Search results for: Nonce based authentication scheme

Authors: Nael Hirzallah, Sana Nseir

Abstract:

Merchants are competing to offer the use of mobile payment to encourage shopping. many mobile payment systems were made available in various locations worldwide; however, they have various drawbacks. This paper proposes a new mobile payment system that discusses the main drawbacks of these systems, namely security and speed of transaction. The proposal is featured by being simple to use by customers and merchants. Furthermore, the proposed system depends on a new authentication factor that is introduced in this paper and called by Two-Factors Authentication Plus, (2FA+).

Keywords: electronic commerce, payment schemes, mobile payment, authentication factors, mobile applications

Procedia PDF Downloads 262

Authors: Jie Yang, Jian-Min Meng

Abstract:

A GPU-based floating object detection scheme is presented in this paper which is designed for floating mine detection tasks. This system uses contrast and motion information to eliminate as many false positives as possible while avoiding false negatives. The GPU computation platform is deployed to allow detecting objects in real-time. From the experimental results, it is shown that with certain configuration, the GPU-based scheme can speed up the computation up to one thousand times compared to the CPU-based scheme.

Keywords: object detection, GPU, motion estimation, parallel processing

Procedia PDF Downloads 450

Authors: Yeong-Seop Ahn, Myoung-Jin Kim, Young-Min Ko, Hyoung-Kyu Song

Abstract:

This paper proposes a relay selection scheme utilizing an orthogonal variable spreading factor (OVSF) code in a cooperative communication. The relay selection scheme influences on the communication performance in the cooperative communication. Conventional relay selection schemes such as the best harmonic mean relay selection scheme or the threshold-based relay selection scheme should know information such as channel state information (CSI) in advance. The proposed relay selection scheme does not require information in advance by using a reference signal utilizing the OVSF code. The simulation result shows that bit error rate (BER) performance of proposed relay selection scheme is similar to the best harmonic mean relay selection scheme that is known as one of the optimal relay selection schemes.

Keywords: cooperative communication, relay selection, OFDM, OVSF code

Procedia PDF Downloads 608

Authors: Tohari Ahmad, Hudan Studiawan, Iwang Aryadinata, Royyana M. Ijtihadie, Waskitho Wibisono

Abstract:

A manual voting system has been implemented worldwide. It has some weaknesses which may decrease the legitimacy of the voting result. An electronic voting system is introduced to minimize this weakness. It has been able to provide a better result, in terms of the total time taken in the voting process and accuracy. Nevertheless, people may be reluctant to go to the polling location because of some reasons, such as distance and time. In order to solve this problem, mobile voting is implemented by utilizing mobile devices. There are many mobile voting architectures available. Overall, authenticity of the users is the common problem of all voting systems. There must be a mechanism which can verify the users’ authenticity such that only verified users can give their vote once; others cannot vote. In this paper, a challenge response-based authentication is proposed by utilizing properties of the users, for example, something they have and know. In terms of speed, the proposed system provides good result, in addition to other capabilities offered by the system.

Keywords: authentication, data protection, mobile voting, security

Procedia PDF Downloads 390

Authors: Shokoufeh Monjezi Kouchak

Abstract:

Cognitive radio network (CRN) is future network .Without this network wireless devices can’t work appropriately in the next decades. Today, wireless devices use static spectrum access methods and these methods don’t use spectrums optimum so we need use dynamic spectrum access methods to solve shortage spectrum challenge and CR is a great device for DSA but first of all its challenges should be solved .security is one of these challenges .In this paper we provided a survey about CR security. You can see this survey in tables 1 to 7 .After that we proposed a multi criteria authentication method in CRN. Our criteria in this method are: sensing results, following sending data rules, position of secondary users and no talk zone. Finally we compared our method with other authentication methods.

Keywords: authentication, cognitive radio, security, radio networks

Procedia PDF Downloads 353

Authors: H. El-Kamchouchi, Heba Gaber, Fatma Ahmed, Dalia H. El-Kamchouchi

Abstract:

Fault tolerance and data security are two important issues in modern communication systems. In this paper, we propose a secure and efficient digital signature scheme with fault tolerance based on the improved RSA system. The proposed scheme for the RSA cryptosystem contains three prime numbers and overcome several attacks possible on RSA. By using the Chinese Reminder Theorem (CRT) the proposed scheme has a speed improvement on the RSA decryption side and it provides high security also.

Keywords: digital signature, fault tolerance, RSA, security analysis

Procedia PDF Downloads 453

Authors: B. S.Akhmetov, S. T. Akhmetova, D. N. Nadeyev, V. Yu. Yegorov, V. V. Smogoonov

Abstract:

Estimated probabilities of errors of the first and second kind for nonideal biometrics-neural transducers 256 outputs, the construction of nomograms based error probability of 'own' and 'alien' from the mathematical expectation and standard deviation of the normalized measures Hamming.

Keywords: modeling, errors, probability, biometrics, neural network, authentication

Procedia PDF Downloads 464

Authors: Pratama R. Yunia, Firmansyah, I., Ariani, Ulfa R. Maharani, Fikri M. Al

Abstract:

Nowadays, notwithstanding that the role of SMS as a means of communication has been largely replaced by online applications such as WhatsApp, Telegram, and others, the fact that SMS is still used for certain and important communication needs is indisputable. Among them is for sending one time password (OTP) as an authentication media for various online applications ranging from chatting, shopping to online banking applications. However, the usage of SMS does not pretty much guarantee the security of transmitted messages. As a matter of fact, the transmitted messages between BTS is still in the form of plaintext, making it extremely vulnerable to eavesdropping, especially if the message is confidential, for instance, the OTP. One solution to overcome this problem is to use an SMS application which provides security services for each transmitted message. Responding to this problem, in this study, an automatic key SMS encryption scheme was designed as a means to secure SMS communication. The proposed scheme allows SMS sending, which is automatically encrypted with keys that are constantly changing (automatic key update), automatic key exchange, and automatic key generation. In terms of the security method, the proposed scheme applies cryptographic techniques with a hybrid cryptosystem mechanism. Proofing the proposed scheme, a client to client SMS encryption application was developed using Java platform with AES-256 as encryption algorithm, RSA-768 as public and private key generator and SHA-256 for message hashing function. The result of this study is a secure automatic key SMS encryption scheme using hybrid cryptosystem which can guarantee the security of every transmitted message, so as to become a reliable solution in sending confidential messages through SMS although it still has weaknesses in terms of processing time.

Keywords: encryption scheme, hybrid cryptosystem, one time password, SMS security

Procedia PDF Downloads 106

Authors: Jae-Jeong Kim, Ki-Ro Kim, Hyoung-Kyu Song

Abstract:

In this paper, we propose an efficient signal detector that switches M parameter of QRD-M detection scheme is proposed for MIMO-OFDM system. The proposed detection scheme calculates the threshold by 1-norm condition number and then switches M parameter of QRD-M detection scheme according to channel information. If channel condition is bad, the parameter M is set to high value to increase the accuracy of detection. If channel condition is good, the parameter M is set to low value to reduce complexity of detection. Therefore, the proposed detection scheme has better trade off between BER performance and complexity than the conventional detection scheme. The simulation result shows that the complexity of proposed detection scheme is lower than QRD-M detection scheme with similar BER performance.

Keywords: MIMO-OFDM, QRD-M, channel condition, BER

Procedia PDF Downloads 337

Authors: H. Parveen Begam, M. A. Maluk Mohamed

Abstract:

Mobile Grid Computing is an environment that allows sharing and coordinated use of diverse resources in dynamic, heterogeneous and distributed environment using different types of electronic portable devices. In a grid environment the security issues are like authentication, authorization, message protection and delegation handled by GSI (Grid Security Infrastructure). Proving better security between mobile devices and grid infrastructure is a major issue, because of the open nature of wireless networks, heterogeneous and distributed environments. In a mobile grid environment, the individual computing devices may be resource-limited in isolation, as an aggregated sum, they have the potential to play a vital role within the mobile grid environment. Some adaptive methodology or solution is needed to solve the issues like authentication of a base station, security of information flowing between a mobile user and a base station, prevention of attacks within a base station, hand-over of authentication information, communication cost of establishing a session key between mobile user and base station, computing complexity of achieving authenticity and security. The sharing of resources of the devices can be achieved only through the trusted relationships between the mobile hosts (MHs). Before accessing the grid service, the mobile devices should be proven authentic. This paper proposes the dynamic certificate based mutual authentication protocol between two mobile hosts in a mobile grid environment. The certificate generation process is done by CA (Certificate Authority) for all the authenticated MHs. Security (because of validity period of the certificate) and dynamicity (transmission time) can be achieved through the secure service certificates. Authentication protocol is built on communication services to provide cryptographically secured mechanisms for verifying the identity of users and resources.

Keywords: mobile grid computing, certificate authority (CA), SSL/TLS protocol, secured service certificates

Procedia PDF Downloads 283

Authors: Bit-Na Kwon, Hyun-Jee Yang, Dong-Hyun Ha, Hyoung-Kyu Song

Abstract:

In this paper, an adaptive cooperative scheme in the cell edge is proposed. The proposed scheme considers the location of a user and applies the suitable cooperative scheme. In cellular systems, the performance of communication is degraded if the user is located in the cell edge. In conventional scheme, two base stations are used in order to obtain diversity gain. However, the performance of communication is not sufficiently improved since the distance between each base station and a user is still distant. Therefore, we propose a scheme that the relays are used and the cooperative scheme is adaptively applied according to the user location. Through simulation results, it is confirmed that the proposed scheme has better performance than the conventional scheme.

Keywords: adaptive transmission, cooperative communication, diversity gain, OFDM

Procedia PDF Downloads 545

Authors: Mujahid Muhammad, Paul Kearney, Adel Aneiba

Abstract:

The ability for vehicles to communicate with other vehicles (V2V), the physical (V2I) and network (V2N) infrastructures, pedestrians (V2P), etc. – collectively known as V2X (Vehicle to Everything) – will enable a broad and growing set of applications and services within the intelligent transport domain for improving road safety, alleviate traffic congestion and support autonomous driving. The telecommunication research and industry communities and standardization bodies (notably 3GPP) has finally approved in Release 14, cellular communications connectivity to support V2X communication (known as LTE – V2X). LTE – V2X system will combine simultaneous connectivity across existing LTE network infrastructures via LTE-Uu interface and direct device-to-device (D2D) communications. In order for V2X services to function effectively, a robust security mechanism is needed to ensure legal and safe interaction among authenticated V2X entities in the LTE-based V2X architecture. The characteristics of vehicular networks, and the nature of most V2X applications, which involve human safety makes it significant to protect V2X messages from attacks that can result in catastrophically wrong decisions/actions include ones affecting road safety. Attack vectors include impersonation attacks, modification, masquerading, replay, MiM attacks, and Sybil attacks. In this paper, we focus our attention on LTE-based V2X security and access control mechanisms. The current LTE-A security framework provides its own access authentication scheme, the AKA protocol for mutual authentication and other essential cryptographic operations between UEs and the network. V2N systems can leverage this protocol to achieve mutual authentication between vehicles and the mobile core network. However, this protocol experiences technical challenges, such as high signaling overhead, lack of synchronization, handover delay and potential control plane signaling overloads, as well as privacy preservation issues, which cannot satisfy the adequate security requirements for majority of LTE-based V2X services. This paper examines these challenges and points to possible ways by which they can be addressed. One possible solution, is the implementation of the distributed peer-to-peer LTE security mechanism based on the Bitcoin/Namecoin framework, to allow for security operations with minimal overhead cost, which is desirable for V2X services. The proposed architecture can ensure fast, secure and robust V2X services under LTE network while meeting V2X security requirements.

Keywords: authentication, long term evolution, security, vehicle-to-everything

Procedia PDF Downloads 146

Authors: Hazem Munawer Al-Otum

Abstract:

In this work, an efficient watermarking technique is proposed and can be used for detecting intentional attacks in RGB color images. The proposed technique can be implemented for image authentication and exhibits high robustness against unintentional common image processing attacks. It deploys two measures to discern between intentional and unintentional attacks based on using a quantization-based technique in a modified 2D multi-pyramidal DWT transform. Simulations have shown high accuracy in detecting intentionally attacked regions while exhibiting high robustness under moderate to severe common image processing attacks.

Keywords: image authentication, copyright protection, semi-fragile watermarking, tamper detection

Procedia PDF Downloads 229

Authors: Malika Yaici, Anis Oussayah, Mohamed Ahmed Takerrabet

Abstract:

Security of context-aware ubiquitous systems is paramount, and authentication plays an important aspect in cloud computing and ubiquitous computing. Trust management has been identified as vital component for establishing and maintaining successful relational exchanges between trading partners in cloud and ubiquitous systems. Establishing trust is the way to build good relationship with both client and provider which positive activates will increase trust level, otherwise destroy trust immediately. We propose a new context-aware authentication system using a trust management system between client and server, and between servers, a trust which induces partnership, thus to a close cooperation between these servers. We defined the rules (algorithms), as well as the formulas to manage and calculate the trusting degrees depending on context, in order to uniquely authenticate a user, thus a single sign-on, and to provide him better services.

Keywords: ubiquitous computing, authentication, context-awareness, trust management

Procedia PDF Downloads 217

Authors: Yong-Jun Kim, Jae-Hyun Ro, Chang-Bin Ha, Hyoung-Kyu Song

Abstract:

This paper proposes the cooperative transmission scheme with pre-coding because the cellular communication requires high reliability. The cooperative transmission scheme uses pre-coding method with limited feedback information among small cells. Particularly, the proposed scheme has adaptive mode according to the position of mobile station. Thus, demand of recent wireless communication is resolved by this scheme. From the simulation results, the proposed scheme has better performance compared to the conventional scheme in the cellular network.

Keywords: CDD, cellular network, pre-coding, SPC

Procedia PDF Downloads 542

Authors: Muhammad Younis

Abstract:

A ternary 4-point approximating non-stationary subdivision scheme has been introduced that generates the family of $C^2$ limiting curves. The theory of asymptotic equivalence is being used to analyze the convergence and smoothness of the scheme. The comparison of the proposed scheme has been demonstrated using different examples with the existing 4-point ternary approximating schemes, which shows that the limit curves of the proposed scheme behave more pleasantly and can generate conic sections as well.

Keywords: ternary, non-stationary, approximation subdivision scheme, convergence and smoothness

Procedia PDF Downloads 451

Authors: D. R. Ambika, K. R. Radhika, D. Seshachalam

Abstract:

Unconstrained authentication is an important component for personal automated systems and human-computer interfaces. Existing solutions mostly use face as the primary object of analysis. The performance of face-based systems is largely determined by the extent of deformation caused in the facial region and amount of useful information available in occluded face images. Periocular region is a useful portion of face with discriminative ability coupled with resistance to deformation. A reliable portion of periocular area is available for occluded images. The present work demonstrates that joint representation of periocular texture and periocular structure provides an effective expression and poses invariant representation. The proposed methodology provides an effective and compact description of periocular texture and shape. The method is tested over four benchmark datasets exhibiting varied acquisition conditions.

Keywords: periocular authentication, Zernike moments, LBP variance, shape and texture fusion

Procedia PDF Downloads 256

Authors: Sari F. Alkhatib, Chang Je Park, Gyuhong Roh

Abstract:

The iterative scheme which is used to treat buildup factors for stratified shields is being investigated here using the layer-splitting technique. A simple suggested formalism for the scheme based on the Kalos’ formula is introduced, based on which the implementation of the testing technique is carried out. The second layer in a double-layer shield was split into two equivalent layers and the scheme (with the suggested formalism) was implemented on the new “three-layer” shield configuration. The results of such manipulation on water-lead and water-iron shields combinations are presented here for 1 MeV photons. It was found that splitting the second layer introduces some deviation on the overall buildup factor value. This expected deviation appeared to be higher in the case of low Z layer followed by high Z. However, the overall performance of the iterative scheme showed a great consistency and strong coherence even with the introduced changes. The introduced layer-splitting testing technique shows the capability to be implemented in test the iterative scheme with a wide range of formalisms.

Keywords: buildup factor, iterative scheme, stratified shields, layer-splitting tecnique

Procedia PDF Downloads 388

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 332

Authors: V. Vishu, R. Manimegalai

Abstract:

A combination of Intelligence and Radio frequency identification to bring an enhanced authentication method for the improvement of visually challenged people. The main goal is to provide an improved authentication by combining Advanced Encryption Standard algorithm and Intelligence. Here the encryption key will be generated as a combination of intelligent information from sensors and tag values. The main challenges are security, privacy and cost. Besides, the method was created to evaluate the amount of interaction between sensors and significant influence on the level of visually challenged people’s mental and physical states. The proposal is to apply various ideas on independent living or to assist them for a good life.

Keywords: AES, encryption, intelligence, smart key

Procedia PDF Downloads 221

Authors: Buse T. Aydın, Enver Ozdemir

Abstract:

In this study, a double layer authentication scheme between the aircraft and the Air Traffic Control (ATC) tower is designed to prevent any unauthorized aircraft from introducing themselves as friends. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or foe according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as a friend. In this method, even if embedded key is captured by the enemy aircraft, without the information of the second layer, the enemy can easily be determined. Overall, in this work, we present a more reliable system by adding a physical layer in the authentication process.

Keywords: ADS-B, communication with physical layer security, cryptography, identification friend or foe

Procedia PDF Downloads 132

Authors: Elmabruk Laias

Abstract:

IEEE Standard 802.16 provides QoS (Quality of Service) for the applications such as Voice over IP, video streaming and high bandwidth file transfer. With the ability of broadband wireless access of an IEEE 802.16 system, a WiMAX TDD frame contains one downlink subframe and one uplink subframe. The capacity allocated to each subframe is a system parameter that should be determined based on the expected traffic conditions. a proper resource allocation scheme for packet transmissions is imperatively needed. In this paper, we present a new resource allocation scheme, called additional bandwidth yielding (ABY), to improve transmission efficiency of an IEEE 802.16-based network. Our proposed scheme can be adopted along with the existing scheduling algorithms and the multi-priority scheme without any change. The experimental results show that by using our ABY, the packet queuing delay could be significantly improved, especially for the service flows of higher-priority classes.

Keywords: IEEE 802.16, WiMAX, OFDMA, resource allocation, uplink-downlink mapping

Procedia PDF Downloads 444

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 349

Authors: Syed Umair Aziz, Muhammad Faheem, Sameer Hussain, Faraz Idris

Abstract:

Content centric network is the network based on the mechanism of sending and receiving the data based on the interest and data request to the specified node (which has cached data). In this network, the security is bind with the content not with the host hence making it host independent and secure. In this network security is applied by taking content’s MAC (message authentication code) and encrypting it with the public key of the receiver. On the receiver end, the message is first verified and after verification message is saved and decrypted using the receiver's private key.

Keywords: content centric network, client-server, host security threats, message authentication code, named data network, network caching, peer-to-peer

Procedia PDF Downloads 618

Authors: Muhammad Fezan Afzal, Imran Khan, Salma Imtiaz

Abstract:

The need for human verification and identification requires from centuries for authentication. Since it is being used in big institutes like financial, government and crime departments, a continued struggle is important to make this system more efficient to prevent security breaches. Therefore, multiple devices are used to authenticate the biometric for each individual. A large number of devices are required to cover a large number of users. As the number of devices increases, cost will automatically increase. Furthermore, it is time-consuming for biometrics due to the devices being insufficient and are not available at every door. In this paper, we propose the framework and algorithm where the mobile of each individual can also perform the biometric authentication of attendance and security. Every mobile has a biometric authentication system that is used in different mobile applications for security purposes. Therefore, each individual can use the biometric system mobile without moving from one place to another. Moreover, by using the biometrics mobile, the cost of biometric systems can be removed that are mostly deployed in different organizations for the attendance of students, employees and for other security purposes.

Keywords: fingerprint, fingerprint authentication, mobile verification, mobile biometric verification, mobile fingerprint sensor

Procedia PDF Downloads 47

Authors: Andrei Bogdan Stanescu, Laura Diaconescu

Abstract:

With the increasing concerns about data breaches and privacy violations, organizations seek robust security measures to protect sensitive information. This research paper highlights the importance of implementing the Zero-Trust Security methodology using Passwordless Authentication Gateways that leverage Keycloak, an open-source Identity and Access Management (IAM) software, as a solution to address the security challenges these organizations face. The paper presents the successful implementation and deployment of such a solution in a mid-size, privacy-oriented organization. The implementation resulted in significant security improvements, reducing the risk of unauthorized access and potential data breaches. Moreover, user feedback indicated enhanced convenience and streamlined authentication experiences. The results of this study bring solid contributions in the field of cybersecurity and provide practical insights for organizations aiming to strengthen their security practices.

Keywords: identity and access management, passwordless authentication, privacy, zero-trust security

Procedia PDF Downloads 64

Authors: C. P. Griffin

Abstract:

This paper seeks to critically review special educational needs (SEN) policy in the Irish education system since the introduction of the Education Act in 1998. In particular, the author seeks to focus on the impact of SEN policy on inclusionary practices for children with significant care needs in light of the introduction on the Special Needs Assistant (SNA) scheme. Following a systematic review of the literature, the growth of the SNA scheme in Ireland will be critically reviewed. Strengths and weaknesses of the scheme will be forwarded and comparisons drawn between contrasting international models of teaching assistant support. Based on this review, avenues for future research will be forwarded, with the aim of supporting effective inclusionary practices for children with SEN based on evidence-based practice.

Keywords: care needs, inclusion, Ireland, special needs assistants

Procedia PDF Downloads 251

Authors: Tao Feng, Fei Xing, Ye Lu, Jun Li Fang

Abstract:

NDN is a kind of future Internet architecture. Due to the NDN design introduces four privacy challenges,Many research institutions began to care about the privacy issues of naming data network(NDN).In this paper, we are in view of the major NDN’s privacy issues to investigate privacy protection,then put forwards more effectively anonymous transfer policy for NDN.Firstly,based on mutual anonymity communication for MP2P networks,we propose NDN mutual anonymity protocol.Secondly,we add interest package authentication mechanism in the protocol and encrypt the coding coefficient, security of this protocol is improved by this way.Finally, we proof the proposed anonymous transfer protocol security and anonymity.

Keywords: NDN, mutual anonymity, anonymous routing, network coding, authentication mechanism

Procedia PDF Downloads 421

Authors: S. Bader, N. Essoukri Ben Amara

Abstract:

With the technological development and rise of virtual worlds, these spaces are becoming more and more attractive for cybercriminals, hidden behind avatars and fictitious identities. Since access to these spaces is not restricted or controlled, some impostors take advantage of gaining unauthorized access and practicing cyber criminality. This paper proposes an identity management approach for securing access to virtual worlds. The major purpose of the suggested solution is to install a strong security mechanism to protect virtual identities represented by avatars. Thus, only legitimate users, through their corresponding avatars, are allowed to access the platform resources. Access is controlled by integrating an authentication process based on biometrics. In the request process for registration, a user fingerprint is enrolled and then encrypted into a watermark utilizing a cancelable and non-invertible algorithm for its protection. After a user personalizes their representative character, the biometric mark is embedded into the avatar through a watermarking procedure. The authenticity of the avatar identity is verified when it requests authorization for access. We have evaluated the proposed approach on a dataset of avatars from various virtual worlds, and we have registered promising performance results in terms of authentication accuracy, acceptation and rejection rates.

Keywords: identity management, security, biometrics authentication and authorization, avatar, virtual world

Procedia PDF Downloads 245

Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier

Abstract:

Graphical-based passwords have existed for decades. Their major advantage is that they are easier to remember than an alphanumeric password. However, their disadvantage (especially recognition-based passwords) is the smaller password space, making them more vulnerable to brute force attacks. Graphical passwords are also highly susceptible to the shoulder-surfing effect. The gesture-based password method that we developed is a grid-free, template-free method. In this study, we evaluated the gesture-based passwords for usability and vulnerability. The results of the study are significant. We developed a gesture-based password application for data collection. Two modes of data collection were used: Creation mode and Replication mode. In creation mode (Session 1), users were asked to create six different passwords and reenter each password five times. In replication mode, users saw a password image created by some other user for a fixed duration of time. Three different duration timers, such as 5 seconds (Session 2), 10 seconds (Session 3), and 15 seconds (Session 4), were used to mimic the shoulder-surfing attack. After the timer expired, the password image was removed, and users were asked to replicate the password. There were 74, 57, 50, and 44 users participated in Session 1, Session 2, Session 3, and Session 4 respectfully. In this study, the machine learning algorithms have been applied to determine whether the person is a genuine user or an imposter based on the password entered. Five different machine learning algorithms were deployed to compare the performance in user authentication: namely, Decision Trees, Linear Discriminant Analysis, Naive Bayes Classifier, Support Vector Machines (SVMs) with Gaussian Radial Basis Kernel function, and K-Nearest Neighbor. Gesture-based password features vary from one entry to the next. It is difficult to distinguish between a creator and an intruder for authentication. For each password entered by the user, four features were extracted: password score, password length, password speed, and password size. All four features were normalized before being fed to a classifier. Three different classifiers were trained using data from all four sessions. Classifiers A, B, and C were trained and tested using data from the password creation session and the password replication with a timer of 5 seconds, 10 seconds, and 15 seconds, respectively. The classification accuracies for Classifier A using five ML algorithms are 72.5%, 71.3%, 71.9%, 74.4%, and 72.9%, respectively. The classification accuracies for Classifier B using five ML algorithms are 69.7%, 67.9%, 70.2%, 73.8%, and 71.2%, respectively. The classification accuracies for Classifier C using five ML algorithms are 68.1%, 64.9%, 68.4%, 71.5%, and 69.8%, respectively. SVMs with Gaussian Radial Basis Kernel outperform other ML algorithms for gesture-based password authentication. Results confirm that the shorter the duration of the shoulder-surfing attack, the higher the authentication accuracy. In conclusion, behavioral features extracted from the gesture-based passwords lead to less vulnerable user authentication.

Keywords: authentication, gesture-based passwords, machine learning algorithms, shoulder-surfing attacks, usability

Procedia PDF Downloads 82