Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Defenses against large scale online password guessing attacks


Published on

Defenses Against Large Scale Online Password Guessing Attacks By Using Persuasive Click Point

Published in: Engineering, Technology
  • Be the first to comment

Defenses against large scale online password guessing attacks

  1. 1. Project Name : “Defenses Against Large Scale Online Password Guessing Attacks By Using Persuasive Click Point ” Members :  Mr. Neel Kamal.
  2. 2. Content • Purpose • Objective • Password Guessing Attacks • Existing System 1.Taxonomy of Authentication 2.Disadvantages • PCCP • PGRP • System Architecture • Use case diagram
  3. 3. Cont… • Advantages • Requirement • References • Conclusion
  4. 4. Purpose • To provide more secure authentication. • To provide user friendly environment to create password. • To provide large password space over alphanumeric passwords.
  5. 5. Objective • Force users to select more random, and difficult passwords to guess. • To provide better security and easy to remember passwords.
  6. 6. Online Password Guessing Attack • Dictionary Attacks • Brute Force Attack • Shoulder Surfing • Spy ware • Social engineering
  7. 7. Literature survey
  8. 8. Taxonomy Of Authentication
  9. 9. Graphical Password System  Recognition Based Techniques  Recall based techniques : a) Pass Points (PP) b) Cued Click Points (CCP)
  10. 10. Disadvantages of Existing System • Token based system requires support of knowledge based system • Text based passwords easily broken by brute force and dictionary attacks. • Biometrics based system is more complex and costly.
  11. 11. Persuasive Cued Click Point (PCCP) • Select a click-point within the view port. • Shuffle button to randomly reposition the view port • view port guides users to select more random passwords
  12. 12. Password Guessing Resistant Protocol (PGRP)  Restrict password guessing attacks  limits the total number of login attempts  protection against key logger, spy ware
  13. 13. System Architecture
  14. 14. Use Case Diagram
  15. 15. Advantages  Large password space over alphanumeric passwords Bullet point  More restrictive against brute force and dictionary attacks  More effective in preventing password guessing attacks
  16. 16. Requirement  Minimum Software Requirement: Apache Tomcat, Dreamweaver My SQL database Advanced JAVA and JSP  Minimum Hardware Requirements: HDD 80 GB RAM 512 MB Processor Intel P4
  17. 17. References 1. Chiasson, P.C. van Oorschot, and Robert Biddle, “Graphical Password Authentication Using Cued Click Points” ESORICS , LNCS 4734, pp.359 374,Springer- Verlag Berlin Heidelberg 2007. 2. Usable Authentication and Click-Based Graphical Password by Sonia Chiasson . 3. Persuasive Cued Click-Points: Design, implementation, and evaluation of a knowledge-based authentication mechanism Sonia Chiasson, Member, IEEE, Elizabeth Stobert, Alain Forget, Robert Biddle, Member, IEEE, and P. C. van Oorschot, Member, IEEE
  18. 18. Conclusion • There is a growing interest for Graphical passwords since they are better than Text based passwords, although the main argument for graphical passwords is that people are better at memorizing graphical passwords than text-based passwords • Persuasive Click point method provides greater security than other graphical password methods.