Call for Paper - July 2022 Edition
IJCA solicits original research papers for the July 2022 Edition. Last date of manuscript submission is June 20, 2022. Read More

Improved Security of Authentication Scheme using Carp for Web Application

Print
PDF
IJCA Proceedings on National Conference on Advances in Computing, Communication and Networking
© 2016 by IJCA Journal
ACCNET 2016 - Number 4
Year of Publication: 2016
Authors:
Alok Ranjan
Mansi Bhonsle

Alok Ranjan and Mansi Bhonsle. Article: Improved Security of Authentication Scheme using Carp for Web Application. IJCA Proceedings on National Conference on Advances in Computing, Communication and Networking ACCNET 2016(4):13-18, June 2016. Full text available. BibTeX

@article{key:article,
	author = {Alok Ranjan and Mansi Bhonsle},
	title = {Article: Improved Security of Authentication Scheme using Carp for Web Application},
	journal = {IJCA Proceedings on National Conference on Advances in Computing, Communication and Networking},
	year = {2016},
	volume = {ACCNET 2016},
	number = {4},
	pages = {13-18},
	month = {June},
	note = {Full text available}
}

Abstract

Passwords play a big task in computer security to validate human users. Most of the online based application provides info regarding authentication system which includes character set passwords as well as graphical passwords. Graphical password plays a crucial role for user in security purpose of view. The existing system affords security for authentication in cloud by exploitation graphical passwords that has restriction as username in text format. The projected system provides higher authentication by process the username or user id exploitation PCCP (Pervasive Cued Click Point) technique. This click based technique needs sha1 and discretize centralization algorithm for higher performance. The password is processed exploitation CaRP (Captcha as gRaphical Password) technique. CaRP saves from attacks like online approximation attacks relay attacks, shoulder aquatics attacks, online wordbook attacks, human approximation attacks etc. This new security primitive relies on exhausting Artificial Intelligence (AI) issues. It's designed on each texts based Captcha and image recognition based Captcha. Here the pictures utilized in CaRP are distorted format as like Captcha challenges. It's a form of authentication response check. It ensures the users with secured login authentication. It work well with the net based applications furthermore as another usage.

References

  • Bin B. Zhu, Jeff Yan, GuanboBao, Maowei Yang, and NingXu, "Captcha as Graphical Pass-words - A New Security Primitive Based on Hard AI Problems", IEEE Transactions On In-formation Forensics And Security, Vol. 9, No. 6, June 2014, 1556-6013.
  • NayanGawande, "Merging Captcha and Graphical Password on NP Hard Problems in AI: New Security Enhancing Technique", International Journal of Science and Research (IJSR), Vol 3, Issue 12, Dec 2014.
  • Ahmad S. E. , Jeff Yan, Wai-Yin Ng C. , "CAPTCHA Design: Color, Usability, and Security", IEEE Internet Computing archive, Vol. 16 Issue 2, March 2012, 44-51.
  • S. Li, S. A. H. Shah, M. A. U. Khan, "BREAKING E-BANKING CAPTCHAS", in Proc. ACSAC UK, pp. 1–10, 2010.
  • Bin B. Zhu and Jeff Yan, "Towards New Security Primitives Based on Hard AI Problems", Newcastle University UK, 2013.
  • Emmanouela S. ,Yannis S. and Panagiotis K, "Probabilistic Model Checking of CAPTCHA Admission Control for DoS Resistant Anti-SPIT Protection", Springer, Vol. 7722, pp. 143-154, 2013.
  • G. Moy, N. Jones, C. Harkless, and R. Potter, "Distortion estimation techniques in solving visual CAPTCHAs", in Proc. IEEE Comput. Soc. Conf. Comput. Vis. Pattern Recognit. , pp. 23–28, Jul. 2004.
  • S. Chiasson, P. C. van Oorschot, and R. Biddle, "Graphical password authentication using cued click points",In Proc. of ESORICS, pp. 359–374 2017.
  • Ahmad S. E. , Jeff Yan, Wai-Yin Ng C. , "PassPoints: design and longitudinal evaluation of agraphical password system", Int. Journal of HCI, vol. 63, pp. 102–127, 2005.
  • S. Chiasson, A. Forget, R. Biddle and P. C. van Oorschot, "Influencing users towards better passwords: persuasive cued click-points", in Proc. British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction, vol. 1, pp. 121-130, 2008.
  • H. Tao and C. Adams, "Pass-Go: A proposal to improve the usability of graphical passwords", Int. J. Netw. Security, Vol. 7, no. 2, pp. 273–292, 2008.
  • P. Dunphy and J. Yan, "Do background images improve: Draw a Secret graphical passwords", in Proc. ACM CCS, pp. 1–12, 2007.
  • [Book]. Available: Luke Wroblewski, "Web Form Design: Filling in the Blanks".
  • Google-ReCAPTCHA, "Telling humans and computers apart automatically", http://www. google. com/recaptcha/captcha, Mar. 2014, visited on 12/10/2015.
  • [Book]. Available: Luke Wroblewski, "Web Form Design: Filling in the Blanks", 2014, visited on 12/10/2015.
  • Google-ReCAPTCHA, "Telling humans and computers apart automatically", http://www. google. com/recaptcha/captcha, Mar. 2014, visited on 12/10/2015
  • S. Chiasson, A. Forget, R. Biddle, and P. C. van Oorschot, "User Interface Design Affects Security: Patterns in Click-Based Graphical Passwords," Int?l J. Information Security, vol. 8, no. 6, pp. 387- 398, 2009.
  • S. Chiasson, A. Forget, E. Stobert, P. van Oorschot, and R. Bddle, "Multiple Password Interference in Text and Click-Based Graphical Passwords," Proc. ACM Conf. Computer and Comm. Security CCS), Nov. 2009.
  • R. Biddle, S. Chiasson, and P. van Oorschot, "Graphical passwords:Learning from the first twelve years," ACM Computing Surveys (to appear), vol. 44, no. 4, 2012.
  • M. Weir, S. Aggarwal, M. Collins, and H. Stern, "Testing metrics for password creation policies by attacking large sets of revealed passwords," in Computer and Communications Security (CCS), 2010.