Secured authentication using CAPTCHA and visualized passcode

  • Authors

    • C Narasimha
    • M Sreedevi
    2018-02-09
    https://doi.org/10.14419/ijet.v7i1.8.9973
  • Use about five key words or phrases in alphabetical order, Separated by Semicolon.
  • Abstract

    Numerical harms initiate many privacy characteristics like cryptography. But Artificial intelligence is the best aid for the current privacy requirements, still not properly applied for privacy issues. Now we introduce a new privacy model of privacy that uses Captcha model, in our privacy model we use both the Captcha and a visualized pass code. This model tolerates from most of the privacy attacks like dictionary attacks, keyboard logging attacks, forwarding methods, search set methods etc., This model is well suitable for either a small or large scale applications, the primary intention is improving privacy in internet technology and related services. In this methodology solving a Captcha is a challenge in every login. Finally to improve privacy for practical applications this technique is efficient.

  • References

    1. [1] R. Biddle, S. Chiasson, and P. C. van Oorschot, “Graphical passwords: Learning from the first twelve years,†ACM Comput. Surveys, vol. 44, no. 4, 2012.https://doi.org/10.1145/2333112.2333114.

      [2] (2012, Feb.). The Science behindPassfaces [Online]. Available: http://www.realuser.com/published/ScienceBehindPassfaces.pdf.

      [3] I. Jermyn, A. Mayer, F. Monrose, M. Reiter, and A. Rubin, “The design and analysis of graphical passwords,†in Proc. 8th USENIX Security Symp., 1999, pp. 1–15.

      [4] H. Tao and C. Adams, “Pass-Go: A proposal to improve the usability of graphical passwords,†Int. J. Netw. Security, vol. 7, no. 2, pp. 273–292, 2008.

      [5] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, “PassPoints: Design and longitudinal evaluation of a graphical password system,†Int. J. HCI, vol. 63, pp. 102–127, Jul. 2005.https://doi.org/10.1016/j.ijhcs.2005.04.010.

      [6] P. C. van Oorschot and J. Thorpe, “On predictive models and userdrawn graphical passwords,†ACM Trans. Inf. Syst. Security, vol. 10, no. 4, pp. 1–33, 2008.https://doi.org/10.1145/1284680.1284685.

      [7] K. Golofit, “Click passwords under investigation,†in Proc. ESORICS, 2007, pp. 343–358.https://doi.org/10.1007/978-3-540-74835-9_23.

      [8] A. E. Dirik, N. Memon, and J.-C. Birget, “Modeling user choice in the passpoints graphical password scheme,†in Proc. Symp. Usable Privacy Security, 2007, pp. 20–28.https://doi.org/10.1145/1280680.1280684.

      [9] J. Thorpe and P. C. van Oorschot, “Human-seeded attacks and exploiting hot spots in graphical passwords,†in Proc. USENIX Security, 2007, pp. 103–118.

      [10] P. C. van Oorschot, A. Salehi-Abari, and J. Thorpe, “Purely automated attacks on passpoints-style graphical passwords,†IEEE Trans. Inf. Forensics Security, vol. 5, no. 3, pp. 393–405, Sep. 2010.https://doi.org/10.1109/TIFS.2010.2053706.

      [11] P. C. van Oorschot and J. Thorpe, “Exploiting predictability in clickbased graphical passwords,†J. Comput. Security, vol. 19, no. 4, pp. 669–702, 2011.https://doi.org/10.3233/JCS-2010-0411.

      [12] T. Wolverton. (2002, Mar. 26). Hackers Attack eBay Accounts [Online]. Available: http://www.zdnet.co.uk/news/networking/2002/03/26/hackers-attack-ebay-accounts-2107350/.

      [13] HP TippingPointDVLabs, Vienna, Austria. (2010). Top Cyber Security Risks Report, SANS Institute and Qualys Research Labs [Online]. Available: http://dvlabs.tippingpoint.com/toprisks2010.

      [14] B. Pinkas and T. Sander, “Securing passwords against dic-tionary attacks,†in Proc. ACM CCS, 2002, pp. 161–170.

      [15] P. C. van Oorschot and S. Stubblebine, “On countering online dictionary attacks with login histories and humans-in-the-loop,†ACM Trans. Inf. Syst. Security, vol. 9, no. 3, pp. 235–258, 2006.https://doi.org/10.1145/1178618.1178619.

      [16] M. Alsaleh, M. Mannan, and P. C. van Oorschot, “Revisiting defenses against large-scale online password guessing attacks,†IEEE Trans. Dependable Secure Comput., vol. 9, no. 1, pp. 128–141, Jan./Feb. 2012.https://doi.org/10.1109/TDSC.2011.24.

      [17] L. von Ahn, M. Blum, N. J. Hopper, and J. Langford, “CAP-TCHA: Using hard AI problems for security,†in Proc. Eurocrypt, 2003, pp. 294–311.

      [18] S. Chiasson, P. C. van Oorschot, and R. Biddle, “Graphical password authentication using cued click points,†in Proc. ESOR-ICS, 2007, pp. 359–374.https://doi.org/10.1007/978-3-540-74835-9_24.

      [19] S. Chiasson, A. Forget, R. Biddle, and P. C. van Oorschot, “Influencing users towards better passwords: Persuasive cued click-points,†in Proc. Brit. HCI Group Annu. Conf. People Com-put., Culture, Creativity, Interaction, vol. 1. 2008, pp. 121–130.

      [20] D. Davis, F. Monrose, and M. Reiter, “On user choice in graphical password schemes,†in Proc. USENIX Security, 2004, pp. 1–11.

      [21] R. Dhamija and A. Perrig, “Déjà Vu: A user study using im-ages for authentication,†in Proc. 9th USENIX Security, 2000, pp. 1–4.

      [22] D. Weinshall, “Cognitive authentication schemes safe against spyware,†in Proc. IEEE Symp. Security Privacy, May 2006, pp. 300–306. https://doi.org/10.1109/SP.2006.10.

      [23] P. Dunphy and J. Yan, “Do background images improve ‘Draw a Secret’ graphical passwords,†in Proc. ACM CCS, 2007, pp. 1–12.https://doi.org/10.1145/1315245.1315252.

      [24] P. Golle, “Machine learning attacks against the Asirra CAP-TCHA,†in Proc. ACM CCS, 2008, pp. 535–542.

      [25] B. B. Zhu et al., “Attacks and design of image recognition CAPTCHAs,†in Proc. ACM CCS, 2010, pp. 187–200.https://doi.org/10.1145/1866307.1866329.

      [26] J. Yan and A. S. El Ahmad, “A low-cost attack on a Microsoft CAPTCHA,†in Proc. ACM CCS, 2008, pp. 543–554.

      [27] G. Mori and J. Malik, “Recognizing objects in adversarial clutter,†in Proc. IEEE Comput. Society Conf. Comput. Vis. Pattern Recognit., Jun. 2003, pp. 134–141.

      [28] G. Moy, N. Jones, C. Harkless, and R. Potter, “Distortion estimation techniques in solving visual CAPTCHAs,†in Proc. IEEE Comput. Soc. Conf. Comput. Vis. Pattern Recognit., Jul. 2004, pp. 23–28.https://doi.org/10.1109/CVPR.2004.1315140.

      [29] K. Chellapilla, K. Larson, P. Simard, and M. Czerwinski, “Computers beat humans at single character recognition in reading-based human interaction proofs,†in Proc. 2nd Conf. Email Anti-Spam, 2005, pp. 1–3.

      [30] K. Chellapilla, K. Larson, P. Simard, and M. Czerwinski, “Building segmentation based human-friendly human interaction proofs,†in Proc. 2nd Int. Workshop Human Interaction Proofs, 2005, pp. 1–10.https://doi.org/10.1007/11427896_1.

      [31] J. Elson, J. R. Douceur, J. Howell, and J. Saul, “Asirra: A CAPTCHA that exploits interest-aligned manual image categori-zation,†in Proc. ACM CCS, 2007, pp. 366–374.

      [32] R. Lin, S.-Y. Huang, G. B. Bell, and Y.-K. Lee, “A new CAP-TCHA interface design for mobile devices,†in Proc. 12th Austral. User Inter. Conf., 2011, pp. 3–8.

      [33] N. Joshi. (2009, Nov. 29). Koobface Worm Asks for CAP-TCHA [Online]. Available: http://blogs.mcafee.com/mcafee-labs/koobface-worm-asksfor-CAPTCHA

      [34] M. Motoyama, K. Levchenko, C. Kanich, D. McCoy, G. M. Voelker, and S. Savage, “Re: CAPTCHAs—Understanding CAP-TCHA-Solving Services in an Economic Context,†in Proc. USE-NIX Security, 2010, pp. 435–452.

      [35] M. Szydlowski, C. Kruegel, and E. Kirda, “Secure input for web applications,†in Proc. ACSAC, 2007, pp. 375–384.https://doi.org/10.1109/ACSAC.2007.28.

      [36] G. Wolberg, “2-pass mesh warping,†in Digital Image Warping. Hoboken, NJ, USA: Wiley, 1990.

      [37] HP TippingPointDVLabs, New York, NY, USA. (2011). the Mid-Year Top Cyber Security Risks Report [Online]. Available: http://h20195.www2.hp.com/v2/GetPDF.aspx/4AA3-7045ENW.pdf.

      [38] Sreedevi M, Narasimha C, Seshadri R. Efficient data delivery over MANETs through Secure EGMP. Advances in Asian Social Science. 2012; 2(3):512–6.

  • Downloads

  • How to Cite

    Narasimha, C., & Sreedevi, M. (2018). Secured authentication using CAPTCHA and visualized passcode. International Journal of Engineering & Technology, 7(1.8), 72-76. https://doi.org/10.14419/ijet.v7i1.8.9973

    Received date: 2018-03-08

    Accepted date: 2018-03-08

    Published date: 2018-02-09