists of alphabets and digits.

20 Figure 2.6 Intersection letter for pair AN The first letter in the pair is used to select the row and the second letter is used to select the column. The intersection letter is part of the session password. This is repeated for all pairs of secret pass. Figure 2.6 shows that L is the intersection symbol for the pair AN. The password entered by the user is verified by the server to authenticate the user. The grid size can be increased to include special characters in the password Hybrid Textual Authentication Scheme During registration, user should rate colours as shown in figure 2.7. User should rate colour from 1 to 8 and he can remember it as RLYOBGIP. Same rating can be given to different colours. During the login phase, when the user enters his username an interface is displayed based on the colours selected by the user. The login interface consists of grid of size 8 8. This grid contains digits 1-8 placed randomly in grid cells. The interface also contains strips of colours as shown in figure 2.8. The colour grid consists of 4 pairs of colours. Each pair of colour represents the row and the column of the grid.

21 Figure 2.7 Rating colour by user Depending on the ratings that have been given to colours, we get the session password. As discussed above, the first colour of every pair in colour grid represents row and second represents column of the number grid. The number in the intersection of the row and column of the grid is part of the session password. Instead of digits, alphabets can be used. For every login, both the number grid and the colour grid get randomizes so the session password changes for every session. Figure 2.8 Login Interface

22 Figure 2.8 shows the login interface having the colour grid and number grid of 8 x 8 having numbers 1 to 8 randomly placed in the grid. Depending on the ratings given to colours, we get the session password. As discussed above, the first colour of every pair in colour grid represents row and second represents column of the number grid. The number in the intersection of the row and column of the grid is part of the session password. Consider the Figure 2.7 ratings and Figure 2.8 login interfaces for demonstration. The first pair has red and yellow colours. The red colour rating is 1 and yellow colour rating is 3. So the first letter of session password is 1st row and 3rd column intersecting element is 3. The same method is followed for other pairs of colours. For figure 8 the password is Instead of digits, alphabets can be used. For every login, both the number grid and the colour grid get randomizes so the session password changes for every session DAS Technique Figure 2.9 Draw-A-Secret Technique

23 Jermyn proposed a new technique called Draw- a-secret (DAS) as shown in figure 3 where the user is required to re-draw the pre-defined picture on a 2D grid. If the drawing touches the same grids in the same sequence, then the user is authenticated. This authentication scheme is vulnerable to shoulder surfing Shoulder Surfing Technique Figure 2.10 DAS and Story Combination Technique Haichang has proposed a new shoulder-surfing resistant scheme as shown in figure 10 where the user is required to draw a curve across their password images orderly rather than clicking on them directly. This graphical scheme combines DAS and Story schemes to provide authenticity to the user. 2.3 Chapter Summary This chapter briefly explained about research of graphical password. It also includes the comparison of each literature study about method and technique used in every project.

24 CHAPTER 3 METHODOLOGY 3.1 Introduction In developing the scheme, the methodology applied is the Iterative and Incremental Method. Figure 3.1 shows the iterative and incremental model adopted for the development of this project. This model is selected because a project can be developed through the repeated cycle (iterative). Even if there are any changes during the any phases, this project still can be proceed. This model consists of six phases which are planning, requirement analysis, designing, implementation, testing and deployment. Figure 3.1 Iterative and Incremental model

25 3.2 Methodology Phases Planning Phase Planning is the first phase to develop an authentication scheme using graphical password. At this phase, planning is important to develop a scheme to overcome the vulnerabilities of the textual password and enhance the security in authentication. To implement the project, Android development software like Android Studio is used and this project will be applied on Android-based device. Required material has been prepared as below: 1. Hardware Android Phone Personal Computer (PC) 2. Software Google Chrome Notepad ++ Microsoft Word W3 School YouTube Microsoft PowerPoint PHP Android Studio

26 3.2.2 Requirement Analysis In the second phase, all information about the schemes is gathered. As the scheme is for session password and using images and colours, so a lot of information about graphical session password is identified. All of the software and hardware requirement is listed to develop the project. Some source codes about session password, authentication scheme using images and colour, and more information related is collected Design The design is the third phase where the workflow of the project is designed in order to make this project successful. After all the important information related to this project is acquired, a framework is designed to show the flow of the scheme that is going to be developed, so that, this project will be easier to be understood. In this phase, a design of flowchart and framework will be explained to show the flow of the scheme specifically Framework Figure 3.2 shows the framework for session password using images and colours. In order for user to get into the system, user need register their username and password by entering their name and drawing their pattern on the imaged grid. Then, during login process user need re-draw the password. Once the password is matched, the user will be authenticated.

27 Figure 3.2 Framework of the scheme The user can now have the access to the application. However, once the user logs out, the session is ended and the password will be terminated DAS Technique Figure 3.3 shows the method of Draw-A-Secret Technique. After user register password by drawing the pattern on the imaged grid, the drawing will be stored in the database based on sequence pictures. When user redraws to login into the application, the password in the database will be retrieved to match the user draws. If it matches, the user will be authenticated.

28 Figure 3.3 View of DAS Technique Images on the grid are set in sequence of number. Therefore, the drawing of pictures will be saved in database by sequence of number of the grid images Flow of The Process All figures will explain how the flow of the process works. Starting from registration by drawing password and then logging into the system by redrawing the password on the grid of images. Figure 3.4 Registration phase Process

29 Figure 3.4 shows how the pre-registration is working out. To register, user need to sign up and then fill the information requested. Figure 3.5 Drawing Process Figure 3.5 show the process of user drawing the password on the grid of images. User need to draw the password twice before confirming the password by clicking submit button. Figure 3.6 Login Process Figure 3.6 displays the login process of this scheme. Once user click on the sign in button, user need to draw the password that have been drawn during the registration phase. If the drawing matched with saved password, the user will be authenticated.

30 Figure 3.7 User access of Application Figure 3.7 shows the WhatsApp and Custom-Made Calculator application. Once the user is authenticated, the user will have the access of linked application like WhatsApp and Calculator. By quitting the application, user will be considered as logged out Implementation After all the information has been gathered and the design has been developed. This stage is to implement all the method and technique into the system. If there is any error or changes, it will be solved at this phase Testing At this phase, the system will be tested. If the error still occurred, it will be solved at this phase and if there are any changes need to implement, the project must back to design phase for revision of flow. In this phase, after the system has been completely developed without any errors, the system will be implemented on Android device.

31 3.2.6 Deployment In this phase, after the system has been completely developed without any errors, the system will be implemented on Android device. 3.3 Chapter Summary In this chapter, the methodology of this project is explained. The flow of this project is being shown in framework. The requirement of the software and hardware that used is listed to ensure the success of this project development.

32 CHAPTER 4 PROJECT DESIGN AND MODELLING 4.1 Introduction In this chapter, the conceptual model that defines the structure, flow of the process and details of the system were discussed. Technique that used to define and analyse the data requirement needed to support the software development. In the modelling process, the system model can be used as part of understanding a situation, identifying problems and supporting decision making. 4.2 Framework A framework is often a layered structure which indicating what kind of program can or should be build and how they would interrelate. A framework may be a set of functions within a system and they interrelate, the layer of operating system, the layers of a network and many more. A framework is generally more comprehensive than a protocol and more prescriptive than structure.

33 Figure 4.1 The Complete Framework for Authentication Scheme Based on Figure 4.1, there are two main processes that are required in order to successfully authenticate the user which are registration and verification. First, user need to create password by drawing pattern on the dots layout. The password must consist of at least three dots. Password would not be saved if the user click or draw on one or two dots only. Once the user finished drawing the pattern, the pattern will be saved in the database and user will be able to enter the application for the first after the registration. After logging out and the user want to open the system again, the user need to log in by re-drawing the pattern in the same sequence of dots. In login process, the system will read the input password to determine whether it is matched or not with the registered password. If the password matches with the registered password, the user will be authenticated and have the access of the system. However, if the password is wrong, the user need to draw the password again.

34 4.4 Chapter Summary In this chapter, the design and modelling of the system were explained. The framework of the system provides a better and clearer system flow to the user. This ensures that the functionality of the system is fulfilling the user and system requirement.

35 CHAPTER 5 IMPLEMENTATION AND TESTING 5.1 Introduction Testing and implementation is about to construct the system as specific design that has been developed in previous phase, methodically verified to ensure that they are errorfree and fully meet the user requirement. This phase should be done before a project is fully finished and ready to be deployed. This chapter covers the correct mechanism on testing the authentication scheme in real environment. 5.2 Hardware For this project, the main hardware that been used is the Xiomi Redmi Note 5A with the android version of (Nougat) as the platform to test and implement this authentication scheme.

36 5.3 Software Figure 5.1 Xiomi Redmi Note 5A This project developed by using Android OS platform using Android Nougat The version of the software to develop the application is Android Studio Figure 5.2 shows the welcoming screen of Android Studio. Figure 5.2 Android Studio Main Screen

37 5.3.1 Adding New Library This is the first thing need to done when developing an android application. Library is added to glade section in Android Studio so that the user can have the feature and function needed to develop the project. Figure 5.3 shows how a library is added to glade. After typing down the code, user needs to sync the glade before the library is ready to use. Figure 5.3 Adding New Library

38 5.3.2 Designing Layout This is second phase for development of this project where layout is designed based on requirement of the project. Pattern lock view is imported from the library that has been added in the glade. Figure 5.4 Designing The Layout

39 5.3.3 Writing Function Java functions need to be added in order to make the system working because the layout screen is only a display but the java functions is the engine that will run the system accordingly. Figure 5.5 Java Code

40 5.3.4 Java Function of Rotation Rotation is set by implementing the java code which set the pattern layout to rotate every time the user opens the input password layout. Figure 5.6 Implementing the rotation using java code

41 5.4 Pattern Lock View Figure 5.7Pattern Lock View Figure 4.2 shows exactly how the pattern screen layout. This pattern layout consists of nine dots in three rows. And for user to create the pattern password, the user needs to use three dots at least. If the user draws on two dots, the password would not be saved and the user needs to draw the password again. In other words, at least three dots are needed to create a password but the user can uses all the dots provided to create the password depends on their own creativity and ideas in creating the password.

42 5.5 Rotation of Password Figure 5.8 First Attempt of Drawing the Password Based on Figure 5.8 above, during registration, user has created the password by drawing Z pattern. And then during login process the user need to draw the same pattern to login into the application for the first time. In this phase, rotation is not happen yet since the rotation was not set to start working for the first time user want to login. The rotation will start working right when the user want to login second time and will continue for each time user want to log into the system.

43 Which means every time user open Input Password layout, rotation will start working and pattern lock view will be rotating. For every rotation, the pattern lock view will rotate 90 degree clockwise and the rotation is infinite. Therefore, the password will not be cracked or guessed by shoulder surfing since the rotation is infinite loop. Figure 5.9 Second Login Attempt by Drawing The Same Pattern Figure 5.9 shows second login attempt is made by drawing the same pattern as the first time login. However, the system detects the password as wrong and popped Wrong Password validation up. Here we can see that the rotation is happened and that is why the Z pattern is wrong.

44 Figure 5.10Drawing 90 Degree Rotated Password After unsuccessfully drawing the correct pattern, Figure 5.10 shows rotated password is drawn by the user. As the rotation is working at 90 degree clockwise, therefore N pattern is true and the user successfully log into the application. However, the drawing must be done with right sequence of dots or else the password will be absolute wrong. 5.6 Chapter Summary Testing and implementation is an interrelated process where each of implementation modules need to be tested in order to achieve error-free and meets the specified requirement. In general, most of the budget consume on implementation and testing phase because it is core process to complete the product and able to deliver all the functionalities smoothly.

45 CHAPTER 6 CONCLUSION 6.1 Introduction In this chapter, it discuss about the structure of application and the best result of the project. Besides that, possible future works, pros and cons of the project also will be discussed in this chapter. 6.2 Result The result for this project is value based on the rotation for the pattern password. Since the rotation is the main enhancement of this pattern password project, the success of the project fully depends on the rotation. This prove that the objective of this project to develop a rotating pattern password in providing a better and more secure authentication scheme to replace textual password using DAS technique is succeed.

46 Figure 6.1 Main Layout of this Project Figure 6.1 shows the main layout of this pattern password project which it this scheme is now ready to use after going through implementation and testing phases. Therefore, this scheme is now error-free and successfully meets the objective of this project. 6.3 Project Constraint There are several problems and limitations that occurred throughout the development of this project. The problems and limitations in conducting this project are: Low specification laptop is not able to support Android Studio well. Need to stop other running program when running Android Studio. Limited design option on Android Studio. Some variables can not be assigned value since it is imported from a library.

47 6.4 Future Work For future work, there is a good suggestion that can be made to upgrade this authentication scheme to be more secure and make it more user-friendly. The suggestions that can be considered are: Assign colour to every dots of the pattern to ease the user to remember the rotation of the password and also can avoid confusion for the user. To assign the colour, a new library for the pattern lock view need to be created and any extra feature also can be included in the library. Add a new feature which is Auto-Captures camera to monitor the unknown login attempts. 6.5 Conclusion Authentication Scheme using Rotating Pattern Password is brand new scheme which is been published before. This scheme aimed to provide a better authentication for user. Rotating Pattern Password gives user an easier and faster authentication process and also provides user a better password option. This scheme will overcome the textual password vulnerabilities like eaves dropping, dictionary attacks, social engineering and shoulder surfing. In conclusion, the objective to develop an Authentication Scheme Using Rotating Pattern Password was successfully achieved. Thus, it is ready to be used in any android device which has android version and above. In terms of security, this project is successfully providing a more secure authentication scheme as alternative to replace the textual password.

48 REFERENCES 1. M Sreelatha 1, M Shashi 2, M Anirudh 1, Md Sultan Ahamer 1, V Manoj Kumar 1 -Authentication Schemes For Session Passwords Using Color And Images. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.3, May Jay Patel, SagarPadol, Bhushan Kankariya, KainjanKotecha - Authentication Schemes for Session Passwordsusing Color and Images. International Journal of Computer Applications ( ) International Conference on Recent Trends in engineering & Technology (ICRTET'2013) 3. Pattern Lock View- GitHub Guixin Ye, Zhanyong Tang, Dingyi Fang, Xiaojiang Chen, Kwang In Kim, Ben Taylor, and Zheng Wang-Cracking Android Pattern Lock in Five Attempts.School of Information Science and Technology, Northwest University, China 5. FreyrSævarsson - Combinatorics in Pattern-Based Graphical Passwords. Master s thesis in Mathematics May, Geumhwan Cho1, Jun Ho Huh2, Junsung Cho1, Seongyeol Oh1, Youngbae Song1, Hyoungshick Kim1-SysPal: System-guided Pattern Locks for Android. Department of Computer Science and Engineering, Sungkyunkwan University, South Korea 7. EMDT Dev - Android Studio Tutorial (Pattern Lock View) 8. TihomirRAdeff - Develop Password protected app in Android Studiohttps://

49 9. Rotating Image Button in Android Studio Android: Rotate image in imageview by an angle StackOverFlowhttps://stackoverflow.com/questions/ /android-rotateimage-in-imageview-by-an-angle 11. How to Save Variables in Shared Preferences - Android Studio Tutorialhttps:// 12. Android sharedpreferences tutorialhttps:// Android Activity Save State Part 1 and Part /watch?v=b3g6kuxvfuy

50 APPENDIX

51 Final Year Project 1 Month Task Final year project workshop Discussion and selection of proposal topic Registration of project title Detailed problem statement and literature study Detailed research methodology Preparation of proposal and presentation Proposal presentation Amendment of proposal Designing framework Framework implementation Preparation for pre-conference Pre-conference evaluation Detailed implementation of framework Conference provisioning Academic conference I Proposal draft submission Amendment of proposal Submission of proposal F E B * M A R * A P R * M A Y * J U N *

52 Final Year Project 2 Month Task Progress presentation Project development Project implementation and testing Project documentation Pre-conference evaluation Academic conference II Submission of proposal report Report amendment Final submission of project report J U N * J U L Y* A U G *