A Secure Graphical Password Authentication System

Similar documents
Graphical Authentication System

Graphical User Authentication System An Overview P. Baby Maruthi 1, Dr. K. Sandhya Rani 2

3LAS (Three Level Authentication Scheme)

Graphical User Authentication Using Random Codes

Minimizing Shoulder Surfing Attack using Text and Color Based Graphical Password Scheme

A Survey On Resisting Shoulder Surfing Attack Using Graphical. password

DESIGN, IMPLEMENTATION AND EVALUATION OF A KNOWLEDGE BASED AUTHENTICATION SCHEME UPON COMPELLING PLAIT CLICKS

Authentication schemes for session password using color and special characters

Innovative Graphical Passwords using Sequencing and Shuffling Together

MULTIPLE GRID BASED GRAPHICAL TEXT PASSWORD AUTHENTICATION

3D PASSWORD AUTHENTICATION FOR WEB SECURITY

Three Level Security of Data on Cell Phones Mrs. Nutan Deshmukh 1, Tejaswini Thorat 2 Shamali Shinde 3,Saleha Patwegar 4, Rutuja Saste 5

Graphical password authentication using Pass faces

SECURED PASSWORD MANAGEMENT TECHNIQUE USING ONE-TIME PASSWORD PROTOCOL IN SMARTPHONE

Authentication Using Grid-Based Authentication Scheme and Graphical Password

In this unit we are continuing our discussion of IT security measures.

SHOULDER SURFING RESISTANT GRAPHICAL PASSWORD

A New Hybrid Graphical User Authentication Technique based on Drag and Drop Method

Random Traversing Based Reversible Data Hiding Technique Using PE and LSB

Presented By: Miss Samya Ashraf Want Student ID

A Hybrid Password Authentication Scheme Based on Shape and Text

International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: Volume 14 Issue 2 APRIL 2015

International Journal of Pure and Applied Sciences and Technology

Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme

USER AUTHENTICATION USING NATIVE LANGUAGE PASSWORDS

What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.

Defenses against Large Scale Online Password Guessing by Using Persuasive Cued Click Points

NETWORK SECURITY - OVERCOME PASSWORD HACKING THROUGH GRAPHICAL PASSWORD AUTHENTICATION

A Multi-Grid Graphical Password Scheme

Simple Text Based Colour Shuffling Graphical Password Scheme

A Survey on Graphical Passwords in Providing Security

Graphical Password to Increase the Capacity of Alphanumeric Password

COPYRIGHT PROTECTION OF PALETTE IMAGES BY A ROBUST LOSSLESS VISIBLE WATERMARKING TECHNIQUE *

MANAGING LOCAL AUTHENTICATION IN WINDOWS

Volume 6, Issue 6, June 2018 International Journal of Advance Research in Computer Science and Management Studies I. INTRODUCTION

Novel Shoulder-Surfing Resistant Authentication Schemes using Text-Graphical Passwords

Secure Smart Card Based Remote User Authentication Scheme for Multi-server Environment

Lecture 3 - Passwords and Authentication

Virtua Dual Authentication Entrust IdentityGuard Enrollment

COPYRIGHT PROTECTION OF PALETTE IMAGES BY A ROBUST LOSSLESS VISIBLE WATERMARKING TECHNIQUE *

Usable Privacy and Security, Fall 2011 Nov. 10, 2011

COMPARATIVE STUDY OF HISTOGRAM SHIFTING ALGORITHMS FOR DIGITAL WATERMARKING

Implementation of Color based Android Shuffling Pattern Lock

ISSN: (Online) Volume 2, Issue 10, October 2014 International Journal of Advance Research in Computer Science and Management Studies

Recall Based Authentication System- An Overview

Lecture 3 - Passwords and Authentication

Quick Start. for Users. Online Banking

A Smart Card Based Authentication Protocol for Strong Passwords

KNOWLEDGE BASED AUTHENTICATION SYSTEM DESIGN BASED ON PERSUASIVE CUED CLICK POINTS

A Secure Simple Authenticated Key Exchange Algorithm based Authentication for Social Network

Palm Vein Extraction and Matching For Personal Identification

USING EMOJI PICTURES TO STRENGTHEN THE IMMUNITY OF PASSWORDS AGAINST ATTACKERS

Novel Security Method Using Captcha as Graphical Password

Improved Qualitative Color Image Steganography Based on DWT

Image Password Based Authentication in an Android System

Security server using CAPTCHA. Introduction to CAPTCHA

AN IMPROVED MAP BASED GRAPHICAL ANDROID AUTHENTICATION SYSTEM

Cued Click Point Technique for Graphical Password Authentication

On Limitations of Designing LRPS: Attacks, Principles and Usability

EMBEDDING WATERMARK IN VIDEO RECORDS

ENHANCEMENT OF SECURITY FEATURE IN GRAPHICAL PASSWORD AUTHENTICATION

A Novel Approach for Software Implementation of Graphical Authentication Methodology

SurePassID ServicePass User Guide. SurePassID Authentication Server 2017

Comparative Analysis of 2-Level and 4-Level DWT for Watermarking and Tampering Detection

Address for Correspondence 1 Associate Professor department o f Computer Engineering BVUCOE, Pune

Tap Based Pattern Locking System for Android Phone

A SMART CARD BASED AUTHENTICATION SCHEME FOR REMOTE USER LOGIN AND VERIFICATION. Received April 2011; revised September 2011

The Research and Application of the Fingerprint Key based USB-Key Pin Number Protection System Yu Lu 1, a, Zhong Liang 2, b, Chen Yue 3, c

A Text based Authentication Scheme for Improving Security of Textual Passwords

Securing Web Accounts Using Graphical Password Authentication through MD5 Algorithm

Remote User Authentication Scheme in Multi-server Environment using Smart Card

FORTIFICATION AGAINST PASSWORD GUESSING ATTACKS IN ONLINE SYSTEM

A reversible data hiding based on adaptive prediction technique and histogram shifting

Consumer Banking User Guide. Getting Started

Security Weaknesses of a Biometric-Based Remote User Authentication Scheme Using Smart Cards

KNOWLEDGE BASED AUTHENTICATION MECHANISM FOR SECURED DATA TRANSFER

SHOULDER SURFING ATTACK PREVENTION USING COLOR PASS METHOD

Commonfund Client Reporting Portal

DEFENSES AGAINST LARGE SCALE ONLINE PASSWORD GUESSING ATTACKS BY USING PERSUASIVE CLICK POINTS

HumanAUT Secure Human Identification Protocols

2. Access Control. 1. Introduction

An Improved Timestamp-Based Password Authentication Scheme Using Smart Cards

A GRAPHICAL PASSWORD BASED AUTHENTICATION BASED SYSTEM FOR MOBILE DEVICES

INFORMED VISIBILITY. Mail Tracking & Reporting. Applying for Access to IV-MTR

Graphical Password or Graphical User Authentication as Effective Password Provider

New Era of authentication: 3-D Password

Thematic Graphical User Authentication: Graphical User Authentication Using Themed Images on Mobile Devices

An efficient and practical solution to secure password-authenticated scheme using smart card

Frequently Asked Questions Retiro Móvil (Mobile Withdrawal)

Highly Secure Authentication Scheme: A Review

A Model to Restrict Online Password Guessing Attacks

JAVA IEEE Image Processing Projects

DATA HIDING IN PDF FILES AND APPLICATIONS BY IMPERCEIVABLE MODIFICATIONS OF PDF OBJECT PARAMETERS

Web Security, Summer Term 2012

Web Security, Summer Term 2012

A SECURE PASSWORD-BASED REMOTE USER AUTHENTICATION SCHEME WITHOUT SMART CARDS

Keywords security model, online banking, authentication, biometric, variable tokens

Worksheet - Reading Guide for Keys and Passwords

Implementation of Secure ATM by Wireless Password Transfer and Shuffling Keypad

MODULE NO.28: Password Cracking

Transcription:

International Journal of Computational Intelligence Research ISSN 0973-1873 Volume 12, Number 2 (2016), pp. 197-201 Research India Publications http://www.ripublication.com A Secure Graphical Password Authentication System Ms. Sreya Prakash M-Tech, Dept. of CSE, Malabar Institute of Technology, Anjarakandy, India. E-mail: sreyaprakash0@gmail.com Mrs. Sreelakshmy M K Asst. Professor, Dept. of CSE, Malabar Institute Technology, Anjarakandy, India. E-mail: mksreelakshmy@gmail.com Abstract Nowadays most popular method for User Authentication is using Textual Password. This method has several significant drawbacks like dictionary attack, brute force attack etc. A secure text based password must be formed using a combination of uppercase, lowercase, and special characters. Users have a tendency to select weak text-based passwords, which are short and easy to remember. To overcome the limitations of text-based passwords, several picture-based passwords have been proposed. Picture based password systems suffer from several problems, one of them is the shoulder surfing attack, ie, images that users select as password are both easy for an attacker to watch by snooping over shoulders or by using a camera to record input and also relatively predictable. An authentication system called PassMatrix is used to overcome the shoulder surfing attack. User has to select pictures as their password during the registration phase and choose a pass-square per image. A one-time login indicator and horizontal and vertical bars are used.to secure the pass-images from the attackers, Generic Visible

198 Ms. Sreya Prakash and Mrs. Sreelakshmy M K Watermark Embedding technique is used to blend a cover image and a passimage. PassMatrix is vulnerable to random guess attacks based on hot-spot analyzing.this method can be extended to secure web applications by using QR code. Keywords: Graphical password, shoulder surfing, watermarking, QR Code. 1. INTRODUCTION Authentication based on passwords is used in many applications for computer security and privacy. Comprised of numbers and upper- and lowercase letters, textual passwords are considered strong enough to resist against brute force attacks. They are very easy to implement. Alphanumeric passwords are required to satisfy two contradictory requirements. They should be easy to memorize and also at the same time they should be hard to guess. Various graphical password authentication schemes were developed to overcome the problems and weaknesses associated with textual passwords. Humans have a better ability to memorize images with long-term memory (LTM) than verbal representations. However, most of these image based passwords are vulnerable to shoulder surfing attacks. A secure graphical authentication system named PassMatrix [1]is used that protects users from becoming victims of shoulder surfing attacks when inputting passwords in public by the usage of one-time login indicators. A login indicator is randomly generated for each pass-image and will be useless after the session ends. The login indicator provides better security against shoulder surfing attacks because users use a dynamic pointer to point out the position of their passwords rather than clicking on the password object directly. If a passimage is faintly printed on a cover image, the legitimate user who is near to the monitor screen can see the pass-image but someone who is away from the screen cannot recognize the pass-image. Generic Visible Watermark Embedding technique is used to blend a cover image and a passimage. Moreover, because images with less independent objects usually suffer more on the hot-spot problem, carefully selecting images with rich objects can alleviate the hot-spot based random guess attacks. This method can also be extended to secure login of web applications in computers by using QR code.

A Secure Graphical Password Authentication System 199 II. RELATED WORK Syed Shabih et al. [2]proposed a operation code authentication scheme technique which provides more security to a user in typing his password, in a public place, and in case that user is in critical position, of accessing his computer system. At the time of sing up, the user will be asked to submit two things which he can remember besides the username. Passcode is any numeric number of 3 to 6 digits which can be easily remembered. Four letter word is a four letter word like Iran, Iraq, iram etc, which represents the 4 arithmetic operators i.e. division, multiplication, addition, and subtraction. This four letter word will be used to perform the arithmetic operations. At the time of signing in, the user will have to enter his username, system will give user a formula which he has to solve. Tsung-Yuan et al. [10] proposed a novel method for generic visible watermarking with a capability of lossless image recovery is proposed. The method is based on the use of deterministic one-to-one compound mappings of image pixel values for overlaying a variety of visible watermarks of arbitrary sizes on cover images. The compound mappings are proved to be reversible, which allows for lossless recovery of original images from watermarked images. The mappings may be adjusted to yield pixel values close to those of desired visible watermarks. Different types of visible watermarks, including opaque monochrome and translucent full color ones, are embedded as applications of the proposed generic approach. A two-fold monotonically increasing compound mapping is created and proved to yield more distinctive visible watermarks in the watermarked image. Sarosh Umar et al. [11]proposed a a novel recognition-based image authentication system called Select-to- Spawn which is secure, robust and convenient to use. This system allows the user to create a graphical password by first selecting an initial image from a collection of available pictures. The selected image will be opened in a new window in which the picture is further divided into 4x4 grid or 16 rectangular parts. The grid lines can be highlighted if one desires to facilitate ease of selection but as a default case they are rendered invisible. The user can then click on any one of the grid cell. This further spawns into a new image with invisible grid ines dividing it into 16 cells. Selecting any cell of the image spawns yet another picture with invisible grid lines. This process of selection may progress depending upon the user and each image selected by the user becomes the part of the password.

200 Ms. Sreya Prakash and Mrs. Sreelakshmy M K EXISTING SYSTEM In PassMatrix, a password consists of only one pass-square per pass-image for a sequence of n images. The number of images (i.e., n) is user-defined. A login indicator is randomly generated for each pass-image and will be useless after the session terminates. To protect against shoulder surfing, the indicator is not shown until the hand touches the screen and will vanish immediately when the hand leaves the screen. There are two scroll bars: a horizontal bar with a sequence of letters and a vertical bar with a sequence of numbers. Users can fling either bar using their finger to shift one alphanumeric at a time. They are used to align the onetime indicator with the pass-square in each passimage during the authentication phase. In order to obfuscate and thus hide the alignment patterns from observers, randomly shuffled the elements on both bars in each pass-image and let users shift them to the right position. PROBLEM DEFINITION Most of the graphical passwords are vulnerable to shoulder surfing. In Passmatrix, the pass-image is displayed on the screen and the user can easily identify the pass image. PassMatrix is vulnerable to random guess attacks based on hot-spot analyzing. This method is only implemented in mobile devices for screen locking. PROPOSED SYSTEM Proposed system allows the user to create a graphical password by first selecting an image from a collection of available pictures. In the selected image user has to select one grid as the password. The selected image is watermarked with a cover image using Generic Visible Watermark Embedding technique. The method is based on the use of deterministic one-to-one compound mappings of image pixel values for overlaying a variety of visible watermarks of arbitrary sizes on cover images. During login, after entering the user details a QR Code is generated in the computer. User has to scan the QR code using his mobile phone. After scanning, a collection of images will be appeared in the screen of the phone. User has to select the image. After choosing correct image, the watermarked image will be appeared on the screen. User has to choose the correct grid position that he has already registered in the watermarked image.

A Secure Graphical Password Authentication System 201 CONCLUSION Graphical passwords are an authentication method that uses pictures as passwords instead of using alphanumeric characters. They are attractive since humans normally remember pictures better than words. In this project a secure graphical authentication system named PassMatrix that protects users from becoming victims of shoulder surfing attacks when inputting passwords in public. User has to choose their pass image from a collection of available pictures. To hide the pass-image from the attackers Generic Visible Watermark Embedding technique is used to blend a cover image and a passimage. It is easy for legitimate users to recognize the pass-image in the blended image. On the other hand, this task is di_cult for attackers. This method is extended to secure web applications by using QR REFERENCES [1] Hung-Min Sun, Shiuan-Tung Chen, Jyh-Haw Yeh, and Chia-Yun Cheng. A shoulder surfing resistant graphical authentication system. [2] Tsung-Yuan Liu and Wen-Hsiang Tsai. Generic lossless visible watermarkinga new approach. IEEE transactions on image processing, 19(5):1224 1235, 2010. [3] Mohammad Sarosh Umar and Mohammad Qasim Rafiq. Selectto- spawn: A novel recognition-based graphical user authentication scheme. In Signal Processing, Computing and Control (ISPCC), 2012 IEEE International Conference on, pages1 5.IEEE

202 Ms. Sreya Prakash and Mrs. Sreelakshmy M K

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback