Keyloggers Prevention with Time-Sensitive Obfuscation
Nowadays, the abuse of keyloggers is one of the most widespread approaches to steal sensitive information. In this paper, we propose an On-Screen Prompts Approach to Keyloggers (OSPAK) and its analysis, which is installed in public computers. OSPAK utilizes a canvas to cue users when their keystrokes are going to be logged or ignored by OSPAK. This approach can protect computers against recoding sensitive inputs, which obfuscates keyloggers with letters inserted among users' keystrokes. It adds a canvas below each password field in a webpage and consists of three parts: two background areas, a hit area and a moving foreground object. Letters at different valid time intervals are combined in accordance with their time interval orders, and valid time intervals are interleaved with invalid time intervals. It utilizes animation to visualize valid time intervals and invalid time intervals, which can be integrated in a webpage as a browser extension. We have tested it against a series of known keyloggers and also performed a study with 95 users to evaluate how easily the tool is used. Experimental results made by volunteers show that OSPAK is a simple approach.
Secured Mutual Authentication Protocol for Radio Frequency Identification Systems
Radio Frequency Identification (RFID) is a blooming technology which uses radio frequency to track the objects. This technology transmits signals between tag and reader to fetch information from the tag with a unique serial identity. Generally, the drawbacks of RFID technology are high cost, high consumption of power and weak authentication systems between a reader and a tag. The proposed protocol utilizes less dynamic power using reversible truncated multipliers which are implemented in RFID tag-reader with mutual authentication protocol system to reduce both leakage and dynamic power consumption. The proposed system was simulated using Xilinx and Cadence tools.
Mutual Authentication for Sensor-to-Sensor Communications in IoT Infrastructure
Internet of things is a new concept that its emergence has caused ubiquity of sensors in human life, so that at any time, all data are collected, processed and transmitted by these sensors. In order to establish a secure connection, the first challenge is authentication between sensors. However, this challenge also requires some features so that the authentication is done properly. Anonymity, untraceability, and being lightweight are among the issues that need to be considered. In this paper, we have evaluated the authentication protocols and have analyzed the security vulnerabilities found in them. Then an improved light weight authentication protocol for sensor-to-sensor communications is presented which uses the hash function and logical operators. The analysis of protocol shows that security requirements have been met and the protocol is resistant against various attacks. In the end, by decreasing the number of computational cost functions, it is argued that the protocol is lighter than before.
An Authentication Protocol for Quantum Enabled Mobile Devices
The quantum communication technology is an evolving
design which connects multiple quantum enabled devices to internet
for secret communication or sensitive information exchange. In
future, the number of these compact quantum enabled devices
will increase immensely making them an integral part of present
communication systems. Therefore, safety and security of such
devices is also a major concern for us. To ensure the customer
sensitive information will not be eavesdropped or deciphered, we
need a strong authentications and encryption mechanism. In this
paper, we propose a mutual authentication scheme between these
smart quantum devices and server based on the secure exchange of
information through quantum channel which gives better solutions
for symmetric key exchange issues. An important part of this
work is to propose a secure mutual authentication protocol over
the quantum channel. We show that our approach offers robust
authentication protocol and further our solution is lightweight,
scalable, cost-effective with optimized computational processing
Lightweight and Seamless Distributed Scheme for the Smart Home
Security of the smart home in terms of behavior activity pattern recognition is a totally dissimilar and unique issue as compared to the security issues of other scenarios. Sensor devices (low capacity and high capacity) interact and negotiate each other by detecting the daily behavior activity of individuals to execute common tasks. Once a device (e.g., surveillance camera, smart phone and light detection sensor etc.) is compromised, an adversary can then get access to a specific device and can damage daily behavior activity by altering the data and commands. In this scenario, a group of common instruction processes may get involved to generate deadlock. Therefore, an effective suitable security solution is required for smart home architecture. This paper proposes seamless distributed Scheme which fortifies low computational wireless devices for secure communication. Proposed scheme is based on lightweight key-session process to upheld cryptic-link for trajectory by recognizing of individual’s behavior activities pattern. Every device and service provider unit (low capacity sensors (LCS) and high capacity sensors (HCS)) uses an authentication token and originates a secure trajectory connection in network. Analysis of experiments is revealed that proposed scheme strengthens the devices against device seizure attack by recognizing daily behavior activities, minimum utilization memory space of LCS and avoids network from deadlock. Additionally, the results of a comparison with other schemes indicate that scheme manages efficiency in term of computation and communication.
Trust Management for an Authentication System in Ubiquitous Computing
Security of context-aware ubiquitous systems is
paramount, and authentication plays an important aspect in cloud
computing and ubiquitous computing. Trust management has been
identified as vital component for establishing and maintaining
successful relational exchanges between trading partners in cloud
and ubiquitous systems. Establishing trust is the way to build good
relationship with both client and provider which positive activates will
increase trust level, otherwise destroy trust immediately. We propose
a new context-aware authentication system using a trust management
system between client and server, and between servers, a trust which
induces partnership, thus to a close cooperation between these servers.
We defined the rules (algorithms), as well as the formulas to manage
and calculate the trusting degrees depending on context, in order to
uniquely authenticate a user, thus a single sign-on, and to provide
him better services.
Application of PSK Modulation in ADS-B 1090 Extended Squitter Authentication
Since the presence of Next Generation Air Transportation System (NextGen), Automatic Dependent Surveillance-Broadcast (ADS-B) has raised specific concerns related to the privacy and security, due to its vulnerable, low-level of security and limited payload. In this paper, the authors introduce and analyze the combination of Pulse Amplitude Modulation (PAM) and Phase Shift Keying (PSK) Modulation in conventional ADS-B, forming Secure ADS-B (SADS-B) avionics. In order to demonstrate the potential of this combination, Hardware-in-the-loop (HIL) simulation was used. The tests' results show that, on the one hand, SADS-B can offer five times the payload as its predecessor. This additional payload of SADS-B can be used in various applications, therefore enhancing the ability and efficiency of the current ADS-B. On the other hand, by using the extra phase modulated bits as a digital signature to authenticate ADS-B messages, SADS-B can increase the security of ADS-B, thus ensure a more secure aviation as well. More importantly, SADS-B is compatible with the current ADS-B In and Out. Hence, no significant modifications will be needed to implement this idea. As a result, SADS-B can be considered the most promising approach to enhance the capability and security of ADS-B.
Comparison of Authentication Methods in Internet of Things Technology
Internet of Things (IoT) is a powerful industry system, which end-devices are interconnected and automated, allowing the devices to analyze data and execute actions based on the analysis. The IoT technology leverages the technology of Radio-Frequency Identification (RFID) and Wireless Sensor Network (WSN), including mobile and sensor. These technologies contribute to the evolution of IoT. However, due to more devices are connected each other in the Internet, and data from various sources exchanged between things, confidentiality of the data becomes a major concern. This paper focuses on one of the major challenges in IoT; authentication, in order to preserve data integrity and confidentiality are in place. A few solutions are reviewed based on papers from the last few years. One of the proposed solutions is securing the communication between IoT devices and cloud servers with Elliptic Curve Cryptograhpy (ECC) based mutual authentication protocol. This solution focuses on Hyper Text Transfer Protocol (HTTP) cookies as security parameter. Next proposed solution is using keyed-hash scheme protocol to enable IoT devices to authenticate each other without the presence of a central control server. Another proposed solution uses Physical Unclonable Function (PUF) based mutual authentication protocol. It emphasizes on tamper resistant and resource-efficient technology, which equals a 3-way handshake security protocol.
Hybrid Authentication Scheme for Graphical Password Using QR Code and Integrated Sound Signature
Today, the mankind is in the stage of development, every day comes with new proposal of technology, in order to secure these types of technology, we also prepare high yielding security modules to conserve these resources. The capacity of human brain to recognize anything is far more than any species; this is all due to our developing cycle of curiosity. In this paper, we proposed a scheme based on graphical password using QR Code which provides more security to the recent online system. It also contains a supportive sound signature. In this system, authentication is done using sequence of images in QR code form. Users select one click-point per image with the help of QR scanner or recognizer. The encoded phrase in a QR code emphasizes the minimum probability of attacking via shoulder surfing or other attacks.
Use of Personal Rhythm to Authenticate Encrypted Messages
When communicating using private and secure keys, there is always the doubt as to the identity of the message creator. We introduce an algorithm that uses the personal typing rhythm (keystroke dynamics) of the message originator to increase the trust of the authenticity of the message originator by the message recipient. The methodology proposes the use of a Rhythm Certificate Authority (RCA) to validate rhythm information. An illustrative example of the communication between Bob and Alice and the RCA is included. An algorithm of how to communicate with the RCA is presented. This RCA can be an independent authority or an enhanced Certificate Authority like the one used in public key infrastructure (PKI).
Fusion of Shape and Texture for Unconstrained Periocular Authentication
Unconstrained authentication is an important component for personal automated systems and human-computer interfaces. Existing solutions mostly use face as the primary object of analysis. The performance of face-based systems is largely determined by the extent of deformation caused in the facial region and amount of useful information available in occluded face images. Periocular region is a useful portion of face with discriminative ability coupled with resistance to deformation. A reliable portion of periocular area is available for occluded images. The present work demonstrates that joint representation of periocular texture and periocular structure provides an effective expression and poses invariant representation. The proposed methodology provides an effective and compact description of periocular texture and shape. The method is tested over four benchmark datasets exhibiting varied acquisition conditions.
Imposter Detection Based on Location in Vehicular Ad-Hoc Network
Vehicular Ad hoc Network is basically the solution of several problems associated while vehicles are plying on the road. In this paper, we have focused on the detection of imposter node while it has stolen the ID's of the authenticated vehicle in the network. The purpose is to harm the network through imposter messages. Here, we have proposed a protocol namely Imposter Detection based on Location (IDBL), which will store the location coordinate of the each vehicle as the key of the authenticity of the message so that imposter node can be detected. The imposter nodes send messages from a stolen ID and show that it is from an authentic node ID. So, to detect this anomaly, the first location is checked and observed different from original vehicle location. This node is known as imposter node. We have implemented the algorithm through JAVA and tested various types of node distribution and observed the detection probability of imposter node.
A Robust Eyelashes and Eyelid Detection in Transformation Invariant Iris Recognition: In Application with LRC Security System
Biometric authentication is an essential task for any
kind of real-life applications. In this paper, we contribute two
primary paradigms to Iris recognition such as Robust Eyelash
Detection (RED) using pathway kernels and hair curve fitting
synthesized model. Based on these two paradigms, rotation invariant
iris recognition is enhanced. In addition, the presented framework
is tested with real-life iris data to provide the authentication for
LRC (Learning Resource Center) users. Recognition performance
is significantly improved based on the contributed schemes by
evaluating real-life irises. Furthermore, the framework has been
implemented using Java programming language. Experiments are
performed based on 1250 diverse subjects in different angles of
variations on the authentication process. The results revealed that the
methodology can deploy in the process on LRC management system
and other security required applications.
Identity Management in Virtual Worlds Based on Biometrics Watermarking
With the technological development and rise of virtual worlds, these spaces are becoming more and more attractive for cybercriminals, hidden behind avatars and fictitious identities. Since access to these spaces is not restricted or controlled, some impostors take advantage of gaining unauthorized access and practicing cyber criminality. This paper proposes an identity management approach for securing access to virtual worlds. The major purpose of the suggested solution is to install a strong security mechanism to protect virtual identities represented by avatars. Thus, only legitimate users, through their corresponding avatars, are allowed to access the platform resources. Access is controlled by integrating an authentication process based on biometrics. In the request process for registration, a user fingerprint is enrolled and then encrypted into a watermark utilizing a cancelable and non-invertible algorithm for its protection. After a user personalizes their representative character, the biometric mark is embedded into the avatar through a watermarking procedure. The authenticity of the avatar identity is verified when it requests authorization for access. We have evaluated the proposed approach on a dataset of avatars from various virtual worlds, and we have registered promising performance results in terms of authentication accuracy, acceptation and rejection rates.
The Internet of Things Ecosystem: Survey of the Current Landscape, Identity Relationship Management, Multifactor Authentication Mechanisms, and Underlying Protocols
A critical component in the Internet of Things (IoT) ecosystem is the need for secure and appropriate transmission, processing, and storage of the data. Our current forms of authentication, and identity and access management do not suffice because they are not designed to service cohesive, integrated, interconnected devices, and service applications. The seemingly endless opportunities of IoT are in fact circumscribed on multiple levels by concerns such as trust, privacy, security, loss of control, and related issues. This paper considers multi-factor authentication (MFA) mechanisms and cohesive identity relationship management (IRM) standards. It also surveys messaging protocols that are appropriate for the IoT ecosystem.
Hybrid Authentication System Using QR Code with OTP
As we know, number of Internet users are increasing drastically. Now, people are using different online services provided by banks, colleges/schools, hospitals, online utility, bill payment and online shopping sites. To access online services, text-based authentication system is in use. The text-based authentication scheme faces some drawbacks with usability and security issues that bring troubles to users. The core element of computational trust is identity. The aim of the paper is to make the system more compliable for the imposters and more reliable for the users, by using the graphical authentication approach. In this paper, we are using the more powerful tool of encoding the options in graphical QR format and also there will be the acknowledgment which will send to the user’s mobile for final verification. The main methodology depends upon the encryption option and final verification by confirming a set of pass phrase on the legal users, the outcome of the result is very powerful as it only gives the result at once when the process is successfully done. All processes are cross linked serially as the output of the 1st process, is the input of the 2nd and so on. The system is a combination of recognition and pure recall based technique. Presented scheme is useful for devices like PDAs, iPod, phone etc. which are more handy and convenient to use than traditional desktop computer systems.
Towards a Secure Storage in Cloud Computing
Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.
Authenticity of Lipid and Soluble Sugar Profiles of Various Oat Cultivars (Avena sativa)
The identification of lipid and soluble sugar components in flour samples of different cultivars belonging to common oat species (Avena sativa L.) was performed: spring oat, winter oat and hulless oat. Fatty acids were extracted from flour samples with n-hexane, and derivatized into volatile methyl esters, using TMSH (trimethylsulfonium hydroxide in methanol). Soluble sugars were then extracted from defatted and dried samples of oat flour with 96% ethanol, and further derivatized into corresponding TMS-oximes, using hydroxylamine hydrochloride solution and BSTFA (N,O-bis-(trimethylsilyl)-trifluoroacetamide). The hexane and ethanol extracts of each oat cultivar were analyzed using GC-MS system. Lipid and simple sugar compositions are very similar in all samples of investigated cultivars. Chemometric tool was applied to numeric values of automatically integrated surface areas of detected lipid and simple sugar components in their corresponding derivatized forms. Hierarchical cluster analysis shows a very high similarity between the investigated flour samples of oat cultivars, according to the fatty acid content (0.9955). Moderate similarity was observed according to the content of soluble sugars (0.50). These preliminary results support the idea of establishing methods for oat flour authentication, and provide the means for distinguishing oat flour samples, regardless of the variety, from flour samples made of other cereal species, just by lipid and simple sugar profile analysis.
Evaluation and Analysis of the Secure E-Voting Authentication Preparation Scheme
In this paper, we presented an evaluation and analysis of E-Voting Authentication Preparation Scheme (EV-APS). EV-APS applies some modified security aspects that enhance the security measures and adds a strong wall of protection, confidentiality, non-repudiation and authentication requirements. Some of these modified security aspects are Kerberos authentication protocol, PVID scheme, responder certificate validation, and the converted Ferguson e-cash protocol. Authentication and privacy requirements have been evaluated and proved. Authentication guaranteed only eligible and authorized voters were permitted to vote. Also, the privacy guaranteed that all votes will be kept secret. Evaluation and analysis of some of these security requirements have been given. These modified aspects will help in filtering the counter buffer from unauthorized votes by ensuring that only authorized voters are permitted to vote.
Automatic Checkpoint System Using Face and Card Information
In the deep south of Thailand, checkpoints for people
verification are necessary for the security management of risk zones,
such as official buildings in the conflict area. In this paper, we
propose an automatic checkpoint system that verifies persons using
information from ID cards and facial features. The methods for a
person’s information abstraction and verification are introduced
based on useful information such as ID number and name, extracted
from official cards, and facial images from videos. The proposed
system shows promising results and has a real impact on the local
Password Cracking on Graphics Processing Unit Based Systems
Password authentication is one of the widely used
methods to achieve authentication for legal users of computers and
defense against attackers. There are many different ways to
authenticate users of a system and there are many password cracking
methods also developed. This paper proposes how best password
cracking can be performed on a CPU-GPGPU based system. The
main objective of this work is to project how quickly a password can
be cracked with some knowledge about the computer security and
password cracking if sufficient security is not incorporated to the
Efficient and Timely Mutual Authentication Scheme for RFID Systems
The Radio Frequency Identification (RFID) technology
has a diverse base of applications, but it is also prone to security
threats. There are different types of security attacks which limit the
range of the RFID applications. For example, deploying the RFID
networks in insecure environments could make the RFID system
vulnerable to many types of attacks such as spoofing attack, location
traceability attack, physical attack and many more. Therefore, security
is often an important requirement for RFID systems. In this paper,
RFID mutual authentication protocol is implemented based on mobile
agent technology and timestamp, which are used to provide strong
authentication and integrity assurances to both the RFID readers and
their corresponding RFID tags. The integration of mobile agent
technology and timestamp provides promising results towards
achieving this goal and towards reducing the security threats in RFID
Threshold Based Region Incrementing Secret Sharing Scheme for Color Images
In this era of online communication, which transacts data in 0s and 1s, confidentiality is a priced commodity. Ensuring safe transmission of encrypted data and their uncorrupted recovery is a matter of prime concern. Among the several techniques for secure sharing of images, this paper proposes a k out of n region incrementing image sharing scheme for color images. The highlight of this scheme is the use of simple Boolean and arithmetic operations for generating shares and the Lagrange interpolation polynomial for authenticating shares. Additionally, this scheme addresses problems faced by existing algorithms such as color reversal and pixel expansion. This paper regenerates the original secret image whereas the existing systems regenerates only the half toned secret image.
An Interlacing Technique-Based Blind Video Watermarking Using Wavelet
The rapid growth of multimedia technology demands
the secure and efficient access to information. This fast growing lose
the confidence of unauthorized duplication. Henceforth the protection
of multimedia content is becoming more important. Watermarking
solves the issue of unlawful copy of advanced data. In this paper,
blind video watermarking technique has been proposed. A luminance
layer of selected frames is interlaced into two even and odd rows of
an image, further it is deinterlaced and equalizes the coefficients of
the two shares. Color watermark is split into different blocks, and the
pieces of block are concealed in one of the share under the wavelet
transform. Stack the two images into a single image by introducing
interlaced even and odd rows in the two shares. Finally, chrominance
bands are concatenated with the watermarked luminance band. The
safeguard level of the secret information is high, and it is
undetectable. Results show that the quality of the video is not
changed also yields the better PSNR values.
Secured Session Based Profile Caching for E-Learning Systems Using WiMAX Networks
E-Learning enables the users to learn at anywhere at
any time. In E-Learning systems, authenticating the E-Learning user
has security issues. The usage of appropriate communication
networks for providing the internet connectivity for E-learning is
another challenge. WiMAX networks provide Broadband Wireless
Access through the Multicast Broadcast Service so these networks
can be most suitable for E-Learning applications. The authentication
of E-Learning user is vulnerable to session hijacking problems. The
repeated authentication of users can be done to overcome these
issues. In this paper, session based Profile Caching Authentication is
proposed. In this scheme, the credentials of E-Learning users can be
cached at authentication server during the initial authentication
through the appropriate subscriber station. The proposed cache based
authentication scheme performs fast authentication by using cached
user profile. Thus, the proposed authentication protocol reduces the
delay in repeated authentication to enhance the security in ELearning.
A New Authenticable Steganographic Method via the Use of Numeric Data on Public Websites
A new steganographic method via the use of numeric
data on public websites with a self-authentication capability is
proposed. The proposed technique transforms a secret message into
partial shares by Shamir’s (k, n)-threshold secret sharing scheme with
n = k + 1. The generated k+1 partial shares then are embedded into the
numeric items to be disguised as part of the website’s numeric content,
yielding the stego numeric content. Afterward, a receiver links to the
website and extracts every k shares among the k+1 ones from the stego
numeric content to compute k+1 copies of the secret, and the
phenomenon of value consistency of the computed k+1 copies is taken
as an evidence to determine whether the extracted message is authentic
or not, attaining the goal of self-authentication of the extracted secret
message. Experimental results and discussions are provided to show
the feasibility and effectiveness of the proposed method.
EUDIS-An Encryption Scheme for User-Data Security in Public Networks
The method of introducing the proxy interpretation for
sending and receiving requests increase the capability of the server
and our approach UDIV (User-Data Identity Security) to solve the
data and user authentication without extending size of the data makes
better than hybrid IDS (Intrusion Detection System). And at the same
time all the security stages we have framed have to pass through less
through that minimize the response time of the request. Even though
an anomaly detected, before rejecting it the proxy extracts its identity
to prevent it to enter into system. In case of false anomalies, the
request will be reshaped and transformed into legitimate request for
further response. Finally we are holding the normal and abnormal
requests in two different queues with own priorities.
A Study on User Authentication Method Using Haptic Actuator and Security Evaluation
As currently various portable devices were launched,
smart business conducted using them became common. Since smart
business can use company-internal resources in an exlternal remote
place, user authentication that can identify authentic users is an
important factor. Commonly used user authentication is a method of
using user ID and Password. In the user authentication using ID and
Password, the user should see and enter authentication information
him or her. In this user authentication system depending on the user’s
vision, there is the threat of password leaks through snooping in the
process which the user enters his or her authentication information.
This study designed and produced a user authentication module
using an actuator to respond to the snooping threat.
Protecting the Privacy and Trust of VIP Users on Social Network Sites
There is a real threat on the VIPs personal pages on
the Social Network Sites (SNS). The real threats to these pages is
violation of privacy and theft of identity through creating fake pages
that exploit their names and pictures to attract the victims and spread
of lies. In this paper, we propose a new secure architecture that
improves the trusting and finds an effective solution to reduce fake
pages and possibility of recognizing VIP pages on SNS. The
proposed architecture works as a third party that is added to
Facebook to provide the trust service to personal pages for VIPs.
Through this mechanism, it works to ensure the real identity of the
applicant through the electronic authentication of personal
information by storing this information within content of their
website. As a result, the significance of the proposed architecture is
that it secures and provides trust to the VIPs personal pages.
Furthermore, it can help to discover fake page, protect the privacy,
reduce crimes of personality-theft, and increase the sense of trust and
satisfaction by friends and admirers in interacting with SNS.
Opportunistic Routing with Secure Coded Wireless Multicast Using MAS Approach
Many Wireless Sensor Network (WSN) applications necessitate secure multicast services for the purpose of broadcasting delay sensitive data like video files and live telecast at fixed time-slot. This work provides a novel method to deal with end-to-end delay and drop rate of packets. Opportunistic Routing chooses a link based on the maximum probability of packet delivery ratio. Null Key Generation helps in authenticating packets to the receiver. Markov Decision Process based Adaptive Scheduling algorithm determines the time slot for packet transmission. Both theoretical analysis and simulation results show that the proposed protocol ensures better performance in terms of packet delivery ratio, average end-to-end delay and normalized routing overhead.