scholarly journals Preventing Shoulder-Surfing Attacks using Digraph Substitution Rules and Pass-Image Output Feedback

Symmetry ◽  
2019 ◽  
Vol 11 (9) ◽  
pp. 1087 ◽  
Author(s):  
Lip Yee Por ◽  
Chin Soon Ku ◽  
Tan Fong Ang
Keyword(s):  
Computer Science ◽  
Direct Observation ◽  
Output Feedback ◽  
User Study ◽  
New Method ◽  
Shoulder Surfing ◽  
Preliminary Study ◽  
Feedback Method ◽  
Modern Cryptography

In this paper, we focus on methods to prevent shoulder-surfing attacks. We initially adopted digraph substitution rules from PlayFair cipher as our proposed method. PlayFair cipher is a modern cryptography method, which exists at the intersection of the disciplines of mathematics and computer science. However, according to our preliminary study it was insufficient to prevent shoulder-surfing attacks. Thus, a new method had to be proposed. In this new proposed method, we improvised the digraph substitution rules and used these rules together with an output feedback method to determine a pass-image. Our proposed method was evaluated with a user study. The results showed our proposed method was robust against both direct observation and video-recorded shoulder-surfing attacks.

scholarly journals LocPass: A Graphical Password Method to Prevent Shoulder-Surfing

Symmetry ◽  
2019 ◽  
Vol 11 (10) ◽  
pp. 1252
Author(s):  
Lip Yee Por ◽  
Lateef Adekunle Adebimpe ◽  
Mohd Yamani Idna Idris ◽  
Chee Siong Khaw ◽  
Chin Soon Ku
Keyword(s):  
Computer Security ◽  
Computer Science ◽  
User Study ◽  
Video Recording ◽  
Sufficient Time ◽  
Important Data ◽  
Graphical Passwords ◽  
Multiple Observations ◽  
Shoulder Surfing ◽  
New Knowledge

Graphical passwords are a method of authentication in computer security. Computer security is one of the disciplines of computer science. Shoulder-surfing attacks are a well-known threat to graphical passwords, although is getting commonly used especially in granting access for a secure system. Shoulder-surfing occurs when attackers skillfully capture important data/activities, such as login passwords, via direct observation or video recording methods. Many methods have been proposed to overcome the problem of shoulder-surfing attacks. After we reviewed some related works, we found out that most of the existing methods are still vulnerable to multiple observations and video-recorded shoulder-surfing attacks. Thus, we propose a new method to combat this problem. In our proposed method, we make used of two concepts to combat shoulder-surfing attacks. In the first concept, we used registered locations (something that only the users know) and 5 image directions (something that the users can see) to determine a pass-location (new knowledge). Secondly, the images used in our proposed method have higher chances to offset each other. The idea of offset could increase the password spaces of our proposed method if an attacker intended to guess the registered location used. By combining these two concepts, the pass-location produced by our proposed method in each challenge set could be varied. Therefore, it is impossible for the attackers to shoulder-surf any useful information such as the images/locations clicked by the user in each challenge set. A user study was conducted to evaluate the capabilities of the proposed method to prevent shoulder-surfing attacks. The shoulder-surfing testing results indicated that none of the participants were able to login, although they knew the underlying algorithm and they have been given sufficient time to perform a shoulder-surfing attack. Therefore, the proposed method has proven it can prevent shoulder-surfing attacks, provided the enrolment procedure is carried out in a secure manner.

scholarly journals Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information

2014 ◽  
Vol 2014 ◽  
pp. 1-12 ◽  
Author(s):  
Peng Foong Ho ◽  
Yvonne Hwei-Syn Kam ◽  
Mee Chin Wee ◽  
Yu Nam Chong ◽  
Lip Yee Por
Keyword(s):  
User Study ◽  
New Method ◽  
Frequency Of Occurrence ◽  
Security Issues ◽  
Shoulder Surfing ◽  
Study Results ◽  
Simulation Results ◽  
Visual Interface ◽  
Mental Tasks

Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to “shoulder-surfing” attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user’s actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set’s input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user’s actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack.

A Note on Pole Placement of Mechanical Systems

1991 ◽  
Vol 113 (3) ◽  
pp. 420-421 ◽  
Author(s):  
C. Minas ◽  
D. J. Inman
Keyword(s):  
Least Squares ◽  
Canonical Form ◽  
Output Feedback ◽  
Closed Loop ◽  
Weighted Least Squares ◽  
Mechanical Systems ◽  
Pole Placement ◽  
Feedback Gain ◽  
Closed Loop System ◽  
Feedback Method

An output feedback method is developed, that systematically places a desired number of poles of a closed-loop system at or near desired locations. The system is transformed to its equivalent controllable canonical form, where the output feedback gain matrix is calculated in a weighted least squares scheme, that minimizes the change of the remaining modes of the system. The advantage of this method over other pole placement routines is the fact that the influence on the remaining unplaced modes of the system is minimum, which is particularly important in preserving closed-loop stability.

scholarly journals A REVIEW - CAPTCHA AS GRAPHICAL PASSWORDS—A NEW SECURITY PRIMITIVE BASED ON HARD AI PROBLEMS

2016 ◽  
Vol 2 (4) ◽  
Author(s):  
PANKAJ ,
Keyword(s):  
Computer Science ◽  
Graphical Passwords ◽  
Shoulder Surfing ◽  
On Line

Most of the safety primeval square measure supported mathematical issues. This analysis goals to check existing parole and to style a brand new improved graphical parole pattern. Captcha as a graphical parole. during this paper, we tend to discuss a brand new security primeval supported exhausting computer science issues, a innovative of graphical parole systems created on dominant of Captcha technology, what we are saying Captcha as graphical passwords (CaRP). CaRP is each a Captcha and a graphical parole pattern. With the mix of CAPTCHA and graphical parole  addresses a like on-line estimation attacks, relay attacks, combination of with dual-view technology, and shoulder-surfing attacks. If the parole is in search nominative then CaRP parole are often found solely risk by automatic on-line estimation attack.

Preliminary Study on the Electrolysis of Titanium Oxysalt

2013 ◽  
Vol 734-737 ◽  
pp. 2430-2433 ◽  
Author(s):  
Kun Zhao ◽  
Yao Wu Wang ◽  
Shao Hu Tao ◽  
Nai Xiang Feng
Keyword(s):  
Titanium Alloys ◽  
Aluminium Alloy ◽  
New Method ◽  
Constant Current ◽  
Xrd Pattern ◽  
Preliminary Study ◽  
Titanium Aluminium

A new method for producing titanium and titanium alloys was studied at this paper. The experiment results indicate that Na2TiO3 could be synthesizing by heating at 450°C using NaOH and TiO2 powders.Metallic titanium was observed in XRD pattern of the electrolytes after experiment by means of constant-current electrolytic Na2TiO3 in a CaCl2-CaF2 melt at 850°C.Thendepending on the electrolytical residua,titanium aluminium alloy could be obtained by calcining with Al powders.

Computational Aspects of Digital Steganography

2011 ◽  
pp. 193-211
Author(s):  
Maciej Liskiewicz ◽  
Ulrich Wölfel
Keyword(s):  
Computational Complexity ◽  
Computer Science ◽  
Formal Analysis ◽  
Point Of View ◽  
Secret Data ◽  
Secure Systems ◽  
Computational Aspects ◽  
Computational Resources ◽  
Modern Cryptography ◽  
Digital Steganography

This chapter provides an overview, based on current research, on theoretical aspects of digital steganography— a relatively new field of computer science that deals with hiding secret data in unsuspicious cover media. We focus on formal analysis of security of steganographic systems from a computational complexity point of view and provide models of secure systems that make realistic assumptions of limited computational resources of involved parties. This allows us to look at steganographic secrecy based on reasonable complexity assumptions similar to ones commonly accepted in modern cryptography. In this chapter we expand the analyses of stego-systems beyond security aspects, which practitioners find difficult to implement (if not impossible to realize), to the question why such systems are so difficult to implement and what makes these systems different from practically used ones.

Sign in / Sign up

Export Citation Format

Share Document