TOWARDS A FRAMEWORK ESTABLISHING SECURITY CRITERIA FOR RECOGNITION-BASED GRAPHICAL PASSWORD SCHEMES
Abstract
The aesthetic and functional abilities of artforms have played significant role in different fields of study including securing standalone or networked computer systems and handheld devices. Though some studies have centered on humans as the weakest link in the security chain, recent assertions from literatures have shown that the choice of artforms in graphical password models and allowing users to choose their own artforms or click point within an artform during authentication have a direct effect on a system’s security level. This research therefore establishes the feasibility of developing a security framework for mitigating the effects of cyberattacks in Recognition-based Graphical Password Schemes.
Downloads
References
Li N., Wang Q., Qardaji W., Bertino E., Rao R., Lobo J., and Lin D. (2009). Access control policy combining: theory meets practice. Proceedings of the 14th ACM symposium on Access control models and technologies, 135-144. doi: http://doi.acm.org/10.1145/1542207.1542229.
Choi, M., Lee, J., Kim, S., Jeong, Y.S., and Park, J.H. (2016). Location based authentication scheme using ble for high performance digital content management system. Neuro computing, 209, 25–38.
Kucken M. and Newell A. (2004). Fingerprint formation. Journal of Theoretical Biology 235, 71–83
Norman, D.A. (1988). The design of everyday things, basic books, New York.
Samdanis, M. (2016). The impact of new technology on arts. In book: Art Business Today: 20 key Topics. Lund Humphries
Publishers ltd,, 164-172.
Sasse, M. A., Brostoff, S. and Weirich, D. (2001). ‘Transforming the ‘weakest link’ – a human/computer interaction approach to usable and effective security’, BT Technical Journal, 19, 122-131.
Adams, A., and Sasse, M.A. (1999). Users are not the enemy. Communications of the ACM 42(12), 40-46.
GehringerE.(2002). Choosing passwords: security and human factors. ISTAS 39-373.
Anap A. B., Nibe A. A. and Tamboli V. S. (2016). Secure graphical password requirements. Available at: https://www.ijraset.com/fileserve.php?FID=4053
Perrig, A. and Song, D. (1999). ‘Hash visualization: A new technique to improve realworld security’, International Workshop on Cryptographic Techniques and Ecommerce, 131–138.
Conlan R. M. and Tarasewich P. (2006). Improving Interface Designs to Help Users Choose Better Passwords. Available at: https://www.embracetherandom.com/changePasswordUIStudy/Improving%20Interface%20Designs%20To%20Help%20Users%20Choose%20Better%20Passwords.pdf
Chiasson S., Forget A., Biddle R. and van Oorschot P. C. (2008). User interface design affects security: Patterns in click-based graphical passwords. Available at: https://cups.cs.cmu.edu/~aforget/Chiasson_IntJInfSecDec2009_Patterns.pdf
Davis, D., Monrose, F. and Reiter, M. K. (2004). On user choice in graphical password schemes. Available at: http://www.usenix.org/events/sec04/tech/full_papers/davis/davis_html/index.html.
Wiedenbeck S., Waters J., Birget J. C., Brodskiy A. and Memon N. (2005). PassPoints: Design and longitudinal evaluation of a graphical password system, International Journal of Human-Computer Studies, 63: 102-127.
English R. (2014). Modelling the Security of Recognition-Based Graphical Passwords. Available at: https://pdfs.semanticscholar.org/a17c/8c3c9da41e5541f8b53b57ed233067f74a6f.pdf.
Bianchi A., Oakley I. and Kim H. (2015). PassBYOP: Bring Your Own Picture for Securing Graphical Passwords. Available at: http://alsoplantsfly.com/files/2016/Bianchi_Passbyop_IEEE16.pdf
Tari, F., Ozok, A., and Holden, S. (2006): A comparison of perceived and real shoulder-surfing risks between alphanumeric and image-based passwords. Proceedings of the Second Symposium on Usable Privacy and Security, 149, 56 – 66.
Wazir K., Mohammed A. and Yang X. (2011). A Graphical Password Based System for Small Mobile Device. International Journal of Computer Science 8 (5) 145-154.
Dirik A. E., Memon N. and Birget J. (2007). Modeling user choice in the PassPoints graphical password scheme. Available at: https://isis.poly.edu/memon/pdf/2007_modeling%20user.pdf
Jackson L. (2006). Analysis of Image-Based Authentication and its Role in Security Systems of the Future. Available at: http://www.soc.napier.ac.uk/~bill/lee2006.pdf.
Salehi-Abari A., Thorpe J., and van Oorschot P. C. (2008). On Purely Automated Attacks and Click-Based Graphical Passwords. Available at: http://www.cs.toronto.edu/~abari/papers/passpoints_acsac08.pdf
Wiedenbeck, S., Waters, J., Birget, J., Brodskiy A., and Memon, N. (2005a): Authentication Using Image-based passwords Effects of Tolerance and Image Choice. Available at: http://portal.acm.org/citation.cfm?id=1073001.1073002
Chiasson S., Biddle R., and van Oorschot P. (2007). “A second look at the usability of click-based graphical passwords,” Proc. 3rd Symp. Usable Privacy Security, pp. 1–12.
Rao P., Devi G. and Rao S. (2013). A Study of Various Graphical Passwords Authentication Schemes Using Ai Hans Peter Wickelgren Approach. Journal of Computer Engineering, 10 (6), 14-20.
Itti L., Koch C. and Niebur E. (1998). A Model of Saliency-Based Visual Attention for Rapid Scene Analysis. IEEE Trans. PAMI, 20(11):1254–1259.
Touraj K. and Alizadeh M., Gholizadehb G., Zamanic M. and Darvishid M. (2015). Security Analysis Method of Recogni ion-based Graphical Password. Journal of Technology (Sciences & Engineering). 72(5), 57–62. DOI: 10.11113/jt. v72.3941
Thorpe J. and van Oorschot P. C. (2004a), ‘Graphical dictionaries and the memorable space of image-based passwords’, Proceedings of the 13th USENIX Security Symposium, 9-13, San Deigo, USA.
Thorpe J. and van Oorschot P. C. (2007). Towards Secure Design Choices for Implementing Image-based passwords. Available: http://www.acsac.org/2004/papers/48.pdf.
Thorpe J. and van Oorschot P. C. (2007). Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords. Available at: https://www.ccsl.carleton.ca/paper-archive/usenix07.hotspots.pdf
Hlywa M., Biddle R., and Patrick A. (2011). Facing the facts about image type in recognition basedgraphical passwords. Proceedings of the 27th Annual Computer Security Applications Conference, 36, 149–158.
De Angeli, A., Coutts, M., Conventry, L., Cameron, D., Johnson, G.I. and Fisher, M. (2002). ‘VIP: A visual approach to user authentication’, Proceedings of the Working Conference on Advanced Visual Interfaces (AVI 2002), ACM Press, New York, pp. 316-23.
Binnar P. and Mane V. (2015). Usability and Security of Recognition based Graphical Password Scheme. International Journal of Computer Applications (0975 – 8887).
Dhamija, R. (2000). Hash visualization in user authentication. Available at: http://people.ischool.berkeley.edu/~rachna/papers/hash_visualization.pdf.
Hafiz M., Abdullah A., Ithnin N. and Mammi H. (2008). Towards Identifying Usability and Security Features of Graphical Password in Knowledge Based Authentication Technique. Second Asia International Conference on Modelling & Simulation. DOI: 10.1109/AMS.2008.136.
Lashkari A. and Farmand S. (2009). A survey on usability and security features in graphical user authentication algorithms. International Journal of Computer Science and Network Security, 9 (.9), 195 – 204.
Nwokedi U., Onyimbo B. and Rad B. (2016). Usability and Security in User Interface Design: A Systematic Literature Review. Information Technology and Computer Science, 5, 72-80.
Touraj K., Muzahidul I., Sabariah B., Shozo K. (2016). Evaluation of Recognition-Based Graphical Password Schemes in Terms of Usability and Security Attributes. International Journal of Electrical and Computer Engineering 6 (6), 2939 – 2948.
Towhidi F. and Masrom M. (2009). A Survey on Recognition-Based Graphical User Authentication Algorithms. International Journal of Computer Science and Information Security, 6(2). ISSN 1947-5500.
Binitie, A. P., Egbokhare, F., Egwali, A. O., & Innocent, O.S. (2021). Implementing existing authentication models in ussd channel. 2021International Conference on Electrical, Computer and Energy Technologies (ICECET) 9-10 Dec, 2021, Cape Town- South Africa, 1-5
Karode A., Mistry A. and Chavan S. (2013). Graphical Password Authentication System. International Journal of Engineering Research & Technology (IJERT) 2 (9), ISSN: 2278-0181
Yeung, A.L.C., Wai, B.L.W., Mughal, F., & Iranmanesh, V. (2015). Graphical password: shoulder surfing resistant using falsification. 9th Malaysian Engineering Conference, 145-148.
Gokhale A. and Waghmare V. (2016). The Shoulder Surfing Resistant Graphical Password Authentication Technique. 7th International Conference on Communication, Computing and Virtualization. Procedia Computer Science 79, 490 – 498.
HayashE.i, Christin N., Dhamija R., and PerrigA.”Use Your Illusion:Secure authentication usable anywhere”. In 4th ACM Symposium on Usable Privacy and Security (SOUPS), Pittsburgh, July 2008.
Suo, X., Y. Zhu, and G. S. Owen. 2006. Analysis and Design of Graphical Password Techniques. Proceedings of the 2nd International Symposium, Advanced in Vis. Comp., Nov. 6–8, Springer, Berlin Heidelberg. 4292: 741–749.
Downloads
Published
Issue
Section
License
Copyright (c) 2023 The Journals of the Nigerian Association of Mathematical Physics
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.