2. ABSTRACT
Many security primitives are based on hard mathematical
problems. Using hard AI problems for security is emerging as
an exciting new paradigm, but has been underexplored. In this
project, we present a new security primitive based on hard AI
problems, namely, a novel family of graphical password
systems built on top of Captcha technology, which we call
Captcha as graphical passwords (CaRP). CaRP is both a
Captcha and a graphical password scheme. CaRP also offers
a novel approach to address the well-known image
hotspot problem in popular graphical password systems,
such as Pass Points, that often leads to weak password
choices.
3. Existing System
Captcha is a challenge –response system that is designed
to test the human Intelligence and based on the challenge
it differentiates humans from automated programs which
is easy for most humans to perform but is more difficult
and time-consuming for current bots to complete.
In existing system the CbPA-protocol is used which
requires solving a Captcha after inputting a valid pair of
User ID and password.
4. Drawbacks of Existing System
Vulnerable against Brute Force, Dictionary attacks.
Difficult to understand and are complex for users with
disabilities.
Due to Compatibility issues there Technical difficulties
with certain browsers.
Time consuming to decipher.
5. Proposed System
In this project, we introduce a new security primitive
based on hard AI problems, namely, a novel family of
graphical password systems integrating Captcha
technology, which we call CaRP (Captcha as gRaphical
Passwords). CaRP is click-based graphical passwords,
where a sequence of clicks on an image is used to derive a
password.
The user undergoes Graphical image based Captcha
challenge where he has to pass the test by clicking
appropriate captch images
6. Advantages of the Proposed System
CaRP offers protection against online dictionary attacks
on passwords, which have been for long time a major
security threat for various online services.
CaRP also offers protection against relay attacks, an
increasing threat to bypass Captchas protection.
CaRP is Highly secure and easy to adopt.
Highly recommended for various domains like Banking,
Social-Networks and other web services due to its
enhanced security.
7. SYSTEM REQUIREMENTS
SOFTWARE ENVIRONMENT
Operating system: Windows 07/ XP Professional
IDE : Visual Studio 2010
Front End : ASP. Net
Database : SQL Server 2005
HARDWARE REQUIREMENTS
PROCESSOR: PENTIUM IV 2.6 GHz, Intel Core 2
Duo.
RAM : 2 GB DD RAM
8. System Architecture
Username Password
BANKING
INTRANET
ADMINISTRATOR STAFF VALID
CUSTOMER
LOGIN LOGIN VIEW ALL
TRANSACTIONS
VIEW TRANSACTIONS
BETWEEN TWO DATES
A
BRANCH CREATION VIEW TRANSACTION
BRANCHWISE
VIEW BRANCH INFO
ACCOUNT
CREATION
View All Account
Information
VIEW Transaction
A
DAY BOOK BETWEEN
TWO DATES
ACCOUNT NUMBER WISE
TRANSACTION
9. Module Description
The project contains Three modules:
Administrator module.
Staff module.
Customer module.
Administrator module:
The administrator is head of all the branches he creates
branches in the desired locations and can view all the
transactions in all branches.
10. Module Description Cont……
Staff module:
The staff can login by entering the given username and
password. Then, they may create accounts and view all
accounts details..
Customer module:
He may login to the web site using the given account
number and password which is provided during the
account creation.He can do any transaction such as
transfer amount from one account to another account.
17. CONCLUSION
We present an integrated evaluation of the Persuasive Cued
Click-Points graphical password scheme, including usability and
security evaluations, and implementation considerations.
An important usability goal for knowledge-based authentication
systems is to support users in selecting passwords of higher
security, in the sense of being from an expanded effective
security space.
We use persuasion to influence user choice in click-based
graphical passwords, encouraging users to select more random,
and hence more difficult to guess, click-points.
18. Scope for further Development
We present an integrated evaluation of the Persuasive Cued
Click-Points graphical password scheme, including usability and
security evaluations, and implementation considerations.
An important usability goal for knowledge-based authentication
systems is to support users in selecting passwords of higher
security, in the sense of being from an expanded effective
security space
As a future work, user can upload the picture and selects the
region from that and set the password to secure the access of the
application.
19. References
BOOKS REFERED
R. Biddle, S. Chiasson, and P. C. van Oorschot, “Graphical
passwords:Learning from the first twelve years,” ACM Comput.
Surveys, vol. 44,no. 4, 2012.
2.H. Tao and C. Adams, “Pass-Go: A proposal to improve the
usability of graphical passwords,” Int. J. Netw. Security, vol. 7,
no. 2, pp. 273–292, 2008.
3.P. C. van Oorschot and J. Thorpe, “Exploiting predictability in
clickbased graphical passwords,” J. Comput. Security, vol. 19,
no. 4, pp. 669–702, 2011.