Search results for: patten password

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper is mainly to propose how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication

Procedia PDF Downloads 243

Authors: Faraji Sepideh

Abstract:

Nowadays, purchase rate of the smart device is increasing and user authentication is one of the important issues in information security. Alphanumeric strong passwords are difficult to memorize and also owners write them down on papers or save them in a computer file. In addition, text password has its own flaws and is vulnerable to attacks. Graphical password can be used as an alternative to alphanumeric password that users choose images as a password. This type of password is easier to use and memorize and also more secure from pervious password types. In this paper we have designed a more secure graphical password system to prevent shoulder surfing, smudge and brute force attack. This scheme is a combination of two types of graphical passwords recognition based and Cued recall based. Evaluation the usability and security of our proposed scheme have been explained in conclusion part.

Keywords: brute force attack, graphical password, shoulder surfing attack, smudge attack

Procedia PDF Downloads 119

Authors: R. Chinnaiyaprabhu, S. Bharanidharan, V. Dharsana, Rajalavanya

Abstract:

The concept of the Metaverse represents a potential evolution in the realm of cyberspace. In the early stages of Web 2.0, we observed a proliferation of online pseudonyms or 'nyms,' which increased the prevalence of fake accounts and made it challenging to establish unique online identities for various roles. However, in the era of Web 3.0, particularly in the context of the Metaverse, an individual's digital identity is intrinsically linked to their real-world identity. Consequently, actions taken in the Metaverse can carry significant consequences in the physical world. In light of these considerations, we propose the development of an innovative authentication system known as 'Metasec.' This system is designed to enhance security for digital assets, online identities, avatars, and user accounts within the Metaverse. Notably, Metasec operates as a password less authentication solution, relying on a multifaceted approach to security, encompassing device attestation, facial recognition, and pattern-based security keys.

Keywords: metaverse, multifactor authentication, security, facial recognition, patten password

Procedia PDF Downloads 34

Authors: Sajad Shokohuyar, Mahsa Zomorrodi Anbaji, Saghar Pouyan Shad

Abstract:

According to fast technology growth, modern banking tries to decrease going to banks’ branches and increase customers’ consent. One of the problems which banks face is securing customer’s password. The banks’ solution is one time password creation system. In this research by adapting from acceptance of technology model theory, assesses factors that are effective on banking in Iran especially in using one time password machine by one of the private banks of Iran customers. The statistical population is all of this bank’s customers who use electronic banking service and one time password technology and the questionnaires were distributed among members of statistical population in 5 selected groups of north, south, center, east and west of Tehran. Findings show that confidential preservation, education, ease of utilization and advertising and informing has positive relations and distinct hardware and age has negative relations.

Keywords: security, electronic banking, one time password, information technology

Procedia PDF Downloads 419

Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier

Abstract:

Graphical-based passwords have existed for decades. Their major advantage is that they are easier to remember than an alphanumeric password. However, their disadvantage (especially recognition-based passwords) is the smaller password space, making them more vulnerable to brute force attacks. Graphical passwords are also highly susceptible to the shoulder-surfing effect. The gesture-based password method that we developed is a grid-free, template-free method. In this study, we evaluated the gesture-based passwords for usability and vulnerability. The results of the study are significant. We developed a gesture-based password application for data collection. Two modes of data collection were used: Creation mode and Replication mode. In creation mode (Session 1), users were asked to create six different passwords and reenter each password five times. In replication mode, users saw a password image created by some other user for a fixed duration of time. Three different duration timers, such as 5 seconds (Session 2), 10 seconds (Session 3), and 15 seconds (Session 4), were used to mimic the shoulder-surfing attack. After the timer expired, the password image was removed, and users were asked to replicate the password. There were 74, 57, 50, and 44 users participated in Session 1, Session 2, Session 3, and Session 4 respectfully. In this study, the machine learning algorithms have been applied to determine whether the person is a genuine user or an imposter based on the password entered. Five different machine learning algorithms were deployed to compare the performance in user authentication: namely, Decision Trees, Linear Discriminant Analysis, Naive Bayes Classifier, Support Vector Machines (SVMs) with Gaussian Radial Basis Kernel function, and K-Nearest Neighbor. Gesture-based password features vary from one entry to the next. It is difficult to distinguish between a creator and an intruder for authentication. For each password entered by the user, four features were extracted: password score, password length, password speed, and password size. All four features were normalized before being fed to a classifier. Three different classifiers were trained using data from all four sessions. Classifiers A, B, and C were trained and tested using data from the password creation session and the password replication with a timer of 5 seconds, 10 seconds, and 15 seconds, respectively. The classification accuracies for Classifier A using five ML algorithms are 72.5%, 71.3%, 71.9%, 74.4%, and 72.9%, respectively. The classification accuracies for Classifier B using five ML algorithms are 69.7%, 67.9%, 70.2%, 73.8%, and 71.2%, respectively. The classification accuracies for Classifier C using five ML algorithms are 68.1%, 64.9%, 68.4%, 71.5%, and 69.8%, respectively. SVMs with Gaussian Radial Basis Kernel outperform other ML algorithms for gesture-based password authentication. Results confirm that the shorter the duration of the shoulder-surfing attack, the higher the authentication accuracy. In conclusion, behavioral features extracted from the gesture-based passwords lead to less vulnerable user authentication.

Keywords: authentication, gesture-based passwords, machine learning algorithms, shoulder-surfing attacks, usability

Procedia PDF Downloads 75

Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier

Abstract:

For security purposes, it is important to detect passwords entered by unauthorized users. With traditional alphanumeric passwords, if the content of a password is acquired and correctly entered by an intruder, it is impossible to differentiate the password entered by the intruder from those entered by the authorized user because the password entries contain precisely the same character set. However, no two entries for the gesture-based passwords, even those entered by the person who created the password, will be identical. There are always variations between entries, such as the shape and length of each stroke, the location of each stroke, and the speed of drawing. It is possible that passwords entered by the unauthorized user contain higher levels of variations when compared with those entered by the authorized user (the creator). The difference in the levels of variations may provide cues to detect unauthorized entries. To test this hypothesis, we designed an empirical study, collected and analyzed the data with the help of machine-learning algorithms. The results of the study are significant.

Keywords: authentication, gesture-based passwords, shoulder-surfing attacks, usability

Procedia PDF Downloads 112

Authors: Yo Han Choi, Hee Suk Seo, Seung Hwan Ju, Sung Hyu Han

Abstract:

As currently various portable devices were launched, smart business conducted using them became common. Since smart business can use company-internal resources in an external remote place, user authentication that can identify authentic users is an important factor. Commonly used user authentication is a method of using user ID and Password. In the user authentication using ID and Password, the user should see and enter authentication information him or herself. In this user authentication system depending on the user’s vision, there is the threat of password leaks through snooping in the process which the user enters his or her authentication information. This study designed and produced a user authentication module using an actuator to respond to the snooping threat.

Keywords: actuator, user authentication, security evaluation, haptic actuator

Procedia PDF Downloads 320

Authors: A. R. Manu, V. K. Agrawal, K. N. Balasubramanya Murthy

Abstract:

Authentication is required in stored database systems so that only authorized users can access the data and related cloud infrastructures. This paper proposes an authentication technique using multi-factor and multi-dimensional authentication system with multi-level security. The proposed technique is likely to be more robust as the probability of breaking the password is extremely low. This framework uses a multi-modal biometric approach and SMS to enforce additional security measures with the conventional Login/password system. The robustness of the technique is demonstrated mathematically using a statistical analysis. This work presents the authentication system along with the user authentication architecture diagram, activity diagrams, data flow diagrams, sequence diagrams, and algorithms.

Keywords: design, implementation algorithms, performance, biometric approach

Procedia PDF Downloads 440

Authors: Bandar Alahmadi

Abstract:

The fact that people tend to remember pictures better than texts, motivates researchers to develop graphical passwords as an alternative to textual passwords. Graphical passwords as such were introduced as a possible alternative to traditional text passwords, in which users prove their identity by clicking on pictures rather than typing alphanumerical text. In this paper, we present a scheme for graphical passwords that are resistant to shoulder surfing attacks and spyware attacks. The proposed scheme introduces a clicking technique to chosen images. First, the users choose a set of images, the images are then included in a grid where users can click in the cells around each image, the location of the click and the number of clicks are saved. As a result, the proposed scheme can be safe from shoulder surface and spyware attacks.

Keywords: security, password, authentication, attack, applications

Procedia PDF Downloads 136

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud Ccomputing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 448

Authors: Pratama R. Yunia, Firmansyah, I., Ariani, Ulfa R. Maharani, Fikri M. Al

Abstract:

Nowadays, notwithstanding that the role of SMS as a means of communication has been largely replaced by online applications such as WhatsApp, Telegram, and others, the fact that SMS is still used for certain and important communication needs is indisputable. Among them is for sending one time password (OTP) as an authentication media for various online applications ranging from chatting, shopping to online banking applications. However, the usage of SMS does not pretty much guarantee the security of transmitted messages. As a matter of fact, the transmitted messages between BTS is still in the form of plaintext, making it extremely vulnerable to eavesdropping, especially if the message is confidential, for instance, the OTP. One solution to overcome this problem is to use an SMS application which provides security services for each transmitted message. Responding to this problem, in this study, an automatic key SMS encryption scheme was designed as a means to secure SMS communication. The proposed scheme allows SMS sending, which is automatically encrypted with keys that are constantly changing (automatic key update), automatic key exchange, and automatic key generation. In terms of the security method, the proposed scheme applies cryptographic techniques with a hybrid cryptosystem mechanism. Proofing the proposed scheme, a client to client SMS encryption application was developed using Java platform with AES-256 as encryption algorithm, RSA-768 as public and private key generator and SHA-256 for message hashing function. The result of this study is a secure automatic key SMS encryption scheme using hybrid cryptosystem which can guarantee the security of every transmitted message, so as to become a reliable solution in sending confidential messages through SMS although it still has weaknesses in terms of processing time.

Keywords: encryption scheme, hybrid cryptosystem, one time password, SMS security

Procedia PDF Downloads 101

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a simple user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud computing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 320

Authors: Shatadru Das, Natarajan Vijayarangan

Abstract:

In this paper, a system and method for generating and recovering an authorization code has been designed and analyzed. The system creates an authorization code by accepting a base-sentence from a user. Based on the characters present in this base-sentence, the system computes a base-sentence matrix. The system also generates a plurality of patterns. The user can either select the pattern from the multiple patterns suggested by the system or can create his/her own pattern. The system then performs multiplications between the base-sentence matrix and the selected pattern matrix at different stages in the path forward, for obtaining a strong authorization code. In case the user forgets the base sentence, the system has a provision to manage and retrieve 'forgotten authorization code'. This is done by fragmenting the base sentence into different matrices and storing the fragmented matrices into a repository after computing matrix multiplication with a security question-answer approach and with a secret key provided by the user.

Keywords: easy authentication, key retrieval, memorable passwords, strong password generation

Procedia PDF Downloads 366

Authors: Emmanuel Ogala

Abstract:

Cloud computing has been envisioned as the next-generation architecture of Information Technology (IT) enterprise. In contrast to traditional solutions where IT services are under physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the management of the data and services may not be fully trustworthy. This is due to the fact that the systems are opened to the whole world and as people tries to have access into the system, many people also are there trying day-in day-out on having unauthorized access into the system. This research contributes to the improvement of cloud computing security for better operation. The work is motivated by two problems: first, the observed easy access to cloud computing resources and complexity of attacks to vital cloud computing data system NIC requires that dynamic security mechanism evolves to stay capable of preventing illegitimate access. Second; lack of good methodology for performance test and evaluation of biometric security algorithms for securing records in cloud computing environment. The aim of this research was to evaluate the performance of an integrated security system (ISS) for securing exams records in cloud computing environment. In this research, we designed and implemented an ISS consisting of three security mechanisms of biometric (fingerprint), auto-PIN and password into one stream of access control and used for securing examination records in Kogi State University, Anyigba. Conclusively, the system we built has been able to overcome guessing abilities of hackers who guesses people password or pin. We are certain about this because the added security system (fingerprint) needs the presence of the user of the software before a login access can be granted. This is based on the placement of his finger on the fingerprint biometrics scanner for capturing and verification purpose for user’s authenticity confirmation. The study adopted the conceptual of quantitative design. Object oriented and design methodology was adopted. In the analysis and design, PHP, HTML5, CSS, Visual Studio Java Script, and web 2.0 technologies were used to implement the model of ISS for cloud computing environment. Note; PHP, HTML5, CSS were used in conjunction with visual Studio front end engine design tools and MySQL + Access 7.0 were used for the backend engine and Java Script was used for object arrangement and also validation of user input for security check. Finally, the performance of the developed framework was evaluated by comparing with two other existing security systems (Auto-PIN and password) within the school and the results showed that the developed approach (fingerprint) allows overcoming the two main weaknesses of the existing systems and will work perfectly well if fully implemented.

Keywords: performance evaluation, fingerprint, auto-pin, password-based, security systems, cloud computing environment

Procedia PDF Downloads 112

Authors: Divyans Mahansaria

Abstract:

User authentication is an important security measure for protecting confidential data and systems. However, the vulnerability while authenticating into a system has significantly increased. Thus, necessary mechanisms must be deployed during the process of authenticating a user to safeguard him/her from the vulnerable attacks. The proposed solution implements a novel authentication mechanism to counter various forms of security breach attacks including phishing, Trojan horse, replay, key logging, Asterisk logging, shoulder surfing, brute force search and others. QR code (Quick Response Code) is a type of matrix barcode or two-dimensional barcode that can be used for storing URLs, text, images and other information. In the proposed solution, during each new authentication request, a QR code is dynamically generated and presented to the user. A piece of generic information is mapped to plurality of elements and stored within the QR code. The mapping of generic information with plurality of elements, randomizes in each new login, and thus the QR code generated for each new authentication request is for one-time use only. In order to authenticate into the system, the user needs to decode the QR code using any QR code decoding software. The QR code decoding software needs to be installed on handheld mobile devices such as smartphones, personal digital assistant (PDA), etc. On decoding the QR code, the user will be presented a mapping between the generic piece of information and plurality of elements using which the user needs to derive cipher secret information corresponding to his/her actual password. Now, in place of the actual password, the user will use this cipher secret information to authenticate into the system. The authentication terminal will receive the cipher secret information and use a validation engine that will decipher the cipher secret information. If the entered secret information is correct, the user will be provided access to the system. Usability study has been carried out on the proposed solution, and the new authentication mechanism was found to be easy to learn and adapt. Mathematical analysis of the time taken to carry out brute force attack on the proposed solution has been carried out. The result of mathematical analysis showed that the solution is almost completely resistant to brute force attack. Today’s standard methods for authentication are subject to a wide variety of software, hardware, and human attacks. The proposed scheme can be very useful in controlling the various types of authentication related attacks especially in a networked computer environment where the use of username and password for authentication is common.

Keywords: authentication, QR code, cipher / decipher text, one time password, secret information

Procedia PDF Downloads 240

Authors: K. Alese Boniface, K. Adu Michael

Abstract:

Cybercrime is now becoming a big challenge in Nigeria apart from the traditional crime. Inability to identify perpetrators is one of the reasons for the growing menace. This paper proposes a design for monitoring internet users’ activities in order to curbing cybercrime. It requires redefining the operations of Internet Service Providers (ISPs) which will now mandate users to be authenticated before accessing the internet. In implementing this work which can be adapted to a larger scale, a virtual router application is developed and configured to mimic a real router device. A sign-up portal is developed to allow users to register with the ISP. The portal asks for identification information which will include bio-data and government issued identification data like National Identity Card number, et cetera. A unique username and password are chosen by the user to enable access to the internet which will be used to reference him to an Internet Protocol Address (IP Address) of any system he uses on the internet and thereby associating him to any criminal act related to that IP address at that particular time. Questions such as “What happen when another user knows the password and uses it to commit crime?” and other pertinent issues are addressed.

Keywords: cybercrime, sign-up portal, internet service provider (ISP), internet protocol address (IP address)

Procedia PDF Downloads 244

Authors: Devi Srinivas, K. Sindhuja

Abstract:

This paper presents architecture to improve surveillance applications based on the usage of the service oriented paradigm, with smart phones as user terminals, allowing application dynamic composition and increasing the flexibility of the system. According to the result of moving object detection research on video sequences, the movement of the people is tracked using video surveillance. The moving object is identified using the image subtraction method. The background image is subtracted from the foreground image, from that the moving object is derived. So the Background subtraction algorithm and the threshold value is calculated to find the moving image by using background subtraction algorithm the moving frame is identified. Then, by the threshold value the movement of the frame is identified and tracked. Hence, the movement of the object is identified accurately. This paper deals with low-cost intelligent mobile phone-based wireless video surveillance solution using moving object recognition technology. The proposed solution can be useful in various security systems and environmental surveillance. The fundamental rule of moving object detecting is given in the paper, then, a self-adaptive background representation that can update automatically and timely to adapt to the slow and slight changes of normal surroundings is detailed. While the subtraction of the present captured image and the background reaches a certain threshold, a moving object is measured to be in the current view, and the mobile phone will automatically notify the central control unit or the user through SMS (Short Message System). The main advantage of this system is when an unknown image is captured by the system it will alert the user automatically by sending an SMS to user’s mobile.

Keywords: security, graphical password, persuasive cued click points

Procedia PDF Downloads 508

Authors: Ranbir Singh, Deepinder Kaur

Abstract:

Network security is an important aspect in every field like government offices, Educational Institute and any business organization. Network security consists of the policies adopted to prevent and monitor forbidden access, misuse, modification, or denial of a computer network. Network security is very complicated subject and deal by only well trained and experienced people. However, as more and more people become wired, an increasing number of people need to understand the basics of security in a networked world. The history of the network security included an introduction to the TCP/IP and interworking. Network security starts with authenticating, commonly with a username and a password. In this paper, we study about various types of attacks on network security and how to handle or prevent this attack.

Keywords: network security, attacks, denial, authenticating

Procedia PDF Downloads 369

Authors: Ejd Garba, Okike Benjamin

Abstract:

Today, the word encryption has become very popular even among non-computer professionals. There is no doubt that some works have been carried out in this area, but more works need to be done. Presently, most of the works on encryption is concentrated on the sender of the message without paying any attention to the message recipient. However, it is a good practice if any message sent to someone is received by the particular person whom the message is sent to. This work seeks to ensure that at the receiving end of the message, there is a security to ensure that the recipient computes a key that would enable the encrypted message to be accessed. This key would be in form of password. This would make it possible for a given message to be sent to several people at the same time. When this happens, it is only those people who computes the key correctly that would be given the opportunity to access even the encrypted message, which can in turn be decrypted using the appropriate key.

Keywords: arithmetic, cyber space, modulo-2, information security

Procedia PDF Downloads 277

Authors: Nouf Al Harthi

Abstract:

Venous thromboembolism (VTE) is one of the most common causes of hospital-related deaths in critically ill patients. Guidelines recommended VTE prophylaxis with standardized, fixed doses for most patients. The underweight population has limited data to guide the appropriate drug and dosing regimen. The aim of this study was to describe the pattern of VTE prophylaxis dose regimens for underweighted critically ill adult patients and the prevalence of associated VTE and bleeding. This study is a retrospective cohort study, conducted in King Abdulaziz Medical City, Saudi Arabia. It included all critical patients admitted to the intensive care units and were above 14 years old with weight less than 50 kg or BMI of 18.5 kg/m2 or less and were on heparin as VTE prophylaxis for more than 72 hours from January 2016 until January 2020. After screening 270 patients, only 40 patients were included in this study according to our inclusion and exclusion criteria. Only 6 patients (15%) received VTE prophylaxis as an adjusted dose of heparin 2500 U Q12, while the rest of the patients were taking standard dosing of heparin, 5000 U Q12 was given to 21 (52.50%) patients and 5000 U Q8 was given to 13 (32.50%) patients. None of the adjusted doses developed any complications such as VTE or bleeding. There was no significant difference compared with the standard dose group. This study focused on describing the pattern of heparin doses as VTE prophylaxis in underweight patients. We also compared the standard dosing and adjusted dosage of VTE prophylaxis on underweight patients and any complications. There was no significant difference in the complication’s outcome or benefits between the two groups.

Keywords: venous thromboembolism prophylaxis, heparin, underweight patients, adult, critical care units

Procedia PDF Downloads 60

Authors: Parul Khanna, Pavol Zavarsky, Dale Lindskog

Abstract:

Doxing is a term derived from documents, and hence consists of collecting information on an organization or individual through social media websites, search engines, password cracking methods, social engineering tools and other sources of publicly displayed information. The main purpose of doxing attacks is to threaten, embarrass, harass and humiliate the organization or individual. Various tools are used to perform doxing. Tools such as Maltego visualize organization’s architecture which helps in determining weak links within the organization. This paper discusses limitations of Maltego Chlorine CE 3.6.0 and suggests measures as to how organizations can use these tools to protect themselves from doxing attacks.

Keywords: advanced persistent threat, FOCA, OSINT, PII

Procedia PDF Downloads 220

Authors: Boukhatem Mohamed Belkaid, Lahdi Mourad

Abstract:

In this paper, we propose a new encryption system for security issues medical images. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity, and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every new session of encryption, that will be used to encrypt each frame of the medical image basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.

Keywords: AES, RSA, integrity, confidentiality, authentication, medical images, encryption, decryption, key, correlation

Procedia PDF Downloads 405

Authors: Neetesh Saxena, Narendra S. Chaudhari

Abstract:

Nowadays, SMS is a very popular mobile service and even the poor, illiterate people and those living in rural areas use SMS service very efficiently. Although many mobile operators have already started 3G and 4G services, 2G services are still being used by the people in many countries. In 2G (GSM), only encryption provided is between the MS and the BTS, there is no end-to-end encryption available. Sometimes we all need to send some confidential message to other person containing bank account number, some password, financial details, etc. Normally, a message is sent in plain text only to the recipient and it is not an acceptable standard for transmitting such important and confidential information. Authors propose an end-to-end encryption approach by proposing a terminal for sending/receiving a secure message. An asymmetric key exchange algorithm is used in order to transmit secret shared key securely to the recipient. The proposed approach with terminal device provides authentication, confidentiality, integrity and non-repudiation.

Keywords: AES, DES, Diffie-Hellman, ECDH, A5, SMS

Procedia PDF Downloads 379

Authors: Boukhatem Mohammed Belkaid, Lahdir Mourad

Abstract:

In this paper, we propose a new encryption system for security issues medical images. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity, and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every new session of encryption, that will be used to encrypt each frame of the medical image basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.

Keywords: AES, RSA, integrity, confidentiality, authentication, medical images, encryption, decryption, key, correlation

Procedia PDF Downloads 512

Authors: Parker Townes, Aisouda Savadlou, Shoshana Weiss, Marina Jarenova, Suzzane Ferris, Dan Devoe, Russel Schachar, Scott Patten, Tomas Lange, Marlena Colasanto, Holly McGinn, Paul Arnold

Abstract:

Some research suggests obsessive-compulsive disorder (OCD) is associated with impaired executive functioning: higher-level mental processes involved in carrying out tasks and solving problems. Relevant literature was identified systematically through online databases. Meta-analyses were conducted for task performance metrics reported by at least two articles. Results were synthesized by the executive functioning domain measured through each performance metric. Heterogeneous literature was identified, typically involving few studies using consistent measures. From 29 included studies, analyses were conducted on 33 performance metrics from 12 tasks. Results suggest moderate associations of working memory (two out of five tasks presented significant findings), planning (one out of two tasks presented significant findings), and visuospatial abilities (one out of two tasks presented significant findings) with OCD in youth. There was inadequate literature or contradictory findings for other executive functioning domains. These findings suggest working memory, planning, and visuospatial abilities are impaired in pediatric OCD, with mixed results. More work is needed to identify the effect of age and sex on these results. Acknowledgment: This work was supported by the Alberta Innovates Translational Health Chair in Child and Youth Mental Health. The funders had no role in the design, conducting, writing, or decision to submit this article for publication.

Keywords: obsessive-compulsive disorder, neurocognition, executive functioning, adolescents, children

Procedia PDF Downloads 66

Authors: Boukhatem Mohammed Belkaid, Lahdir Mourad

Abstract:

In this paper, we propose a new encryption system for security issues meteorological images from Meteosat Second Generation (MSG), which generates 12 images every 15 minutes. The hybrid encryption scheme is based on AES and RSA algorithms to validate the three security services are authentication, integrity and confidentiality. Privacy is ensured by AES, authenticity is ensured by the RSA algorithm. Integrity is assured by the basic function of the correlation between adjacent pixels. Our system generates a unique password every 15 minutes that will be used to encrypt each frame of the MSG meteorological basis to strengthen and ensure his safety. Several metrics have been used for various tests of our analysis. For the integrity test, we noticed the efficiencies of our system and how the imprint cryptographic changes at reception if a change affects the image in the transmission channel.

Keywords: AES, RSA, integrity, confidentiality, authentication, satellite MSG, encryption, decryption, key, correlation

Procedia PDF Downloads 351

Authors: Shabir Ahmad Sofi, Shubham Aggarwal, Sanyam Singhal, Roohie Naaz

Abstract:

Biometric recognition refers to an automatic recognition of individuals based on a feature vector(s) derived from their physiological and/or behavioral characteristic. Biometric recognition systems should provide a reliable personal recognition schemes to either confirm or determine the identity of an individual. These features are used to provide an authentication for computer based security systems. Applications of such a system include computer systems security, secure electronic banking, mobile phones, credit cards, secure access to buildings, health and social services. By using biometrics a person could be identified based on 'who she/he is' rather than 'what she/he has' (card, token, key) or 'what she/he knows' (password, PIN). In this paper, a brief overview of biometric methods, both unimodal and multimodal and their advantages and disadvantages, will be presented.

Keywords: biometric, DNA, fingerprint, ear, face, retina scan, gait, iris, voice recognition, unimodal biometric, multimodal biometric

Procedia PDF Downloads 726

Authors: K. Hołda, D. Śliwa, K. Daniec, A. Nawrat

Abstract:

This article was created as part of the developed master's thesis. It attempts to present a newly developed device, which will support the work of specialists dealing with broadly understood cybersecurity terms. The device is contrived to automate security tests. In addition, it simulates potential cyberattacks in the most realistic way possible, without causing permanent damage to the network, in order to maximize the quality of the subsequent corrections to the tested network systems. The proposed solution is a fully operational prototype created from commonly available electronic components and a single board computer. The focus of the following article is not only put on the hardware part of the device but also on the theoretical and applicatory way in which implemented cybersecurity tests operate and examples of their results.

Keywords: Raspberry Pi, ethernet, automated cybersecurity tests, ARP, DNS, backdoor, TCP, password sniffing

Procedia PDF Downloads 90

Authors: Aboli Dhanavade, Shweta Bhimnath, Rutuja Jumale, Ajay Nadargi

Abstract:

Security to any of our personal thing is our most basic need. It is not possible to directly apply that standard Human-computer—interaction approaches. Important usability goal for authentication system is to support users in selecting best passwords. Users often select text-passwords that are easy to remember, but they are more open for attackers to guess. The human brain is good in remembering pictures rather than textual characters. So the best alternative is being designed that is Graphical passwords. However, Graphical passwords are still immature. Conventional password schemes are also vulnerable to Shoulder-surfing attacks, many shoulder-surfing resistant graphical passwords schemes have been proposed. Next, we have analyzed the security and usability of the proposed scheme, and show the resistance of the proposed scheme to shoulder-surfing and different accidental logins.

Keywords: shoulder-surfing, security, authentication, text-passwords

Procedia PDF Downloads 329

Authors: Prikhil Agrawal, N. Priyanka

Abstract:

With the increase of millions of users on Internet day by day, it is very essential to maintain highly reliable and secured data communication between various corporations. Although there are various traditional security imparting techniques such as antivirus software, password protection, data encryption, biometrics and firewall etc. But still network security has become the main issue in various leading companies. So IDSs have become an essential component in terms of security, as it can detect various network attacks and respond quickly to such occurrences. IDSs are used to detect unauthorized access to a computer system. This paper describes various intrusion detection techniques using GA approach. The intrusion detection problem has become a challenging task due to the conception of miscellaneous computer networks under various vulnerabilities. Thus the damage caused to various organizations by malicious intrusions can be mitigated and even be deterred by using this powerful tool.

Keywords: genetic algorithm (GA), intrusion detection system (IDS), dataset, network security

Procedia PDF Downloads 261