SlideShare a Scribd company logo

Enhanced Secure E-Gateway using Hierarchical Visual Cryptography

IJTET Journal
IJTET Journal

ABSTRACT - Wireless Mesh Networks (WMNs) have emerged as a promising technology because of their wide range of applications. Wireless mesh networks wireless mesh networks (WMNs) are dynamically self – organizing, self – configuring, self – healing with nodes in the network automatically establishing an adHoc network and maintaining mesh connectivity. Because of their fast connectivity wireless mesh networks (WMNs) is widely used in military applications. Security is the major constrain in wireless mesh networks (WMNs). This paper considers a special type of DoS attack called selective forwarding attack or greyhole attack. With such an attack, a misbehaving mesh router just forwards few packets it receives but drops sensitive data packets. To mitigate the effect of such attack an approach called FADE : Forward Assessment based Detection is adopted. FADE scheme detects the presence of attack inside the network by means of two-hop acknowledgment based monitoring and forward assessment based detection. FADE operates in three phases and analyzed by determining optimal threshold values. This approach is found to provide effective defense against the collaborative internal attackers in WMNs.

Education
1 of 5
Download to read offline
INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 Enhanced Secure E-Gateway using Hierarchical Visual Cryptography K.S.Suganya1 PG Scholar Department of Computer Science and Engineering SriGuru Institute of Technology,Coimbatore suganayselvaraj06@gmail.com K.Manikandan2 Assistant Professor Guide Department of Computer Science and Engineering SriGuru Institute of Technology,Coimbatore manikarthi25@gmail.com Abstract— With tremendous growth in electronic commerce, the e-shopping users are facing more and more problems in their day to day life. Most important of them are identity theft and spear phishing attacks. In this paper, we will be addressing those issues by the combined use of Hierarchical Visual Cryptography and keyless image steganography techniques. Firstly, we recommend the use of a certified third party payment gateway, which involves generating image shares using HVCS and secondly we recommend the use of image steganography technique to hide the user’s passphrase or ATM Pin or password in the image share to achieve cheating prevention from malicious insiders of both merchant as well as third party payment gateway. Further, we propose the use of image share as secure SiteKey which prevents spear phishing attack targeting high profile customers. Index Terms— E-shopping, Hierarchical visual cryptography scheme, HVCS, Identity theft, Spear phishing attacks, SiteKey. ——————————  —————————— 1 INTRODUCTION n India, Online shopping had gained popularity owing to Flipkart, Amazon and many online merchants especially in recent years. With rise in popularity, adversely there had been increase in threats and subsequently many users are becoming targets of identity theft, phishing attack and spear phishing attack and many more. The most important attack of them is phishing attack. In phishing attack, the attacker sends an electronic message to the users impersonating as a legitimate personnel. The user considering it as a legitimate request from their registered site, unknowingly, are redirected to the fake website which looks alike the genuine one. Thus, the users lose their confidential password credentials which will be used by the intruders to hack into their account of registered websites. Among which, spear phishing attack is a special type of phishing attack where the intruder targets a specific individual or organization and steals their confidential information. According to FBI’s IC3, spear-phishing attacks are mainly targeting industries, and their ultimate goal is to steal IP address or compromise banking credentials. Hence the need for new and plausible security method for the industries or organization also has increased. As a result, many industries, bank and organization are taking many counter measures to prevent phishing attack and spear phishing attack. The most common among them is authentication. But there are varying level of authentication methods such as one way authentication and two way (also known as mutual) authentications. Some of the common factors of authentication measure involve the following namely username and passphrase, Smart card /ATM card, Biometrics (fingerprint, Iris, Retina, Signature, Sclera, etc...) and many more. IJTET©2015 One way authentication is one direction in nature where the user authenticates them to an external entity with something the user has or knows. Mutual authentication occurs where there is a need for user authenticates themselves to an external entity and in turn an external entity authenticates themselves back to the user. SiteKey authentication is a form of authentication which involves mutual authentications with visual image. The process of SiteKey authentication is as follows where the users of an external entity is prompted to enter their registered username and the entity in turn authenticates themselves by retrieving the previously registered user image. If the images are different, then the user has to consider the website as a fake one and leave it immediately without further proceeding. Else the user can proceed with their login process and enter their password credentials. Fig 1.1 SiteKey authentication 13 I
INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 But the SiteKey authentication is not effective against security image attack where the image column will be replaced with a maintenance message which may compromise the user’s credibility leading to lose of bank credentials. Visual cryptography is a special kind of encryption technique, where the visual information such as text, image is encrypted using various VC schemes to generate 2 or more meaningless shares. These image shares are then transmitted or distributed over untrusted communication channel by the sender. At the receiver side, the image shares are stacked together to retrieve the original visual information. This secret sharing scheme was proposed by Shamir and Naor in 1990[1].In this proposal, we make use of hierarchical visual cryptography scheme where key image share and another share are generated from visual secret image at three levels as explained in the figure 4.1. Steganography is the technique of information or data hiding. It is an age old technique which has its roots in history but still in use. The basic concept behind it is that data is hidden in some cover objects such as text, image, video and audio and the most commonly used cover object is digital image. A method proposed by Chen, Pan, Tseng popularly known as CPT method, where the binary secret message is hidden in a cover image using a weighted matrix [3].In this proposal, we make use a variation of CPT method which will be explained in the section 3.Our system framework requires the bank to provide encrypted password to the users preferably using AES or any encryption algorithm. In our proposal, we use the symmetric encryption technique AES to prevent the third party payment gateway from learning the password credentials. 2 RELATED WORKS A brief survey of the related works to this proposal has been discussed in this section. Shamir and Naor [2] proposed a visual secret sharing scheme known as Visual Cryptography in 1990. Souvik et al. [1] proposed an authentication system for online payment using both visual cryptography and Steganography which prevented form identity theft.Yet,cheating is possible which was a huge drawback.To overcome this, Tzeng [8] proposed a scheme where cheating in visual cryptography by generating fake share can be prevented by the combined use of it with steganography. Yang et al. [5] proposed a modification to Lin proposal to prevent dishonest participants from cheating. And also this scheme increased the quality of the stego image. According to Judge [2], the various steganography schemes employed in the past, present and future were discussed and their various forms and legitimate and illegal use of steganography have been discussed in brief. Among which, CPT image steganographic algorithm proposed by Chen et al[3] which can be combined with visual cryptography to achieve cheating prevention. Chen et al. [6] discussed the procedures of phishing attack and various approaches to prevent phishing attack. Then, the characteristics of hyperlinks in relation to phishing attack were studied and linkguard algorithm was proposed to detect them. IJTET©2015 We then made a study of SiteKey authentication proposed by Bank of Americas as in [11].Then the vulnerabilities, their ineffectiveness and how to overcome their fault were briefly discussed by Youl in [9] and Hearst in [12]. 3 PROPOSED IMAGE STEGANOGRAPHY To prevent cheating by generating fake share in visual cryptography scheme, we combine this with image based steganography technique to enhance security. The CPT is a popular algorithm for embedding binary coded secret message into a binary image. In here ,we are going to use a variation of CPT as in [3].In our proposal, we are going to generate a random binary secret message at the payment gateway and embed the secret message into the account information snapshot image and then encrypt using HVCS scheme as explained in detail in the following section. Algorithm for hiding the secret message in chosen image: Step 1: A secret message is encoded into binary codes (s1, s2, s3, s4….) and the snapshot image is taken as input. Step 2: The cover image is divided into blocks (M) of size 5x5. Step 3: For each block, do as follows i. For each row in the first four rows of the block, XOR all the bits in that row to get a1a2a3a4. ii. For each column in the first four columns of the block, XOR all the bits in that column to get b1b2b3b4. iii. XOR the results in i and ii to get c1c2c3c4 where c1=a1⊕b1, c2=a2⊕b2, and so on. iv. We need to compare the result obtained from c1c2c3c4 with the four secret message bits s1s2s3s4. If found no difference, no change of bits of M. Otherwise , do the following:  If the difference in one bit si, the bit [M] i,5 or [M]5,i need to be changed  Else if difference in two bits si and sj, then the bit [M]i,j or [M]j,i need to be changed.  Else if difference in three bits si, sj and sk, then the bits (([M]i, j or [M]j,i) and ([M]k,5 or [M]5,k)) or (([M]i, 5 or [M]5,i) and ([M]k,i or [M]j,k)) or (([M]5,jor[M]j,5) and ([M]k,i or [M]i,k)) need to be changed .  Else (difference in four bits bi, bj, bk and bm) then the bits (([M] i,j or [M] j,i) and ( [M]k,m or [M]m,k)) or (([M] i,m or [M] m,i) and ( [M]k,i or [M]j,k)) or (([M] m,j or [M] j,m) and ( [M]k,i or [M]i,k)) need be changed . 14
INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 Algorithm for extracting the phrase from the chosen image: Step 1: The decrypted image share is taken as input for the extracting phase. Step 2: The stego image is divided into blocks (M) of size 5x5. Step 3: For each block, do as follows i. For each row in the first four rows of the block, XOR all the bits in that row to get a1a2a3a4. ii. For each column in the first four columns of the block, XOR all the bits in that column to get b1b2b3b4. iii. XOR the results in i and ii to get c1c2c3c4 where c1=a1⊕b1, c2=a2⊕b2, and so on which is the secret message which is compared to acheive cheating prevention of creating fake visual share image by the malicious insiders of third party payment gateway and online sopping merchants. 4 PROPOSED VISUAL CRYPTOGRAPHY SCHEMES In our proposed solution, there are two phases namely registration and login phases. After registration, the users of online shopping enter their bank’s account information and bank’s encrypted password/passphrase/ATM Pin number which will be taken as a snapshot image. Then the user enters a secret message which is encoded into binary codes which are hidden in the user's snapshot image using above mentioned image steganography technique. Then by using hierarchical visual cryptography encryption scheme, we encrypt the stego snapshot image to generate a key image share and image share in three levels as follows. Fig 4.1 HVCS flow IJTET©2015 In the first level, two image shares are generated from the snapshot image by the payment gateway namely Share A and Share B. In the next level, the Share A is encrypted again to generate two shares namely Share A1 and Share A2.Likewise, the Share B is encrypted again to generate two shares namely Share B1 and Share B2.Randomly, any three shares form (Share A1/A2/B1/B2) is combined to form the key image share and remaining share is kept aside as an image share. Key image share is shared with the user over a secure communication channel. Then the remaining share is stored in their payment gateway secure database. The above process is explained in the figure.During login phase, user enters their username or customer id along with their image share to authenticate them to the payment gateway website. The payment gateway website retrieves the share for the corresponding user from their database using customer id. Fig 4.2 System Framework Then the user’s key image share and bank’s remaining image share retrieved from the bank’s database are stacked over one another to retrieve the original snapshot image which will have reduced grayscale density compared to the regular (2,2) VCS scheme.To prevent cheating from generating fake visual share by the malicious insiders, we have two level of security as explained below The secret message is decoded from the original image by image steganography technique and is then compared as an additional verification process. The malicious insiders of both payment gateway and online merchant cannot learn the bank’s password/passphrase/ATM Pin number since they are encrypted usingAES encryption technique. The original image is now displayed to the user by which the payment gateway website authenticates themselves to the users. Upon which, the user are redirected to their banking website where the user’s banking account information and encrypted bank’s password/passphrase/ATM will be forwarded over a secure communication channel and the uses can proceed with their transaction and they will be redirected back to the online shopping merchant. 15
INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 5 EXPERIMENTAL RESULTS The 2 out of 2 VCS scheme randomly chooses one of the two pixel patterns (black or white) from the table below for the image shares 1 and 2. The pixel selection is random so that the shares 1 and 2 usually consist of same number of white and black pixels. As a result, by inspecting one image share, it is not possible to identify the pixel of the next image share as black or white. By using Hierarchical Visual cryptography scheme, we overcome the difficulties like increased grayscale density, pixel expansion faced in the paper [1]. Table 5.1: VCS Pixel pattern selections According to the proposed methodology, we create a snapshot image as in figure 5.2 (a). Later, we embedded the secret message in the snapshot image using the above proposed steganography method. Then we generated two image shares namely image shareA and B using (2, 2) VCS as in figure 5.2 (b) and (c) respectively. Furthermore, we generated two image shares namely image share A1 and A2 using (2, 2) VCS from Share A as in figure 5.2 (d) and (e) respectively. Likewise, we generated two more image shares namely image share B1 and B2 using (2, 2) VCS from Share B as in figure 5.2 (f) and (g) respectively. Then we combined randomly to form a key image share and a remaining share as in figure 5.2 (h) and (i) respectively. Upon overlaying those image shares, we received the merged shares as in figure 5.2 (j). Fig 5.2 Experimental Results IJTET©2015 6 SECURITY ANALYSIS In this section, we are analyzing the security of our proposed solution against some security attacks to know their resisting quality, advantages, disadvantages and method extension. 6.1 Secret sharing The proposed solution is implemented using hierarchical visual secret sharing scheme where the user’s key share and bank’s share are both required to retrieve the secret image. The key share is kept by the user and the second share is stored the payment gateway’s database in a secure manner. 6.2 Man-in-the-middle attack Since only one share is sent across secure communication channel, the man-in-the-middle attack will not succeed in obtaining the access.. Adversely, if the share is intercepted by the intruders and the share is duplicated to generate fake share. If the intruders provide the fake share in the payment website which when stacked together with bank share may retrieve the original image but the payment gateway website will detect anomalies since the fake secret message decoded will not match the user entered secret message stored in the payment gateway website secure database. 6.3 Security image attack Security image attack is a special type of attack against SiteKey where the image and phrase column will be replaced with a maintenance message in the fake website which will look legitimate. This can be avoided only through proper awareness among users about this attack 6.4 Advantages  Proposed solution protects against spear phishing attack by the use of SiteKey authentication  SiteKey authentication with HVCS protects against the security image attack and increases customer’s integrity with their merchant, payment gateway and bank.  Further the use of CPT Steganography prevents cheating in HVCS. Suppose the attacker generates a fake share similar to the original image share and use it to impersonate them to the payment gateway website. The site detects the phishing attack since the fake share would not contain hidden secret message. 6.5 Disadvantages According to Harvard survey, the use of SiteKey is ineffective if the users are not properly educated against the phishing attacks and security image attack. The other most important deterrent is the users had to keep track of their image share in addition to their authentication credentials. 16
INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 7 PERFORMANCE ANALYSIS The proposed method’s performance is investigated by performing steganalysis and conducting benchmarking test for analyzing parameters like Mean Squared Error (MSE) and Peak Signal to Noise Ratio (PSNR). The MSE is calculated by using the equation, MSE -------------- (1) The terms in the equation (1) is explained below P = the total number of pixels in the horizontal dimensions of the image Q = the total number of pixels in the vertical dimensions of the image M x ,y = the pixels of the original image N x ,y = the pixels of the stego image. The PSNR is calculated by using the equation og10 10lPSNR  dB MSE Y         2 .................... (2) The term in the equation (2) is explained below Y = pixel’s intensity value which is equal to 255 for 8 bit gray scale images. 8 CONCLUSION In this paper, we have overcome the difficulties of VCS such as grayscale density and pixel expansion by the use of hierarchical VCS. Furthermore, it prevents the identity theft by malicious insiders and phishing attack by malicious outsides by the combined use of visual cryptography and steganography along with AES symmetric encryption technique. It also limits the information shared between the merchant and the customer. It provides protection for high profile users by the use of SiteKey authentication from spear phishing attack.This method can also be extended to specific organisation website and employees authentication. IJTET©2015 REFERENCES [1] Souvik Roy and P.Venkateswaran , ”Online Payment System using Steganography and Visual Cryptography”. ,” Proceedings of 2014 IEEE Students’ Conference on Electrical, Electronics and Computer Science, pp.165-172, 2014 [2] M. Naor, and A. Shamir, (1994) “Visual Cryptography”, Advances in Cryptography-Eurocrypt '94, vis Lecture Notes in Computer Science 950, pp. 1-12. [3] Chen, Y., Pan, H., Tseng, Y.: A secret of data hiding scheme for two-color images. In: IEEE symposium on computers and communications (2000). [4] Chetana Hegde, S. Manu, P. Deepa Shenoy, K.R. Venugopal, L M Patnaik, “Secure Authentication using Image Processing and Visual Cryptography for Banking Applications,”Proceedings of 16th International Conference on Advanced Computing and Communications, pp. 65- 72,Chennai,India, 2008. [5] C.N. Yang, T.S. Chen, K.H. Yu, and C.C. Wang, “Improvements of image sharing with steganography and authentication”, Journal of Systems &Software, 80:1070-1076, 2007. [6] Juan Chen, Chuanxiong Guo , “Online Detection and Prevention of Phishing Attacks,” Proceedings of First International Conference on Communications and Networking in China (ChinaCom '06), pp. 1 - 7, Beijing, China, 2006. [7] Jaya, Siddharth Malik, Abhinav Aggarwal, Anjali Sardana, “Novel Authentication System Using Visual Cryptography,” Proceedings of 2011 World Congress on Information and Communication Technologies, pp. 1181-1186, Mumbai, India, 2011. [8] C. M. Hu and W. G. Tzeng, “Cheating Prevention in Visual Cryptography”, IEEE Transaction on Image Processing, vol. 16, no.1, Jan- 2007,pp. 36-45. [9] Jim Youll, “Fraud vulnerabilities in SiteKey security at Bank of America” Challenge/Response LABS,Security & privacy for e-commerce, July 18, 2006. [10] Bank of America,”SiteKey FAQs” https://www.bankofamerica.com/privacy/faq/sitekey-faq.go [11] J.C. Judge, “Steganography: Past, Present, Future,” SANS Institute, November 30, 2001. [12] R. Dhamija, J. D. Tygar, and M. Hearst, “Why phishing works,” in Proceedings of the SIGCHI Conference on Human Factors in Computing 17 NM yx P x Q y yx PQ , 1 1 , 1  

Recommended

Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...IJERA Editor
 
Online Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyOnline Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyIJCERT
 
C045016020
C045016020C045016020
C045016020researchinventy
 
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARD
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARDPRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARD
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARDijcisjournal
 
50120130405019
5012013040501950120130405019
50120130405019IAEME Publication
 
An Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual CryptographyAn Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual CryptographyIRJET Journal
 
3d pass words
3d pass words3d pass words
3d pass wordsmkanth
 
A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...
A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...
A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...cscpconf
 

Recommended

Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...
Modern Method for Detecting Web Phishing Using Visual Cryp-tography (VC) and ...IJERA Editor
 
Online Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyOnline Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyIJCERT
 
C045016020
C045016020C045016020
C045016020researchinventy
 
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARD
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARDPRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARD
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARDijcisjournal
 
50120130405019
5012013040501950120130405019
50120130405019IAEME Publication
 
An Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual CryptographyAn Anti-Phishing Framework Based on Visual Cryptography
An Anti-Phishing Framework Based on Visual CryptographyIRJET Journal
 
3d pass words
3d pass words3d pass words
3d pass wordsmkanth
 
A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...
A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...
A NOVEL WAY OF PROVIDING CONFIDENTIALITY TO SHARED SECRET KEY AND AUTHENTICAT...cscpconf
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORDBERASUDARSHAN
 
Documentation20
Documentation20Documentation20
Documentation20gebremedhinfitsum
 
online payment system using Steganography and Visual cryptography
online payment system using Steganography and Visual cryptographyonline payment system using Steganography and Visual cryptography
online payment system using Steganography and Visual cryptographyShahrukh Ali
 
Image authentication for secure login
Image authentication for secure loginImage authentication for secure login
Image authentication for secure loginIRJET Journal
 
SEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDSEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDKarishma Khan
 
Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak Choudhary
 
Smart Password
Smart PasswordSmart Password
Smart Passwordpaperpublications3
 
Secured Online Payment System
Secured Online Payment SystemSecured Online Payment System
Secured Online Payment SystemIRJET Journal
 
New era of authentication
New era of authenticationNew era of authentication
New era of authenticationsunil kumar
 
3d password 23 mar 14
3d password 23 mar 143d password 23 mar 14
3d password 23 mar 14Saddam Ahmed
 
Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Kailas Patil
 
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...IRJET Journal
 
3d password
3d password3d password
3d passwordshivi123456
 
A Survey of User Authentication Schemes for Mobile Device
A Survey of User Authentication Schemes for Mobile DeviceA Survey of User Authentication Schemes for Mobile Device
A Survey of User Authentication Schemes for Mobile DeviceIJMER
 
3D PASSWORD SEMINAR
3D PASSWORD SEMINAR3D PASSWORD SEMINAR
3D PASSWORD SEMINARKarishma Khan
 
Vivek
VivekVivek
VivekVivek Gupta
 
3D Password Presentation
3D Password Presentation3D Password Presentation
3D Password PresentationSambit Mishra
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriyajanapriyanaidu
 
3D password
3D password3D password
3D passwordJaya Sinha
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORDAmrit Sharma
 
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHYSECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHYIRJET Journal
 
50120130405019
5012013040501950120130405019
50120130405019IAEME Publication
 

More Related Content

What's hot

online payment system using Steganography and Visual cryptography
online payment system using Steganography and Visual cryptographyonline payment system using Steganography and Visual cryptography
online payment system using Steganography and Visual cryptographyShahrukh Ali
 
Image authentication for secure login
Image authentication for secure loginImage authentication for secure login
Image authentication for secure loginIRJET Journal
 
SEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDSEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDKarishma Khan
 
Secured Online Payment System
Secured Online Payment SystemSecured Online Payment System
Secured Online Payment SystemIRJET Journal
 
New era of authentication
New era of authenticationNew era of authentication
New era of authenticationsunil kumar
 
3d password 23 mar 14
3d password 23 mar 143d password 23 mar 14
3d password 23 mar 14Saddam Ahmed
 
Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Kailas Patil
 
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...IRJET Journal
 
A Survey of User Authentication Schemes for Mobile Device
A Survey of User Authentication Schemes for Mobile DeviceA Survey of User Authentication Schemes for Mobile Device
A Survey of User Authentication Schemes for Mobile DeviceIJMER
 
3D Password Presentation
3D Password Presentation3D Password Presentation
3D Password PresentationSambit Mishra
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriyajanapriyanaidu
 

What's hot (20)

3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 
Documentation20
Documentation20Documentation20
Documentation20
 
online payment system using Steganography and Visual cryptography
online payment system using Steganography and Visual cryptographyonline payment system using Steganography and Visual cryptography
online payment system using Steganography and Visual cryptography
 
Image authentication for secure login
Image authentication for secure loginImage authentication for secure login
Image authentication for secure login
 
SEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDSEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORD
 
Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak 3 dpassword (2)
Deepak 3 dpassword (2)
 
Smart Password
Smart PasswordSmart Password
Smart Password
 
Secured Online Payment System
Secured Online Payment SystemSecured Online Payment System
Secured Online Payment System
 
New era of authentication
New era of authenticationNew era of authentication
New era of authentication
 
3d password 23 mar 14
3d password 23 mar 143d password 23 mar 14
3d password 23 mar 14
 
Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222Volume 1 number-2pp-216-222
Volume 1 number-2pp-216-222
 
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
IRJET- A Review on Implementation Techniques of Blockchain Enabled Smart Cont...
 
3d password
3d password3d password
3d password
 
A Survey of User Authentication Schemes for Mobile Device
A Survey of User Authentication Schemes for Mobile DeviceA Survey of User Authentication Schemes for Mobile Device
A Survey of User Authentication Schemes for Mobile Device
 
3D PASSWORD SEMINAR
3D PASSWORD SEMINAR3D PASSWORD SEMINAR
3D PASSWORD SEMINAR
 
Vivek
VivekVivek
Vivek
 
3D Password Presentation
3D Password Presentation3D Password Presentation
3D Password Presentation
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriya
 
3D password
3D password3D password
3D password
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 

Similar to Enhanced Secure E-Gateway using Hierarchical Visual Cryptography

SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHYSECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHYIRJET Journal
 
ONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTION
ONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTIONONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTION
ONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTIONJournal For Research
 
Review on Implementation Visual Cryptography & Steganography for Secure Authe...
Review on Implementation Visual Cryptography & Steganography for Secure Authe...Review on Implementation Visual Cryptography & Steganography for Secure Authe...
Review on Implementation Visual Cryptography & Steganography for Secure Authe...IRJET Journal
 
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...IJCSEA Journal
 
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...IJCSEA Journal
 
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET Journal
 
A Generalized Image Authentication Based On Statistical Moments of Color Hist...
A Generalized Image Authentication Based On Statistical Moments of Color Hist...A Generalized Image Authentication Based On Statistical Moments of Color Hist...
A Generalized Image Authentication Based On Statistical Moments of Color Hist...idescitation
 
Essay On Cryptography
Essay On CryptographyEssay On Cryptography
Essay On CryptographyHaley Johnson
 
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATION
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONGENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATION
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONcscpconf
 
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing AttacksIRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing AttacksIRJET Journal
 
Online paymentusingsteganographt&Visualcryptography
Online paymentusingsteganographt&VisualcryptographyOnline paymentusingsteganographt&Visualcryptography
Online paymentusingsteganographt&VisualcryptographyNagarjuna mahanti
 
IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET Journal
 
IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...
IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...
IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...IRJET Journal
 
Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...
Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...
Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...CSCJournals
 
An efficient implementation for key management technique using smart card and...
An efficient implementation for key management technique using smart card and...An efficient implementation for key management technique using smart card and...
An efficient implementation for key management technique using smart card and...ijctcm
 
SFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARING
SFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARINGSFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARING
SFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARINGijcsit
 

Similar to Enhanced Secure E-Gateway using Hierarchical Visual Cryptography (20)

SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHYSECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
SECURE E-BANKING APPLICATION BASED ON VISUAL CRYPTOGRAPHY
 
50120130405019
5012013040501950120130405019
50120130405019
 
ONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTION
ONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTIONONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTION
ONLINE PAYMENT SYSTEM WITH PHISHING AND DDOS DETECTION AND PREVENTION
 
Review on Implementation Visual Cryptography & Steganography for Secure Authe...
Review on Implementation Visual Cryptography & Steganography for Secure Authe...Review on Implementation Visual Cryptography & Steganography for Secure Authe...
Review on Implementation Visual Cryptography & Steganography for Secure Authe...
 
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
 
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
IMAGE RECOGNITION-BASED AUTOMATIC DECRYPTION METHOD FOR TEXT ENCRYPTED USING ...
 
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
 
A Generalized Image Authentication Based On Statistical Moments of Color Hist...
A Generalized Image Authentication Based On Statistical Moments of Color Hist...A Generalized Image Authentication Based On Statistical Moments of Color Hist...
A Generalized Image Authentication Based On Statistical Moments of Color Hist...
 
Iciea08
Iciea08Iciea08
Iciea08
 
Essay On Cryptography
Essay On CryptographyEssay On Cryptography
Essay On Cryptography
 
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATION
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATIONGENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATION
GENERATION OF SECURE ONE-TIME PASSWORD BASED ON IMAGE AUTHENTICATION
 
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing AttacksIRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
IRJET- Passmatrix Authentication to Overcome Shouldersurfing Attacks
 
J0704055058
J0704055058J0704055058
J0704055058
 
Online paymentusingsteganographt&Visualcryptography
Online paymentusingsteganographt&VisualcryptographyOnline paymentusingsteganographt&Visualcryptography
Online paymentusingsteganographt&Visualcryptography
 
IRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking SystemIRJET - Graphical Password Authentication for Banking System
IRJET - Graphical Password Authentication for Banking System
 
IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...
IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...
IRJET- A Probabilistic Model of Visual Cryptography Scheme for Anti-Phis...
 
R04405103106
R04405103106R04405103106
R04405103106
 
Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...
Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...
Biometric Template Protection With Robust Semi – Blind Watermarking Using Ima...
 
An efficient implementation for key management technique using smart card and...
An efficient implementation for key management technique using smart card and...An efficient implementation for key management technique using smart card and...
An efficient implementation for key management technique using smart card and...
 
SFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARING
SFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARINGSFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARING
SFAMSS:A S ECURE F RAMEWORK F OR ATM M ACHINES V IA S ECRET S HARING
 

More from IJTET Journal

Beaglebone Black Webcam Server For Security
Beaglebone Black Webcam Server For SecurityBeaglebone Black Webcam Server For Security
Beaglebone Black Webcam Server For SecurityIJTET Journal
 
Biometrics Authentication Using Raspberry Pi
Biometrics Authentication Using Raspberry PiBiometrics Authentication Using Raspberry Pi
Biometrics Authentication Using Raspberry PiIJTET Journal
 
Conceal Traffic Pattern Discovery from Revealing Form of Ad Hoc Networks
Conceal Traffic Pattern Discovery from Revealing Form of Ad Hoc NetworksConceal Traffic Pattern Discovery from Revealing Form of Ad Hoc Networks
Conceal Traffic Pattern Discovery from Revealing Form of Ad Hoc NetworksIJTET Journal
 
Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...
Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...
Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...IJTET Journal
 
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy Method
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy MethodPrevention of Malicious Nodes and Attacks in Manets Using Trust worthy Method
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy MethodIJTET Journal
 
Effective Pipeline Monitoring Technology in Wireless Sensor Networks
Effective Pipeline Monitoring Technology in Wireless Sensor NetworksEffective Pipeline Monitoring Technology in Wireless Sensor Networks
Effective Pipeline Monitoring Technology in Wireless Sensor NetworksIJTET Journal
 
Raspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSRaspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSIJTET Journal
 
ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...
ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...
ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...IJTET Journal
 
An Efficient Decoding Algorithm for Concatenated Turbo-Crc Codes
An Efficient Decoding Algorithm for Concatenated Turbo-Crc CodesAn Efficient Decoding Algorithm for Concatenated Turbo-Crc Codes
An Efficient Decoding Algorithm for Concatenated Turbo-Crc CodesIJTET Journal
 
Improved Trans-Z-source Inverter for Automobile Application
Improved Trans-Z-source Inverter for Automobile ApplicationImproved Trans-Z-source Inverter for Automobile Application
Improved Trans-Z-source Inverter for Automobile ApplicationIJTET Journal
 
Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...
Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...
Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...IJTET Journal
 
Comprehensive Path Quality Measurement in Wireless Sensor Networks
Comprehensive Path Quality Measurement in Wireless Sensor NetworksComprehensive Path Quality Measurement in Wireless Sensor Networks
Comprehensive Path Quality Measurement in Wireless Sensor NetworksIJTET Journal
 
Optimizing Data Confidentiality using Integrated Multi Query Services
Optimizing Data Confidentiality using Integrated Multi Query ServicesOptimizing Data Confidentiality using Integrated Multi Query Services
Optimizing Data Confidentiality using Integrated Multi Query ServicesIJTET Journal
 
Foliage Measurement Using Image Processing Techniques
Foliage Measurement Using Image Processing TechniquesFoliage Measurement Using Image Processing Techniques
Foliage Measurement Using Image Processing TechniquesIJTET Journal
 
Harmonic Mitigation Method for the DC-AC Converter in a Single Phase System
Harmonic Mitigation Method for the DC-AC Converter in a Single Phase SystemHarmonic Mitigation Method for the DC-AC Converter in a Single Phase System
Harmonic Mitigation Method for the DC-AC Converter in a Single Phase SystemIJTET Journal
 
Comparative Study on NDCT with Different Shell Supporting Structures
Comparative Study on NDCT with Different Shell Supporting StructuresComparative Study on NDCT with Different Shell Supporting Structures
Comparative Study on NDCT with Different Shell Supporting StructuresIJTET Journal
 
Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...
Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...
Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...IJTET Journal
 
A Five – Level Integrated AC – DC Converter
A Five – Level Integrated AC – DC ConverterA Five – Level Integrated AC – DC Converter
A Five – Level Integrated AC – DC ConverterIJTET Journal
 
A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...
A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...
A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...IJTET Journal
 
Study of Eccentrically Braced Outrigger Frame under Seismic Exitation
Study of Eccentrically Braced Outrigger Frame under Seismic ExitationStudy of Eccentrically Braced Outrigger Frame under Seismic Exitation
Study of Eccentrically Braced Outrigger Frame under Seismic ExitationIJTET Journal
 

More from IJTET Journal (20)

Beaglebone Black Webcam Server For Security
Beaglebone Black Webcam Server For SecurityBeaglebone Black Webcam Server For Security
Beaglebone Black Webcam Server For Security
 
Biometrics Authentication Using Raspberry Pi
Biometrics Authentication Using Raspberry PiBiometrics Authentication Using Raspberry Pi
Biometrics Authentication Using Raspberry Pi
 
Conceal Traffic Pattern Discovery from Revealing Form of Ad Hoc Networks
Conceal Traffic Pattern Discovery from Revealing Form of Ad Hoc NetworksConceal Traffic Pattern Discovery from Revealing Form of Ad Hoc Networks
Conceal Traffic Pattern Discovery from Revealing Form of Ad Hoc Networks
 
Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...
Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...
Node Failure Prevention by Using Energy Efficient Routing In Wireless Sensor ...
 
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy Method
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy MethodPrevention of Malicious Nodes and Attacks in Manets Using Trust worthy Method
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy Method
 
Effective Pipeline Monitoring Technology in Wireless Sensor Networks
Effective Pipeline Monitoring Technology in Wireless Sensor NetworksEffective Pipeline Monitoring Technology in Wireless Sensor Networks
Effective Pipeline Monitoring Technology in Wireless Sensor Networks
 
Raspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSRaspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRS
 
ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...
ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...
ECG Steganography and Hash Function Based Privacy Protection of Patients Medi...
 
An Efficient Decoding Algorithm for Concatenated Turbo-Crc Codes
An Efficient Decoding Algorithm for Concatenated Turbo-Crc CodesAn Efficient Decoding Algorithm for Concatenated Turbo-Crc Codes
An Efficient Decoding Algorithm for Concatenated Turbo-Crc Codes
 
Improved Trans-Z-source Inverter for Automobile Application
Improved Trans-Z-source Inverter for Automobile ApplicationImproved Trans-Z-source Inverter for Automobile Application
Improved Trans-Z-source Inverter for Automobile Application
 
Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...
Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...
Wind Energy Conversion System Using PMSG with T-Source Three Phase Matrix Con...
 
Comprehensive Path Quality Measurement in Wireless Sensor Networks
Comprehensive Path Quality Measurement in Wireless Sensor NetworksComprehensive Path Quality Measurement in Wireless Sensor Networks
Comprehensive Path Quality Measurement in Wireless Sensor Networks
 
Optimizing Data Confidentiality using Integrated Multi Query Services
Optimizing Data Confidentiality using Integrated Multi Query ServicesOptimizing Data Confidentiality using Integrated Multi Query Services
Optimizing Data Confidentiality using Integrated Multi Query Services
 
Foliage Measurement Using Image Processing Techniques
Foliage Measurement Using Image Processing TechniquesFoliage Measurement Using Image Processing Techniques
Foliage Measurement Using Image Processing Techniques
 
Harmonic Mitigation Method for the DC-AC Converter in a Single Phase System
Harmonic Mitigation Method for the DC-AC Converter in a Single Phase SystemHarmonic Mitigation Method for the DC-AC Converter in a Single Phase System
Harmonic Mitigation Method for the DC-AC Converter in a Single Phase System
 
Comparative Study on NDCT with Different Shell Supporting Structures
Comparative Study on NDCT with Different Shell Supporting StructuresComparative Study on NDCT with Different Shell Supporting Structures
Comparative Study on NDCT with Different Shell Supporting Structures
 
Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...
Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...
Experimental Investigation of Lateral Pressure on Vertical Formwork Systems u...
 
A Five – Level Integrated AC – DC Converter
A Five – Level Integrated AC – DC ConverterA Five – Level Integrated AC – DC Converter
A Five – Level Integrated AC – DC Converter
 
A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...
A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...
A Comprehensive Approach for Multi Biometric Recognition Using Sclera Vein an...
 
Study of Eccentrically Braced Outrigger Frame under Seismic Exitation
Study of Eccentrically Braced Outrigger Frame under Seismic ExitationStudy of Eccentrically Braced Outrigger Frame under Seismic Exitation
Study of Eccentrically Braced Outrigger Frame under Seismic Exitation
 

Recently uploaded

Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 

Recently uploaded (20)

Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 

Enhanced Secure E-Gateway using Hierarchical Visual Cryptography

  • 1. INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 Enhanced Secure E-Gateway using Hierarchical Visual Cryptography K.S.Suganya1 PG Scholar Department of Computer Science and Engineering SriGuru Institute of Technology,Coimbatore suganayselvaraj06@gmail.com K.Manikandan2 Assistant Professor Guide Department of Computer Science and Engineering SriGuru Institute of Technology,Coimbatore manikarthi25@gmail.com Abstract— With tremendous growth in electronic commerce, the e-shopping users are facing more and more problems in their day to day life. Most important of them are identity theft and spear phishing attacks. In this paper, we will be addressing those issues by the combined use of Hierarchical Visual Cryptography and keyless image steganography techniques. Firstly, we recommend the use of a certified third party payment gateway, which involves generating image shares using HVCS and secondly we recommend the use of image steganography technique to hide the user’s passphrase or ATM Pin or password in the image share to achieve cheating prevention from malicious insiders of both merchant as well as third party payment gateway. Further, we propose the use of image share as secure SiteKey which prevents spear phishing attack targeting high profile customers. Index Terms— E-shopping, Hierarchical visual cryptography scheme, HVCS, Identity theft, Spear phishing attacks, SiteKey. ——————————  —————————— 1 INTRODUCTION n India, Online shopping had gained popularity owing to Flipkart, Amazon and many online merchants especially in recent years. With rise in popularity, adversely there had been increase in threats and subsequently many users are becoming targets of identity theft, phishing attack and spear phishing attack and many more. The most important attack of them is phishing attack. In phishing attack, the attacker sends an electronic message to the users impersonating as a legitimate personnel. The user considering it as a legitimate request from their registered site, unknowingly, are redirected to the fake website which looks alike the genuine one. Thus, the users lose their confidential password credentials which will be used by the intruders to hack into their account of registered websites. Among which, spear phishing attack is a special type of phishing attack where the intruder targets a specific individual or organization and steals their confidential information. According to FBI’s IC3, spear-phishing attacks are mainly targeting industries, and their ultimate goal is to steal IP address or compromise banking credentials. Hence the need for new and plausible security method for the industries or organization also has increased. As a result, many industries, bank and organization are taking many counter measures to prevent phishing attack and spear phishing attack. The most common among them is authentication. But there are varying level of authentication methods such as one way authentication and two way (also known as mutual) authentications. Some of the common factors of authentication measure involve the following namely username and passphrase, Smart card /ATM card, Biometrics (fingerprint, Iris, Retina, Signature, Sclera, etc...) and many more. IJTET©2015 One way authentication is one direction in nature where the user authenticates them to an external entity with something the user has or knows. Mutual authentication occurs where there is a need for user authenticates themselves to an external entity and in turn an external entity authenticates themselves back to the user. SiteKey authentication is a form of authentication which involves mutual authentications with visual image. The process of SiteKey authentication is as follows where the users of an external entity is prompted to enter their registered username and the entity in turn authenticates themselves by retrieving the previously registered user image. If the images are different, then the user has to consider the website as a fake one and leave it immediately without further proceeding. Else the user can proceed with their login process and enter their password credentials. Fig 1.1 SiteKey authentication 13 I
  • 2. INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 But the SiteKey authentication is not effective against security image attack where the image column will be replaced with a maintenance message which may compromise the user’s credibility leading to lose of bank credentials. Visual cryptography is a special kind of encryption technique, where the visual information such as text, image is encrypted using various VC schemes to generate 2 or more meaningless shares. These image shares are then transmitted or distributed over untrusted communication channel by the sender. At the receiver side, the image shares are stacked together to retrieve the original visual information. This secret sharing scheme was proposed by Shamir and Naor in 1990[1].In this proposal, we make use of hierarchical visual cryptography scheme where key image share and another share are generated from visual secret image at three levels as explained in the figure 4.1. Steganography is the technique of information or data hiding. It is an age old technique which has its roots in history but still in use. The basic concept behind it is that data is hidden in some cover objects such as text, image, video and audio and the most commonly used cover object is digital image. A method proposed by Chen, Pan, Tseng popularly known as CPT method, where the binary secret message is hidden in a cover image using a weighted matrix [3].In this proposal, we make use a variation of CPT method which will be explained in the section 3.Our system framework requires the bank to provide encrypted password to the users preferably using AES or any encryption algorithm. In our proposal, we use the symmetric encryption technique AES to prevent the third party payment gateway from learning the password credentials. 2 RELATED WORKS A brief survey of the related works to this proposal has been discussed in this section. Shamir and Naor [2] proposed a visual secret sharing scheme known as Visual Cryptography in 1990. Souvik et al. [1] proposed an authentication system for online payment using both visual cryptography and Steganography which prevented form identity theft.Yet,cheating is possible which was a huge drawback.To overcome this, Tzeng [8] proposed a scheme where cheating in visual cryptography by generating fake share can be prevented by the combined use of it with steganography. Yang et al. [5] proposed a modification to Lin proposal to prevent dishonest participants from cheating. And also this scheme increased the quality of the stego image. According to Judge [2], the various steganography schemes employed in the past, present and future were discussed and their various forms and legitimate and illegal use of steganography have been discussed in brief. Among which, CPT image steganographic algorithm proposed by Chen et al[3] which can be combined with visual cryptography to achieve cheating prevention. Chen et al. [6] discussed the procedures of phishing attack and various approaches to prevent phishing attack. Then, the characteristics of hyperlinks in relation to phishing attack were studied and linkguard algorithm was proposed to detect them. IJTET©2015 We then made a study of SiteKey authentication proposed by Bank of Americas as in [11].Then the vulnerabilities, their ineffectiveness and how to overcome their fault were briefly discussed by Youl in [9] and Hearst in [12]. 3 PROPOSED IMAGE STEGANOGRAPHY To prevent cheating by generating fake share in visual cryptography scheme, we combine this with image based steganography technique to enhance security. The CPT is a popular algorithm for embedding binary coded secret message into a binary image. In here ,we are going to use a variation of CPT as in [3].In our proposal, we are going to generate a random binary secret message at the payment gateway and embed the secret message into the account information snapshot image and then encrypt using HVCS scheme as explained in detail in the following section. Algorithm for hiding the secret message in chosen image: Step 1: A secret message is encoded into binary codes (s1, s2, s3, s4….) and the snapshot image is taken as input. Step 2: The cover image is divided into blocks (M) of size 5x5. Step 3: For each block, do as follows i. For each row in the first four rows of the block, XOR all the bits in that row to get a1a2a3a4. ii. For each column in the first four columns of the block, XOR all the bits in that column to get b1b2b3b4. iii. XOR the results in i and ii to get c1c2c3c4 where c1=a1⊕b1, c2=a2⊕b2, and so on. iv. We need to compare the result obtained from c1c2c3c4 with the four secret message bits s1s2s3s4. If found no difference, no change of bits of M. Otherwise , do the following:  If the difference in one bit si, the bit [M] i,5 or [M]5,i need to be changed  Else if difference in two bits si and sj, then the bit [M]i,j or [M]j,i need to be changed.  Else if difference in three bits si, sj and sk, then the bits (([M]i, j or [M]j,i) and ([M]k,5 or [M]5,k)) or (([M]i, 5 or [M]5,i) and ([M]k,i or [M]j,k)) or (([M]5,jor[M]j,5) and ([M]k,i or [M]i,k)) need to be changed .  Else (difference in four bits bi, bj, bk and bm) then the bits (([M] i,j or [M] j,i) and ( [M]k,m or [M]m,k)) or (([M] i,m or [M] m,i) and ( [M]k,i or [M]j,k)) or (([M] m,j or [M] j,m) and ( [M]k,i or [M]i,k)) need be changed . 14
  • 3. INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 Algorithm for extracting the phrase from the chosen image: Step 1: The decrypted image share is taken as input for the extracting phase. Step 2: The stego image is divided into blocks (M) of size 5x5. Step 3: For each block, do as follows i. For each row in the first four rows of the block, XOR all the bits in that row to get a1a2a3a4. ii. For each column in the first four columns of the block, XOR all the bits in that column to get b1b2b3b4. iii. XOR the results in i and ii to get c1c2c3c4 where c1=a1⊕b1, c2=a2⊕b2, and so on which is the secret message which is compared to acheive cheating prevention of creating fake visual share image by the malicious insiders of third party payment gateway and online sopping merchants. 4 PROPOSED VISUAL CRYPTOGRAPHY SCHEMES In our proposed solution, there are two phases namely registration and login phases. After registration, the users of online shopping enter their bank’s account information and bank’s encrypted password/passphrase/ATM Pin number which will be taken as a snapshot image. Then the user enters a secret message which is encoded into binary codes which are hidden in the user's snapshot image using above mentioned image steganography technique. Then by using hierarchical visual cryptography encryption scheme, we encrypt the stego snapshot image to generate a key image share and image share in three levels as follows. Fig 4.1 HVCS flow IJTET©2015 In the first level, two image shares are generated from the snapshot image by the payment gateway namely Share A and Share B. In the next level, the Share A is encrypted again to generate two shares namely Share A1 and Share A2.Likewise, the Share B is encrypted again to generate two shares namely Share B1 and Share B2.Randomly, any three shares form (Share A1/A2/B1/B2) is combined to form the key image share and remaining share is kept aside as an image share. Key image share is shared with the user over a secure communication channel. Then the remaining share is stored in their payment gateway secure database. The above process is explained in the figure.During login phase, user enters their username or customer id along with their image share to authenticate them to the payment gateway website. The payment gateway website retrieves the share for the corresponding user from their database using customer id. Fig 4.2 System Framework Then the user’s key image share and bank’s remaining image share retrieved from the bank’s database are stacked over one another to retrieve the original snapshot image which will have reduced grayscale density compared to the regular (2,2) VCS scheme.To prevent cheating from generating fake visual share by the malicious insiders, we have two level of security as explained below The secret message is decoded from the original image by image steganography technique and is then compared as an additional verification process. The malicious insiders of both payment gateway and online merchant cannot learn the bank’s password/passphrase/ATM Pin number since they are encrypted usingAES encryption technique. The original image is now displayed to the user by which the payment gateway website authenticates themselves to the users. Upon which, the user are redirected to their banking website where the user’s banking account information and encrypted bank’s password/passphrase/ATM will be forwarded over a secure communication channel and the uses can proceed with their transaction and they will be redirected back to the online shopping merchant. 15
  • 4. INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 5 EXPERIMENTAL RESULTS The 2 out of 2 VCS scheme randomly chooses one of the two pixel patterns (black or white) from the table below for the image shares 1 and 2. The pixel selection is random so that the shares 1 and 2 usually consist of same number of white and black pixels. As a result, by inspecting one image share, it is not possible to identify the pixel of the next image share as black or white. By using Hierarchical Visual cryptography scheme, we overcome the difficulties like increased grayscale density, pixel expansion faced in the paper [1]. Table 5.1: VCS Pixel pattern selections According to the proposed methodology, we create a snapshot image as in figure 5.2 (a). Later, we embedded the secret message in the snapshot image using the above proposed steganography method. Then we generated two image shares namely image shareA and B using (2, 2) VCS as in figure 5.2 (b) and (c) respectively. Furthermore, we generated two image shares namely image share A1 and A2 using (2, 2) VCS from Share A as in figure 5.2 (d) and (e) respectively. Likewise, we generated two more image shares namely image share B1 and B2 using (2, 2) VCS from Share B as in figure 5.2 (f) and (g) respectively. Then we combined randomly to form a key image share and a remaining share as in figure 5.2 (h) and (i) respectively. Upon overlaying those image shares, we received the merged shares as in figure 5.2 (j). Fig 5.2 Experimental Results IJTET©2015 6 SECURITY ANALYSIS In this section, we are analyzing the security of our proposed solution against some security attacks to know their resisting quality, advantages, disadvantages and method extension. 6.1 Secret sharing The proposed solution is implemented using hierarchical visual secret sharing scheme where the user’s key share and bank’s share are both required to retrieve the secret image. The key share is kept by the user and the second share is stored the payment gateway’s database in a secure manner. 6.2 Man-in-the-middle attack Since only one share is sent across secure communication channel, the man-in-the-middle attack will not succeed in obtaining the access.. Adversely, if the share is intercepted by the intruders and the share is duplicated to generate fake share. If the intruders provide the fake share in the payment website which when stacked together with bank share may retrieve the original image but the payment gateway website will detect anomalies since the fake secret message decoded will not match the user entered secret message stored in the payment gateway website secure database. 6.3 Security image attack Security image attack is a special type of attack against SiteKey where the image and phrase column will be replaced with a maintenance message in the fake website which will look legitimate. This can be avoided only through proper awareness among users about this attack 6.4 Advantages  Proposed solution protects against spear phishing attack by the use of SiteKey authentication  SiteKey authentication with HVCS protects against the security image attack and increases customer’s integrity with their merchant, payment gateway and bank.  Further the use of CPT Steganography prevents cheating in HVCS. Suppose the attacker generates a fake share similar to the original image share and use it to impersonate them to the payment gateway website. The site detects the phishing attack since the fake share would not contain hidden secret message. 6.5 Disadvantages According to Harvard survey, the use of SiteKey is ineffective if the users are not properly educated against the phishing attacks and security image attack. The other most important deterrent is the users had to keep track of their image share in addition to their authentication credentials. 16
  • 5. INTERNATIONAL JOURNAL FOR TRENDS IN ENGINEERING & TECHNOLOGY VOLUME 3 ISSUE 1 –JANUARY 2015 - ISSN: 2349 - 9303 7 PERFORMANCE ANALYSIS The proposed method’s performance is investigated by performing steganalysis and conducting benchmarking test for analyzing parameters like Mean Squared Error (MSE) and Peak Signal to Noise Ratio (PSNR). The MSE is calculated by using the equation, MSE -------------- (1) The terms in the equation (1) is explained below P = the total number of pixels in the horizontal dimensions of the image Q = the total number of pixels in the vertical dimensions of the image M x ,y = the pixels of the original image N x ,y = the pixels of the stego image. The PSNR is calculated by using the equation og10 10lPSNR  dB MSE Y         2 .................... (2) The term in the equation (2) is explained below Y = pixel’s intensity value which is equal to 255 for 8 bit gray scale images. 8 CONCLUSION In this paper, we have overcome the difficulties of VCS such as grayscale density and pixel expansion by the use of hierarchical VCS. Furthermore, it prevents the identity theft by malicious insiders and phishing attack by malicious outsides by the combined use of visual cryptography and steganography along with AES symmetric encryption technique. It also limits the information shared between the merchant and the customer. It provides protection for high profile users by the use of SiteKey authentication from spear phishing attack.This method can also be extended to specific organisation website and employees authentication. IJTET©2015 REFERENCES [1] Souvik Roy and P.Venkateswaran , ”Online Payment System using Steganography and Visual Cryptography”. ,” Proceedings of 2014 IEEE Students’ Conference on Electrical, Electronics and Computer Science, pp.165-172, 2014 [2] M. Naor, and A. Shamir, (1994) “Visual Cryptography”, Advances in Cryptography-Eurocrypt '94, vis Lecture Notes in Computer Science 950, pp. 1-12. [3] Chen, Y., Pan, H., Tseng, Y.: A secret of data hiding scheme for two-color images. In: IEEE symposium on computers and communications (2000). [4] Chetana Hegde, S. Manu, P. Deepa Shenoy, K.R. Venugopal, L M Patnaik, “Secure Authentication using Image Processing and Visual Cryptography for Banking Applications,”Proceedings of 16th International Conference on Advanced Computing and Communications, pp. 65- 72,Chennai,India, 2008. [5] C.N. Yang, T.S. Chen, K.H. Yu, and C.C. Wang, “Improvements of image sharing with steganography and authentication”, Journal of Systems &Software, 80:1070-1076, 2007. [6] Juan Chen, Chuanxiong Guo , “Online Detection and Prevention of Phishing Attacks,” Proceedings of First International Conference on Communications and Networking in China (ChinaCom '06), pp. 1 - 7, Beijing, China, 2006. [7] Jaya, Siddharth Malik, Abhinav Aggarwal, Anjali Sardana, “Novel Authentication System Using Visual Cryptography,” Proceedings of 2011 World Congress on Information and Communication Technologies, pp. 1181-1186, Mumbai, India, 2011. [8] C. M. Hu and W. G. Tzeng, “Cheating Prevention in Visual Cryptography”, IEEE Transaction on Image Processing, vol. 16, no.1, Jan- 2007,pp. 36-45. [9] Jim Youll, “Fraud vulnerabilities in SiteKey security at Bank of America” Challenge/Response LABS,Security & privacy for e-commerce, July 18, 2006. [10] Bank of America,”SiteKey FAQs” https://www.bankofamerica.com/privacy/faq/sitekey-faq.go [11] J.C. Judge, “Steganography: Past, Present, Future,” SANS Institute, November 30, 2001. [12] R. Dhamija, J. D. Tygar, and M. Hearst, “Why phishing works,” in Proceedings of the SIGCHI Conference on Human Factors in Computing 17 NM yx P x Q y yx PQ , 1 1 , 1  