In today’s world, securing the assets is necessary that can be done by password. But imagine if password is stolen or hacked then what about the security of assets? In this Paper, we have discussed the major attacks as well as password authentication / security methods and techniques. We have proposed a password security method, where arithmetic operations are performed on user selected pattern from time variables to generate secure password. The task of validating the password or authentication of user can be done on both client and server side. We have analysed how proposed scheme defends across brute force, dictionary, phishing, shoulder surfing, key logger, video recording and replay attacks. To the best of our knowledge, our pattern based time variable password method with arithmetic operation is the one which is able to defend against the all major attacks together.
An Enhanced Security System for Web Authentication IJMER
Web authentication has low security in these days. Todays, For Authentication purpose,
Textual passwords are commonly used; however, users do not follow their requirements. Users tend to
choose meaningful words from dictionaries, which make textual passwords easy tobreak and vulnerable
to dictionary or brute force attacks. Also, Textual passwords can be identified by 3rd
party software’s.
Many available graphicalpasswords have a password space that is less than or equal to the textual
passwordspace. Smart cards or tokens can be stolen.There are so many biometric authentications have
been proposed; however, users tend to resistusing biometrics because of their intrusiveness and the effect
on their privacy. Moreover,biometrics cannot be evoked.In this paper, we present and evaluate our
contribution,i.e., the OTP and 3-D password. A one-time password (OTP) is a password that isvalid for
only one login session or transaction. OTPs avoid a number of shortcomingsthat are associated with
traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in
contrast to static passwords, they are not vulnerable to replay attacks. It means that a potential intruder
who manages to record an OTPthat was already used to log into a service or to conduct a transaction
will not be able toabuse it, since it will be no longer valid. The 3-D password is a multifactor
authenticationscheme. To be authenticated, we present a 3-D virtual environment where the
usernavigates and interacts with various objects. The sequence of actions and interactionstoward the
objects inside the 3-D environment constructs the user’s 3-D password.
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...ADEIJ Journal
Today, a large number of people access internet through their smart phones to login to their bank accounts, social networking accounts and various other blogs. In such a scenario, user authentication has emerged as a major security issue in mobile internet. To date, password based authentication schemes have been extensively used to provide authentication and security. The password based authentication has always been cumbersome for the users because human memory is transient and remembering a large number of long and complicated passwords is impossible. Also, it is vulnerable to various kinds of attacks like brute force, rainbow table, dictionary, sniffing, shoulder surfing and so on. As the main contribution of this paper, a new passwordless authentication scheme for smart phones is presented which not only resolves all the weaknesses of password based schemes but also provide robust security. The proposed scheme relieves users from memorizing and storing long and complicated passwords. The proposed scheme uses ECDSA which is based on Elliptic Curve Cryptography (ECC). ECC has remarkable strength and efficiency advantages in terms of bandwidth, key sizes and computational overheads over other public key cryptosystems. It is therefore suitable for resource constraint devices like smart phone. Furthermore, the proposed scheme incorporate CAPTCHA which play a very important role in protecting the web resources from spamming and other malicious activities. To the best of our knowledge, until now no passwordless user authentication protocol based on ECC has been proposed for smart phones. Finally, the security and functionality analysis shows that compared with existing password based authentication schemes, the proposed scheme is more secure and efficient.
Count based hybrid graphical password to prevent brute force attack and shoul...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
An Enhanced Security System for Web Authentication IJMER
Web authentication has low security in these days. Todays, For Authentication purpose,
Textual passwords are commonly used; however, users do not follow their requirements. Users tend to
choose meaningful words from dictionaries, which make textual passwords easy tobreak and vulnerable
to dictionary or brute force attacks. Also, Textual passwords can be identified by 3rd
party software’s.
Many available graphicalpasswords have a password space that is less than or equal to the textual
passwordspace. Smart cards or tokens can be stolen.There are so many biometric authentications have
been proposed; however, users tend to resistusing biometrics because of their intrusiveness and the effect
on their privacy. Moreover,biometrics cannot be evoked.In this paper, we present and evaluate our
contribution,i.e., the OTP and 3-D password. A one-time password (OTP) is a password that isvalid for
only one login session or transaction. OTPs avoid a number of shortcomingsthat are associated with
traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in
contrast to static passwords, they are not vulnerable to replay attacks. It means that a potential intruder
who manages to record an OTPthat was already used to log into a service or to conduct a transaction
will not be able toabuse it, since it will be no longer valid. The 3-D password is a multifactor
authenticationscheme. To be authenticated, we present a 3-D virtual environment where the
usernavigates and interacts with various objects. The sequence of actions and interactionstoward the
objects inside the 3-D environment constructs the user’s 3-D password.
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...ADEIJ Journal
Today, a large number of people access internet through their smart phones to login to their bank accounts, social networking accounts and various other blogs. In such a scenario, user authentication has emerged as a major security issue in mobile internet. To date, password based authentication schemes have been extensively used to provide authentication and security. The password based authentication has always been cumbersome for the users because human memory is transient and remembering a large number of long and complicated passwords is impossible. Also, it is vulnerable to various kinds of attacks like brute force, rainbow table, dictionary, sniffing, shoulder surfing and so on. As the main contribution of this paper, a new passwordless authentication scheme for smart phones is presented which not only resolves all the weaknesses of password based schemes but also provide robust security. The proposed scheme relieves users from memorizing and storing long and complicated passwords. The proposed scheme uses ECDSA which is based on Elliptic Curve Cryptography (ECC). ECC has remarkable strength and efficiency advantages in terms of bandwidth, key sizes and computational overheads over other public key cryptosystems. It is therefore suitable for resource constraint devices like smart phone. Furthermore, the proposed scheme incorporate CAPTCHA which play a very important role in protecting the web resources from spamming and other malicious activities. To the best of our knowledge, until now no passwordless user authentication protocol based on ECC has been proposed for smart phones. Finally, the security and functionality analysis shows that compared with existing password based authentication schemes, the proposed scheme is more secure and efficient.
Count based hybrid graphical password to prevent brute force attack and shoul...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Graphical password authentication using Pass facesIJERA Editor
Authentication is one of the most important security primitive. Alphanumeric password authentication is most widely used authentication mechanism. This mechanism has been shown to have several drawbacks and is prone to various attacks such as brute force attack, shoulder surfing attack, dictionary attack. Thus to overcome the drawbacks of alphanumeric passwords, we propose Graphical passwords as an alternative to alphanumeric passwords. This is because humans tend to remember visuals better than text. This paper attempts to highlight the existing graphical Passface system, its usability features and then develop a new graphical password system that combines both graphic and texts passwords to fortify the authentication process on desktop systems.
Android Based Total Security for System AuthenticationIJERA Editor
In this Paper [5], A highly severe menace to any computing device is the impersonation of an authenticate user. The most frequent computer authentication scheme is to use alphanumerical usernames and passwords. But the textual passwords are prone to dictionary attacks, eves dropping, shoulder surfing and social engineering. As such, graphical passwords have been introduced as an alternative to the traditional authentication process. Though the graphical password schemes provide a way of making more user friendly passwords, while increasing the level of security, they are vulnerable to shoulder surfing. To address this problem, text can be used in combination with the colors and images to generate the session passwords, thereby making a stronger authentication means. In general, session passwords are those that can be used only once and for every new session, a new password is engendered. This paper [7] describes a method of implementing two factor authentication using mobile phones. The proposed method guarantees that authenticating to services, such as online banking or ATM machines, is done in a very secure manner. The proposed system involves using a mobile phone as a software token for One Time Password generation. The generated One Time Password is valid for only a short user defined period of time and is generated by factors that are unique to both, the user and the mobile device itself. Additionally, an SMS-based mechanism is implemented as both a backup mechanism for retrieving the password and as a possible mean of synchronization. The proposed method has been implemented and tested. Initial results show the success of the proposed method.
Abstract: In an online security, authentication plays a crucial role in shielding resources against unauthorized and illegal use of information. Authentication processes may differ from simple password based authentication system to complex, costly and computation strengthened authentication systems. In recent days, increasing security has always been an important issue since Internet and Web Development came into actuality. Text based password is not enough to counter such problems, which is also an obsolete approach now. Consequently, this demands the need for something more secure along with being more user-friendly. Therefore, we have strained to rise the security by involving a multiple level security tactic, involving Text based using Cryptography, Grid Authentication and Image Based Password. The cryptography technique is very essential for the text based password while encrypting it with the principle of substitution method like Caesar Cipher. Session passwords are also necessary for eliminating the time factor attacks such as Brute Force attack. Grid Authentication makes the system more dynamic due ever changing nature. Image based authentication makes the system more user friendly, reliable and secure.Keywords: Cryptography, Grid Authentication, Image Based Password, Shoulder Attack.
Title: Multilevel Security and Authentication System
Author: Pratik Anap, Sanjay Gholap, Prasad Anpat, Abhijit Bhapkar
International Journal of Recent Research in Mathematics Computer Science and Information Technology
ISSN 2350-1022
Paper Publications
Running head CHALLENGES OF CYBER SECURITY9.docxsusanschei
Running head: CHALLENGES OF CYBER SECURITY 9
Challenges of Cyber Security
Challenges of Cyber Security
Currently, computer security constitutes one of the fields with increasing significance because many people rely on computer systems and the internet for various operations. By the term ‘cyber security’, it refers to the provision of safety measures for computer systems against theft and destruction to the hardware, software and the information contained therein. It also includes protecting computer systems from any form of interference that hinders their efficiency to service delivery. According to (Vasconcelos et al., 2017), cyber security means limiting the physical access to certain hardware and providing safety against destruction that could result due to malpractice or when system operators become tricked and deviate from what is known secure guidelines.
There are many challenges for cyber security measures to be effective. Computer system operators experience great challenges in providing reliable and effective cyber security. Therefore, the question is that; how should system operators get the proper training to overcome numerous cyber security challenges? It is important to pose the question because today there are many businesses that feel insecure. For example, most enterprises doubt the preparedness by system operators and their ability to ensure that there is security in the corporate networks. In addition, a recent research carried by Enterprise Strategy Group established that about a quarter of system operators do not possess the desired skills. Lack of enough personnel who are equipped with right skills is the key factor attributed to challenges of cyber security. While cyber security significantly assists in to protecting us, many enterprises together with their esteemed clients, from someone falsely representing something as beneficial to them or to infiltrate our systems, it is in great need to be expanded on in order to safeguard us, and to create a safer environment protecting companies and our personal information and data, but it can and does fail to provide us complete security, if safe practices are not followed.
Protecting the Home Front
Home front is an informal term commonly used by the civilians of a nation, which faces a war, and their active support system of the military. As a result, military forces largely rely on home front civilian aid services. However, due to increased potential of destruction to the home front, there is a need to offer them appropriate protection (Wang & Lu, 2013). The military has the ability to design systems to help protect and deal with the vulnerabilities to the home front from direct attacks. There a number of things, that can be done to protect the home front against various attacks.
First, one could use automatic light timers fixed throughout in their systems. Light timers can be programmed to switch on and off in a way that helps simulate an in ...
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
Technology has elevated to grab an important position in humans life, the best example is smartphones. They offer access to network as well as online banking transactions, where simplification of human labour affects security and user authentication, and passwords are first line of defense, it’s crucial to pick a strong password. Online banking applications currently use alphanumerical usernames and passwords for authentication, which are exposed to eves dropping, attacks, and shoulder surfing. Users often choose either easy to remember passwords, which can be easily guessed or difficult ones, which tend to be forgotten. The paper revolves around the views, limitation of current system and offers a dynamic biometrics, as it can be easily integrated into the existing computer security systems with minimal alteration and user intervention. The main objective is to secure using cued click point (CCP), which is one click based graphical password scheme for sequence of images and measuring, assessing humans typing rhythm, it’s based upon the human tendency to memorize graphical passwords more comfortably.
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
Technology has elevated to grab an important position in humans life, the best example is smartphones. They offer access to network as well as online banking transactions, where simplification of human labour affects security and user authentication, and passwords are first line of defense, it’s crucial to pick a strong password. Online banking applications currently use alphanumerical usernames and passwords for authentication, which are exposed to eves dropping, attacks, and shoulder surfing. Users often choose either easy to remember passwords, which can be easily guessed or difficult ones, which tend to be forgotten. The paper revolves around the views, limitation of current system and offers a dynamic biometrics, as it can be easily integrated into the existing computer security systems with minimal alteration and user intervention. The main objective is to secure using cued click point (CCP), which is one click based graphical password scheme for sequence of images and measuring, assessing humans typing rhythm, it’s based upon the human tendency to memorize graphical passwords more comfortably.
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
Current password authentication system was proven not secure enough to protect the information from intruders. However, various research has been done and the results show the value of FRR still low and the value of FAR still high. Thus, one of the methods suggests, is enhancing the current system using keystroke dynamics. Keystroke dynamics is a type of biometric authentication that does not require any special hardware, easy to use as the same routine as normal password authentication. Therefore, this research proposed an authentication system using keystroke dynamics to prevent the system from intruders. A system is developed that consist of two parts which are enrolment and verification. Then, a prototype is developed for testing process that consists of 3 main modules, namely Enrolment, Client/Server Connection
and, Verification and Retraining. Based on the testing, the system proved that the keystroke dynamic authentication system was able to implement in client/server environment and shows the value of EER is low that indicates it provide a better system authentication. In future, the system can be improved by enhancing the security, performance, and user interface.
ABSTRACT
Authentication based on passwords is used largely in applications for computer security and privacy. However, human actions such as choosing bad passwords and inputting passwords in an insecure way are regarded as ”the weakest link” in the authentication chain. Rather than arbitrary alphanumeric strings, users tend to choose passwords either short or meaningful for easy memorization. With web applications and mobile apps piling up, people can access these applications anytime and anywhere with various devices. This evolution brings great convenience but also increases the probability of exposing passwords to shoulder surfing attacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To overcome this problem, we proposed a novel authentication system PassMatrix, based on graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulative horizontal and vertical bars covering the entire scope of pass-images, PassMatrix offers no hint for attackers to figure out or narrow down the password even they conduct multiple camera-based attacks. We also implemented a PassMatrix prototype on Android and carried out real user experiments to evaluate its memorability and usability. From the experimental result, the proposed system achieves better resistance to shoulder surfing attacks while maintaining usability.
Keywords:- Graphical Passwords, Authentication, Shoulder Surfing Attack.
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDIJNSA Journal
In a distributed system, authentication protocols are the basis of security to ensure that these protocols function properly. Passwords are one of the most common authentication protocol used nowadays. Because of low entropy of passwords makes the systems vulnerable to password guessing attacks. This paper presents a simple scheme that strengthens password-based authentication protocols and helps prevent dictionary attacks, replay attacks and man in the middle attacks etc., The proposed scheme presents a new password authentication protocol by using the user and server system identification/serial number. Here there is no possibility to store the user passwords so an attacker who gets the password cannot use it directly to gain immediate access and compromise security.
A secure communication in smart phones using two factor authenticationeSAT Journals
Abstract Most secure systems face security attacks mainly at the client side. Two Factor Authentication (TFA) provides improved protection to the system at the client side by prompting to provide something they know and something they have. This system uses a one time password(OTP) generation method which doesn’t require client-server communication, which frees the system from cost of sending a dynamic password each time the client wants to login. The OTP generation uses the factors that are unique to the user and is installed on a smart phone in Android platform owned by the user. An OTP is valid for a minutes time, after which, is useless. The system thus provides better client level security – a simple low cost method which protects system from hacking techniques like key logging, phishing, shoulder surfing, etc. Keywords—Authentication, OTP, key logging, phishing
A secure communication in smart phones using two factor authenticationseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
A novel multifactor authentication system ensuring usability and securityijsptm
User authentication is one of the most important part of information security. Computer security most
commonly depends on passwords to authenticate human users. Password authentication systems will be
either been usable but not secure, or secure but not usable. While there are different types of authentication
systems available alphanumeric password is the most commonly used authentication mechanism. But this
method has significant drawbacks. An alternative solution to the text based authentication is Graphical
User Authentication based on the fact that humans tends to remember images better than text. Graphical
password authentication systems provide passwords which are easy to be created and remembered by the
user. However, the main issues of simple graphical password techniques are shoulder surfing attack and
image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable
or usable but not secure. . In this paper, a new technique that uses cued click point graphical password
method along with the use of one-time session key is proposed. The goal is to propose a new authentication
mechanism using graphical password to achieve higher security and better usability levels. The result of
the system testing is evaluated and it reveals that the proposed system ensures security and usability to a
great extent.
A novel way of integrating voice recognition and one time passwords to preven...ijdpsjournal
Phishing is a threat to all users of the internet who intend to use the web for secure transactions. In the
recent years the number of phishing attacks have increased drastically especially since the advent of ecommerce,
net banking and other services that have an emphasis on security. Phishing is characterized as
any malicious attack aided by a spoofed webpage to encourage users to input their security details.
Phishing is largely done to retrieve passwords and security details of unsuspecting users. This paper
details a new and more secure way to counteract the method of phishing
INFORMATION THEORY BASED ANALYSIS FOR UNDERSTANDING THE REGULATION OF HLA GEN...ijistjournal
Considering information entropy (IE), HLA surface expression (SE) regulation phenomenon is considered as information propagation channel with an amount of distortion. HLA gene SE is considered as sink regulated by the inducible transcription factors (TFs) (source). Previous work with a certain number of bin size, IEs for source and receiver is computed and computation of mutual information characterizes the dependencies of HLA gene SE on some certain TFs in different cells types of hematopoietic system under the condition of leukemia. Though in recent time information theory is utilized for different biological knowledge generation and different rules are available in those specific domains of biomedical areas; however, no such attempt is made regarding gene expression regulation, hence no such rule is available. In this work, IE calculation with varying bin size considering the number of bins is approximately half of the sample size of an attribute also confirms the previous inferences.
Call for Research Articles - 5th International Conference on Artificial Intel...ijistjournal
5th International Conference on Artificial Intelligence and Machine Learning (CAIML 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Artificial Intelligence and Machine Learning. The Conference looks for significant contributions to all major fields of the Artificial Intelligence, Machine Learning in theoretical and practical aspects. The aim of the Conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the areas of Computer Science, Engineering and Applications.
More Related Content
Similar to AN INNOVATIVE PATTERN BASED PASSWORD METHOD USING TIME VARIABLE WITH ARITHMETIC OPERATIONS
Graphical password authentication using Pass facesIJERA Editor
Authentication is one of the most important security primitive. Alphanumeric password authentication is most widely used authentication mechanism. This mechanism has been shown to have several drawbacks and is prone to various attacks such as brute force attack, shoulder surfing attack, dictionary attack. Thus to overcome the drawbacks of alphanumeric passwords, we propose Graphical passwords as an alternative to alphanumeric passwords. This is because humans tend to remember visuals better than text. This paper attempts to highlight the existing graphical Passface system, its usability features and then develop a new graphical password system that combines both graphic and texts passwords to fortify the authentication process on desktop systems.
Android Based Total Security for System AuthenticationIJERA Editor
In this Paper [5], A highly severe menace to any computing device is the impersonation of an authenticate user. The most frequent computer authentication scheme is to use alphanumerical usernames and passwords. But the textual passwords are prone to dictionary attacks, eves dropping, shoulder surfing and social engineering. As such, graphical passwords have been introduced as an alternative to the traditional authentication process. Though the graphical password schemes provide a way of making more user friendly passwords, while increasing the level of security, they are vulnerable to shoulder surfing. To address this problem, text can be used in combination with the colors and images to generate the session passwords, thereby making a stronger authentication means. In general, session passwords are those that can be used only once and for every new session, a new password is engendered. This paper [7] describes a method of implementing two factor authentication using mobile phones. The proposed method guarantees that authenticating to services, such as online banking or ATM machines, is done in a very secure manner. The proposed system involves using a mobile phone as a software token for One Time Password generation. The generated One Time Password is valid for only a short user defined period of time and is generated by factors that are unique to both, the user and the mobile device itself. Additionally, an SMS-based mechanism is implemented as both a backup mechanism for retrieving the password and as a possible mean of synchronization. The proposed method has been implemented and tested. Initial results show the success of the proposed method.
Abstract: In an online security, authentication plays a crucial role in shielding resources against unauthorized and illegal use of information. Authentication processes may differ from simple password based authentication system to complex, costly and computation strengthened authentication systems. In recent days, increasing security has always been an important issue since Internet and Web Development came into actuality. Text based password is not enough to counter such problems, which is also an obsolete approach now. Consequently, this demands the need for something more secure along with being more user-friendly. Therefore, we have strained to rise the security by involving a multiple level security tactic, involving Text based using Cryptography, Grid Authentication and Image Based Password. The cryptography technique is very essential for the text based password while encrypting it with the principle of substitution method like Caesar Cipher. Session passwords are also necessary for eliminating the time factor attacks such as Brute Force attack. Grid Authentication makes the system more dynamic due ever changing nature. Image based authentication makes the system more user friendly, reliable and secure.Keywords: Cryptography, Grid Authentication, Image Based Password, Shoulder Attack.
Title: Multilevel Security and Authentication System
Author: Pratik Anap, Sanjay Gholap, Prasad Anpat, Abhijit Bhapkar
International Journal of Recent Research in Mathematics Computer Science and Information Technology
ISSN 2350-1022
Paper Publications
Running head CHALLENGES OF CYBER SECURITY9.docxsusanschei
Running head: CHALLENGES OF CYBER SECURITY 9
Challenges of Cyber Security
Challenges of Cyber Security
Currently, computer security constitutes one of the fields with increasing significance because many people rely on computer systems and the internet for various operations. By the term ‘cyber security’, it refers to the provision of safety measures for computer systems against theft and destruction to the hardware, software and the information contained therein. It also includes protecting computer systems from any form of interference that hinders their efficiency to service delivery. According to (Vasconcelos et al., 2017), cyber security means limiting the physical access to certain hardware and providing safety against destruction that could result due to malpractice or when system operators become tricked and deviate from what is known secure guidelines.
There are many challenges for cyber security measures to be effective. Computer system operators experience great challenges in providing reliable and effective cyber security. Therefore, the question is that; how should system operators get the proper training to overcome numerous cyber security challenges? It is important to pose the question because today there are many businesses that feel insecure. For example, most enterprises doubt the preparedness by system operators and their ability to ensure that there is security in the corporate networks. In addition, a recent research carried by Enterprise Strategy Group established that about a quarter of system operators do not possess the desired skills. Lack of enough personnel who are equipped with right skills is the key factor attributed to challenges of cyber security. While cyber security significantly assists in to protecting us, many enterprises together with their esteemed clients, from someone falsely representing something as beneficial to them or to infiltrate our systems, it is in great need to be expanded on in order to safeguard us, and to create a safer environment protecting companies and our personal information and data, but it can and does fail to provide us complete security, if safe practices are not followed.
Protecting the Home Front
Home front is an informal term commonly used by the civilians of a nation, which faces a war, and their active support system of the military. As a result, military forces largely rely on home front civilian aid services. However, due to increased potential of destruction to the home front, there is a need to offer them appropriate protection (Wang & Lu, 2013). The military has the ability to design systems to help protect and deal with the vulnerabilities to the home front from direct attacks. There a number of things, that can be done to protect the home front against various attacks.
First, one could use automatic light timers fixed throughout in their systems. Light timers can be programmed to switch on and off in a way that helps simulate an in ...
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
Technology has elevated to grab an important position in humans life, the best example is smartphones. They offer access to network as well as online banking transactions, where simplification of human labour affects security and user authentication, and passwords are first line of defense, it’s crucial to pick a strong password. Online banking applications currently use alphanumerical usernames and passwords for authentication, which are exposed to eves dropping, attacks, and shoulder surfing. Users often choose either easy to remember passwords, which can be easily guessed or difficult ones, which tend to be forgotten. The paper revolves around the views, limitation of current system and offers a dynamic biometrics, as it can be easily integrated into the existing computer security systems with minimal alteration and user intervention. The main objective is to secure using cued click point (CCP), which is one click based graphical password scheme for sequence of images and measuring, assessing humans typing rhythm, it’s based upon the human tendency to memorize graphical passwords more comfortably.
Graphical Based Password for Android Phones using Keystroke Dynamics - A SurveyIJSRD
Technology has elevated to grab an important position in humans life, the best example is smartphones. They offer access to network as well as online banking transactions, where simplification of human labour affects security and user authentication, and passwords are first line of defense, it’s crucial to pick a strong password. Online banking applications currently use alphanumerical usernames and passwords for authentication, which are exposed to eves dropping, attacks, and shoulder surfing. Users often choose either easy to remember passwords, which can be easily guessed or difficult ones, which tend to be forgotten. The paper revolves around the views, limitation of current system and offers a dynamic biometrics, as it can be easily integrated into the existing computer security systems with minimal alteration and user intervention. The main objective is to secure using cued click point (CCP), which is one click based graphical password scheme for sequence of images and measuring, assessing humans typing rhythm, it’s based upon the human tendency to memorize graphical passwords more comfortably.
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
Current password authentication system was proven not secure enough to protect the information from intruders. However, various research has been done and the results show the value of FRR still low and the value of FAR still high. Thus, one of the methods suggests, is enhancing the current system using keystroke dynamics. Keystroke dynamics is a type of biometric authentication that does not require any special hardware, easy to use as the same routine as normal password authentication. Therefore, this research proposed an authentication system using keystroke dynamics to prevent the system from intruders. A system is developed that consist of two parts which are enrolment and verification. Then, a prototype is developed for testing process that consists of 3 main modules, namely Enrolment, Client/Server Connection
and, Verification and Retraining. Based on the testing, the system proved that the keystroke dynamic authentication system was able to implement in client/server environment and shows the value of EER is low that indicates it provide a better system authentication. In future, the system can be improved by enhancing the security, performance, and user interface.
ABSTRACT
Authentication based on passwords is used largely in applications for computer security and privacy. However, human actions such as choosing bad passwords and inputting passwords in an insecure way are regarded as ”the weakest link” in the authentication chain. Rather than arbitrary alphanumeric strings, users tend to choose passwords either short or meaningful for easy memorization. With web applications and mobile apps piling up, people can access these applications anytime and anywhere with various devices. This evolution brings great convenience but also increases the probability of exposing passwords to shoulder surfing attacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To overcome this problem, we proposed a novel authentication system PassMatrix, based on graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulative horizontal and vertical bars covering the entire scope of pass-images, PassMatrix offers no hint for attackers to figure out or narrow down the password even they conduct multiple camera-based attacks. We also implemented a PassMatrix prototype on Android and carried out real user experiments to evaluate its memorability and usability. From the experimental result, the proposed system achieves better resistance to shoulder surfing attacks while maintaining usability.
Keywords:- Graphical Passwords, Authentication, Shoulder Surfing Attack.
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDIJNSA Journal
In a distributed system, authentication protocols are the basis of security to ensure that these protocols function properly. Passwords are one of the most common authentication protocol used nowadays. Because of low entropy of passwords makes the systems vulnerable to password guessing attacks. This paper presents a simple scheme that strengthens password-based authentication protocols and helps prevent dictionary attacks, replay attacks and man in the middle attacks etc., The proposed scheme presents a new password authentication protocol by using the user and server system identification/serial number. Here there is no possibility to store the user passwords so an attacker who gets the password cannot use it directly to gain immediate access and compromise security.
A secure communication in smart phones using two factor authenticationeSAT Journals
Abstract Most secure systems face security attacks mainly at the client side. Two Factor Authentication (TFA) provides improved protection to the system at the client side by prompting to provide something they know and something they have. This system uses a one time password(OTP) generation method which doesn’t require client-server communication, which frees the system from cost of sending a dynamic password each time the client wants to login. The OTP generation uses the factors that are unique to the user and is installed on a smart phone in Android platform owned by the user. An OTP is valid for a minutes time, after which, is useless. The system thus provides better client level security – a simple low cost method which protects system from hacking techniques like key logging, phishing, shoulder surfing, etc. Keywords—Authentication, OTP, key logging, phishing
A secure communication in smart phones using two factor authenticationseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
A novel multifactor authentication system ensuring usability and securityijsptm
User authentication is one of the most important part of information security. Computer security most
commonly depends on passwords to authenticate human users. Password authentication systems will be
either been usable but not secure, or secure but not usable. While there are different types of authentication
systems available alphanumeric password is the most commonly used authentication mechanism. But this
method has significant drawbacks. An alternative solution to the text based authentication is Graphical
User Authentication based on the fact that humans tends to remember images better than text. Graphical
password authentication systems provide passwords which are easy to be created and remembered by the
user. However, the main issues of simple graphical password techniques are shoulder surfing attack and
image gallery attack. Studies reveals that most of the graphical passwords are either secure but not usable
or usable but not secure. . In this paper, a new technique that uses cued click point graphical password
method along with the use of one-time session key is proposed. The goal is to propose a new authentication
mechanism using graphical password to achieve higher security and better usability levels. The result of
the system testing is evaluated and it reveals that the proposed system ensures security and usability to a
great extent.
A novel way of integrating voice recognition and one time passwords to preven...ijdpsjournal
Phishing is a threat to all users of the internet who intend to use the web for secure transactions. In the
recent years the number of phishing attacks have increased drastically especially since the advent of ecommerce,
net banking and other services that have an emphasis on security. Phishing is characterized as
any malicious attack aided by a spoofed webpage to encourage users to input their security details.
Phishing is largely done to retrieve passwords and security details of unsuspecting users. This paper
details a new and more secure way to counteract the method of phishing
INFORMATION THEORY BASED ANALYSIS FOR UNDERSTANDING THE REGULATION OF HLA GEN...ijistjournal
Considering information entropy (IE), HLA surface expression (SE) regulation phenomenon is considered as information propagation channel with an amount of distortion. HLA gene SE is considered as sink regulated by the inducible transcription factors (TFs) (source). Previous work with a certain number of bin size, IEs for source and receiver is computed and computation of mutual information characterizes the dependencies of HLA gene SE on some certain TFs in different cells types of hematopoietic system under the condition of leukemia. Though in recent time information theory is utilized for different biological knowledge generation and different rules are available in those specific domains of biomedical areas; however, no such attempt is made regarding gene expression regulation, hence no such rule is available. In this work, IE calculation with varying bin size considering the number of bins is approximately half of the sample size of an attribute also confirms the previous inferences.
Call for Research Articles - 5th International Conference on Artificial Intel...ijistjournal
5th International Conference on Artificial Intelligence and Machine Learning (CAIML 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Artificial Intelligence and Machine Learning. The Conference looks for significant contributions to all major fields of the Artificial Intelligence, Machine Learning in theoretical and practical aspects. The aim of the Conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the areas of Computer Science, Engineering and Applications.
Online Paper Submission - International Journal of Information Sciences and T...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
SYSTEM IDENTIFICATION AND MODELING FOR INTERACTING AND NON-INTERACTING TANK S...ijistjournal
System identification from the experimental data plays a vital role for model based controller design. Derivation of process model from first principles is often difficult due to its complexity. The first stage in the development of any control and monitoring system is the identification and modeling of the system. Each model is developed within the context of a specific control problem. Thus, the need for a general system identification framework is warranted. The proposed framework should be able to adapt and emphasize different properties based on the control objective and the nature of the behavior of the system. Therefore, system identification has been a valuable tool in identifying the model of the system based on the input and output data for the design of the controller. The present work is concerned with the identification of transfer function models using statistical model identification, process reaction curve method, ARX model, genetic algorithm and modeling using neural network and fuzzy logic for interacting and non interacting tank process. The identification technique and modeling used is prone to parameter change & disturbance. The proposed methods are used for identifying the mathematical model and intelligent model of interacting and non interacting process from the real time experimental data.
Call for Research Articles - 4th International Conference on NLP & Data Minin...ijistjournal
4th International Conference on NLP & Data Mining (NLDM 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Natural Language Computing and Data Mining.
Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the following areas, but are not limited to.
Research Article Submission - International Journal of Information Sciences a...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
Call for Papers - International Journal of Information Sciences and Technique...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
Implementation of Radon Transformation for Electrical Impedance Tomography (EIT)ijistjournal
Radon Transformation is generally used to construct optical image (like CT image) from the projection data in biomedical imaging. In this paper, the concept of Radon Transformation is implemented to reconstruct Electrical Impedance Topographic Image (conductivity or resistivity distribution) of a circular subject. A parallel resistance model of a subject is proposed for Electrical Impedance Topography(EIT) or Magnetic Induction Tomography(MIT). A circular subject with embedded circular objects is segmented into equal width slices from different angles. For each angle, Conductance and Conductivity of each slice is calculated and stored in an array. A back projection method is used to generate a two-dimensional image from one-dimensional projections. As a back projection method, Inverse Radon Transformation is applied on the calculated conductance and conductivity to reconstruct two dimensional images. These images are compared to the target image. In the time of image reconstruction, different filters are used and these images are compared with each other and target image.
Online Paper Submission - 6th International Conference on Machine Learning & ...ijistjournal
6th International Conference on Machine Learning & Applications (CMLA 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of on Machine Learning & Applications.
Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the following areas, but are not limited to.
Submit Your Research Articles - International Journal of Information Sciences...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
BER Performance of MPSK and MQAM in 2x2 Almouti MIMO Systemsijistjournal
Almouti published the error performance of the 2x2 space-time transmit diversity scheme using BPSK. One of the key techniques employed for correcting such errors is the Quadrature amplitude modulation (QAM) because of its efficiency in power and bandwidth.. In this paper we explore the error performance of the 2x2 MIMO system using the Almouti space-time codes for higher order PSK and M-ary QAM. MATLAB was used to simulate the system; assuming slow fading Rayleigh channel and additive white Gaussian noise. The simulated performance curves were compared and evaluated with theoretical curves obtained using BER tool on the MATLAB by setting parameters for random generators. The results shows that the technique used do find a place in correcting error rates of QAM system of higher modulation schemes. The model can equally be used not only for the criteria of adaptive modulation but for a platform to design other modulation systems as well.
Online Paper Submission - International Journal of Information Sciences and T...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
Call for Papers - International Journal of Information Sciences and Technique...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
International Journal of Information Sciences and Techniques (IJIST)ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
BRAIN TUMOR MRIIMAGE CLASSIFICATION WITH FEATURE SELECTION AND EXTRACTION USI...ijistjournal
Feature extraction is a method of capturing visual content of an image. The feature extraction is the process to represent raw image in its reduced form to facilitate decision making such as pattern classification. We have tried to address the problem of classification MRI brain images by creating a robust and more accurate classifier which can act as an expert assistant to medical practitioners. The objective of this paper is to present a novel method of feature selection and extraction. This approach combines the Intensity, Texture, shape based features and classifies the tumor as white matter, Gray matter, CSF, abnormal and normal area. The experiment is performed on 140 tumor contained brain MR images from the Internet Brain Segmentation Repository. The proposed technique has been carried out over a larger database as compare to any previous work and is more robust and effective. PCA and Linear Discriminant Analysis (LDA) were applied on the training sets. The Support Vector Machine (SVM) classifier served as a comparison of nonlinear techniques Vs linear ones. PCA and LDA methods are used to reduce the number of features used. The feature selection using the proposed technique is more beneficial as it analyses the data according to grouping class variable and gives reduced feature set with high classification accuracy.
Research Article Submission - International Journal of Information Sciences a...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
A MEDIAN BASED DIRECTIONAL CASCADED WITH MASK FILTER FOR REMOVAL OF RVINijistjournal
In this paper A Median Based Directional Cascaded with Mask (MBDCM) filter has been proposed, which is based on three different sized cascaded filtering windows. The differences between the current pixel and its neighbors aligned with four main directions are considered for impulse detection. A direction index is used for each edge aligned with a given direction. Minimum of these four direction indexes is used for impulse detection under each masking window. Depending on the minimum direction indexes among these three windows new value to substitute the noisy pixel is calculated. Extensive simulations showed that the MBDCM filter provides good performances of suppressing impulses from both gray level and colored benchmarked images corrupted with low noise level as well as for highly dense impulses. MBDCM filter gives better results than MDWCMM filter in suppressing impulses from highly corrupted digital images.
DECEPTION AND RACISM IN THE TUSKEGEE SYPHILIS STUDYijistjournal
During the twentieth century (1932-1972), white physicians representing the United States government
conducted a human experiment known as the Tuskegee Syphilis Study on black syphilis patients in Macon
County, Alabama. The creators of the study, who supported the idea of black inferiority and the concept
that black people’s bodies functioned differently from white people’s, observed the effects of a disease
called syphilis on untreated black patients in order to collect data for further research on syphilis. Black
individuals involved with the study believed that they were receiving treatment, although in truth,
treatments for syphilis were purposely held back from them. Not only this, but fluids from their bodies, such
as blood and spinal fluid, were extracted to serve as research material without their awareness of the
purpose of the collection. The physicians justified their approach by positioning it as mere observation,
asserting that they were not actively intervening with the patients participating in the experiment. However,
despite their claims of passivity, these white physicians engaged in various morally improper actions,
including deceit, which ultimately resulted in the deaths of numerous black patients who might have had a
chance at survival.
Online Paper Submission - International Journal of Information Sciences and T...ijistjournal
The International Journal of Information Science & Techniques (IJIST) focuses on information systems science and technology coercing multitude applications of information systems in business administration, social science, biosciences, and humanities education, library sciences management, depiction of data and structural illustration, big data analytics, information economics in real engineering and scientific problems.
This journal provides a forum that impacts the development of engineering, education, technology management, information theories and application validation. It also acts as a path to exchange novel and innovative ideas about Information systems science and technology.
A NOVEL APPROACH FOR SEGMENTATION OF SECTOR SCAN SONAR IMAGES USING ADAPTIVE ...ijistjournal
The SAR and SAS images are perturbed by a multiplicative noise called speckle, due to the coherent nature of the scattering phenomenon. If the background of an image is uneven, the fixed thresholding technique is not suitable to segment an image using adaptive thresholding method. In this paper a new Adaptive thresholding method is proposed to reduce the speckle noise, preserving the structural features and textural information of Sector Scan SONAR (Sound Navigation and Ranging) images. Due to the massive proliferation of SONAR images, the proposed method is very appealing in under water environment applications. In fact it is a pre- treatment required in any SONAR images analysis system. The results obtained from the proposed method were compared quantitatively and qualitatively with the results obtained from the other speckle reduction techniques and demonstrate its higher performance for speckle reduction in the SONAR images.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
AN INNOVATIVE PATTERN BASED PASSWORD METHOD USING TIME VARIABLE WITH ARITHMETIC OPERATIONS
1. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
DOI : 10.5121/ijist.2016.6215 143
AN INNOVATIVE PATTERN BASED
PASSWORD METHOD USING TIME
VARIABLE WITH ARITHMETIC
OPERATIONS
Viral Panchal, RavirajPrajapati, Kalyani Patel
M.Sc. (CA & IT), K.S.School of Business Management, Gujarat University
Ahmedabad, Gujarat, India
ABSTRACT
In today’s world, securing the assets is necessary that can be done by password. But imagine if password is stolen or
hacked then what about the security of assets? In this Paper, we have discussed the major attacks as well as password
authentication / security methods and techniques. We have proposed a password security method, where arithmetic
operations are performed on user selected pattern from time variables to generate secure password. The task of
validating the password or authentication of user can be done on both client and server side. We have analysed how
proposed scheme defends across brute force, dictionary, phishing, shoulder surfing, key logger, video recording and
replay attacks. To the best of our knowledge, our pattern based time variable password method with arithmetic
operation is the one which is able to defend against the all major attacks together.
KEYWORDS
Pattern Based Password Method, Brute Force, Dictionary, Key Logger, Shoulder Surfing, Phishing, Video
Recording, Replay, Time Variable.
1. INTRODUCTION
Password is used for securing the assets. Passwords play an important role in daily life in various
computing applications like ATM machines, internet services, windows login, authentication in
mobiles etc.[5] The major purpose of using password is to restrict unauthorised user access to the
system. Most of the systems today rely on static passwords to verify the user’s identity. Password
may be in text, graphics or biometric. Users tend to use easy-to-guess passwords, use the same
password in multiple accounts, write the passwords or store them on their machines etc.
Furthermore, hackers have the option of using many techniques to steal passwords such as
shoulder surfing, guessing, phishing etc. There are also well known password attacks namely
brute force, dictionary, shoulder surfing, key logger, phishing, video recording, replay [2,5,8] etc.
Hackers use these most common attacks to hack the password of any system like server’s
password. This all attacks have their own characteristics to break the password. However, some
of them take some time and some of them steal the password easily in few minutes of time.
However, there are list of authentication technique available to defend the attacks namely
conventional password scheme[2,5,8], Click Patterns[2,5,8], Keystroke Dynamics[2,5,8],
Graphical Passwords [2,5,8], Biometrics [25,8], Authentication Panel [2,5,8], Reformation Based
Authentication [5,8], Moving Balls Based [5,8], Security Scheme [5,8], Expression Based
Security Scheme[5,8], Virtual Password [5,8], Time Signature [5,8] etc. These all techniques
have their own advantages and disadvantages. While studying these methods we
2. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
144
found that any one technique is not applicable for all attacks. So we have proposed new method
for securing password based on some patterns selected by users and password will be generated
by the system. This method includes time variables like date, day, month, hour, minute, seconds
for generating secure password. The pattern which is combination of time variable and
arithmetic operation which is selected by the user based on their knowledge, requirement of
confidentiality and their memory power. The method is discussed in detail in section IV of this
paper.
2. TYPES OF ATTACKS
Brute force attacks: Brute force attacks are very time consuming as searching a password from
all possibilities is a time taking process.For example, a user enters a password of 8 characters
and all characters are lower case letters, then to break the password using the brute force attack
it requires (26) combinations which is equal to 208827064576. If a single computer takes 1000
passwords to check in one second then total time will be 208827064576 / 1000 =
208827064.576 seconds which is equal to 58007.52 hours. This shows that brute force attack is
effective for smaller passwords. [5, 8]
Dictionary Attack: The attacker makes the dictionary of most commonly used words that might
have been be used as a password. The attacker then applies all these words to break the
password. The dictionary attack is faster than brute force attack, but it has some limitations too
i.e. Brute force attack contains limited words and sometimes it is unable to crack the password
because there remains a possibility that password to be cracked may not be present in the
dictionary itself. Many users generally write passwords related to the names of birds, familiar
places, famous actors names etc. These passwords can be judged by the dictionary attack. [5, 8]
Key Logger Attack: The key loggers are the software programs which monitors the user
activities by recording each and every key pressed by the user. The attacker installs the key
logger software in the user system, either by installing that software himself or by tricking out
the user to click to install that file in his (user) system. The key logger makes the log file of the
keys pressed by the user and then sends that log file to the attacker’s e-mail address. The
attacker then gets the password and can access to the target system. [5, 8]
Phishing Attack: It is a web based attack in which the attacker redirects the user to the fake
website to get passwords/ Pin Codes of the user. For example, suppose user wants to open
website say “www.yahoo.com”. The attacker redirects the user to another website e.g.
“www.yah0o.com” whose interface is similar to that of the original website to disguise the user.
The user then enters the login information which is retrieved by the attacker. The attacker then
redirects the user to the original website and logins the user with the original website. [5, 8]
Shoulder Surfing: Shoulder Surfing is an alternative name of “spying” in which the attacker
spies the user’s movements to get his/her password. In this type of attack, the attacker observes
the user; how he enters the password i.e. what keys of keyboard the user has pressed. [5, 8]
There are many variations of shoulder surfing. The attacker can use binoculars to see the user
entering the password from a distance. The attacker can listen that how many keys the user has
pressed and then the attacker uses all the possibilities related to the password length to break it.
[5]
Video Recording Attack: In such type of attack the attackers with the help of camera equipped
mobile phone or miniature camera, analyses the recorded video of users which
3. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
145
enters password. [5, 8] The attacker can use the hidden close circuit TV camera to observe the
password.
Replay Attack: It is a way to attack challenge response user authentication mechanism. The
method for this type of attack is that the attacker first enters his/her name in first login
connection. To authenticate the user, the receiving device sends the challenge to the sender. [5]
3. RELATED WORK
Research and surveys on various attacks on password or vulnerability on authentication
methods are described below with their source.
There are various password attacks and authentication techniques for user awareness [5] and
also have countermeasure for each attacks [2]. Hence there is a Two Factor Authentication
Method based on textual password as well as grid based password [8] that helps to provide
security to authentication process. There are also lot of protocols used in authentication process
that may have vulnerability, thus [6] providing protocols for login process that can keep track of
online dictionary attacks only. The virtual password concept and adoption of user-determined
randomized nonstop generation function is used for securing password attacks like shoulder
surfing, key logger, phishing only [3]. However there is a method called ‘One Time Password’
(OTP) which also provides security to authentication process against some of attacks, but it
needs more parties to be involved at the same time as well as it isbit complex and also have
vulnerability while doing mobile activation process [4]. An innovative two factor authentication
method called QRLogin which is limited to smart phone users only. The system combines the
traditional username and password with time-sensitive and One Time Password. In this method
user must have to convey to login by scanning a code with smart phone [7]. There is another
method named icon based authentication method thatis simple and sufficiently secure evenwhen
the authentication sequence being watched is proposed, but it is implemented on mobile data
terminal that provides security against shoulder surfing attacks only [9].Password must be
stored and transferred over network in encrypted form that can be done by most widely used
method named MD5.
This MD5 hash function may provide security to password from theft but not surety on
dictionary attack while it also used MD5 hash function to encrypt most common used password
stored in its dictionary[1]. Here we addressed these major types of attacks and provide method
to overcome from all problems of authentication methods and password attacks.However, our
concept is compatible with existing Key Derivation Function, Password Based Key Derivation
Function and Geo-Encryption (pass-phrase with real time GPS coordinates) [10]. It
compensates the benefits provided by KDF, PBKDF and Geo-PBKDF without consuming CPU
cycles on iteration for encryption and decryption to derive key.
4. OUR APPROCH
However, authentication/password security techniques are available for only a particular
scenario. Hence we represent our solution as follows:
4. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
146
Every system needs protection and for that the authentication is needed to be given to
authorized people to give right to access the system. The process of Authentication is consists of
three parts:
1. System
2. User_id (or User)
3. Password
To authenticate the user, System needs to verify User_id via the user’s Password which the user
provides. In this procedure, system authenticates user by using User_id and Password.
All of System, User_id, and Password are fixed. It is very reasonable that a password should be
constant for the purpose of easily remembering it. However, the price for easy to remember is,
that the password can be stolen by others and then used to access the victim’s account.
At the same time, we cannot put Password in a randomly variant form, which will make it
impossible for a user to remember the password. To confront such a challenge, we propose a
scheme using a new concept of pattern based password using time variable.
A pattern based password is a password which cannot be applied directly but instead generates a
dynamic password which is submitted to the server for authentication. A pattern based password
is composed of two parts,
1. Fixed Alphanumeric Password: - We denote it by “FA”.
2. Time Variable Password: - We denote it by “TV”.
Time Variable is different types of values of system-time which is frequently changed as per
time.
1. Day:-We denote it by “d”.
2. Month:-We denote it by “m”.
3. Year:-We denote it by “y”.
4. Hour:-We denote it by “h”.
5. Minute:-We denote it by “M”.
6. Weak day:-We denote it by “w”.
Time variable can be discrete using operation (OP) which is listed below.
1. Plus(+)
2. Minus(-)
3. Multiplication(*)
4. Modular(%)
Time variable can be discrete using operation (OP) which is listed
below. Now we have,
Password= FA + {TV} where,
FA = {0…9, a…z, A…Z, special characters}
TV = OP(t) where t = {d, m, y, h, M, w}
5. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
147
Here, TV is user specified operation on time-variable. Thus,
Password= FA +{TV1, …, TV24}
Here, 24 comes form 6*4 (6*4=24) where 6=no of TV, 4=no of OP.
The Most important thing about this method is that user can set the sequence of TV and FA as
per his/her Choice like,
FA+TV1+…+TV24
TV1+TV2+…+FA+…+TV24
TV1+…TV24+FA
The user input includes (User_id, Password), where Password is pattern based password. On the
server side, the server can also calculate Password in the same way to compare it with the
submitted password.
Here, the password which is automatically generated by system which is a combination of time
variable listed above and original password which is fixed alphanumeric. In this method user
can set the sequence of this combination by providing priority of original password as well as
pattern he/she has selected.
System Flow:
Figure 1. Flow Chart of Suggested Solution
6. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
148
Example of the method:
Figure 2. Example of our system
7. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
149
In figure 2, the user’s original password is ‘viral123’ and let pattern is‘d’. Here, d is current date
and for example value of‘d’ is 15. Select the arithmetic operation ‘+’, ‘%’, ‘-‘and ‘*’ on the
assumed pattern‘d’.
After selecting pattern and arithmetic operations, user can set the priority of pattern and original
password by dragging up and down. Finally, the password will be generated as shown in figure
2.
Figure 3. Login Page
Figure 3 illustrate stimulating time synchronization for login in our system.
Algorithm for authentication process
Step: 1 - Enter Pattern
Pattern is stored in USER_PAttern;
Step: 2 - Fetch Pattern from the database & store it in DB_PATTERN;
Step: 3 - Tokenizing the DB_PATTERN and stored it into the ARRAY_TOKEN. Step: 4
- Storing the size of array_token into variable N.
N=sizeof (ARRAY_TOKEN);
Step: 5 -
For (i=0; i<=N;i++)
{
If (ARRAY_TOKEN[i] != FA) /* e.g. FA = “abc123” */
{DIGIT=Fetching Digit from Array_token[i]; /* e.g. from d + 10, it will fatch 10 */ /* Time
Variable */
If (First Character of ARRAY_TOKEN [i] ==”d”)
{TV=value of Current DAY;}
Else If (First Character of ARRAY_TOKEN [i] ==”m”)
{TV=value of Current MONTH;}
Else If (First Character of ARRAY_TOKEN [i] ==”y”) {TV=value of Current YEAR;}
Else If (First Character of ARRAY_TOKEN [i] ==”h”){ TV=value of Current HOUR;} Else If
(First Character of ARRAY_TOKEN [i] ==”M”){TV=value of Current
MINUTE;}
Else If (First Character of ARRAY_TOKEN [i] ==”w”){TV=value of Current
WEEKDAY; }
/*Operation*/
If (Second character of ARRAY_TOKEN [i]=”+”)
{TV=TV+DIGIT; }
Else If(Second character of ARRAY_TOKEN [i]=”-”){TV=TV-DIGIT;} Else
If(Second character of ARRAY_TOKEN =”*”)
8. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
150
{TV=TV*DIGIT; }
Else If(Second character of ARRAY_TOKEN =”%”){ TV=TV%DIGIT;} }/*end
if FA*/
Else /*Pattern */
{
TV=TV + FA;
/* “+” sign is used for Concatenation */
}
FINAL_PAttern = FINAL_PAttern + TV; /*
“+” sign is used for Concatenation */
}/*end for loop */
If (USER_PAttern== FINAL_PAttern) {“
SUCCESSFUL”}
Else
{“ FAILED”}
Let us see tracing of the password authentication algorithm by taking “Date:15-8-2015,
Time:12:12:12(HH:MM:SS) , Saturday
Step:-1
USERNAME=viral@gmail.com
Step:-2
USER_PASSWORD=22viral@123120
Step:-3
DB_PASSWORD=viral@123
Step:-4
DB_PATTERN=M+10,Password,M*10
Step:-5
ARRAY_TOKEN[]={{M+10},{Password},{M*10}};
Step:-6
N=sizeof(ARRAY_TOKEN);
N=3
Step:-7
For(i=0;i<3;i++)
{
/* First Iteration when i=0(Processing First Token Which Is Pattern)*/
If(ARRAY_TOKEN[0]!=”Password”) /* Condition Become true Because
M+10!=”Password” */
{DIGIT=10 /*Extracting digit from pattern M+10 */
If(M==’d’) /* Processing First Character Of Pattern M+10 */{/*Condition False!!*/}
If(M==’m’) /* Processing First Character Of Pattern M+10 */{/*Condition False!!*/}
If(M==’y’) /* Processing First Character Of Pattern M+10 */{/*Condition False!!*/}
If(M==’H’) /* Processing First Character Of Pattern M+10 */{/*Condition False!!*/}
If(M==’M’) /* Processing First Character Of Pattern M+10 */{/*Condition True*/
TV=12; /* Current value of Minute */
}If(+==’+’) /* Processing second Character Of Pattern M+10 */
9. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
151
{/*Condition True!!*/
TV = TV + DIGIT
TV = 12 + 10; TV =
22;
}
FINAL_PASSWORD = FINAL_PASSWORD + TV;
FINAL_PASSWORD = NULL + 22;
FINAL_PASSWORD = 22;
/* Second Iteration when i=1(Processing second token which is Password)*/
if(ARRAY_TOKEN[1]!=”Password”)
{/*Condition False BecauseARRAY_TOKEN[1]=”Password” */ }
Else{TV = TV + DB_PASSWORD;
TV = viral@123}
FINAL_PASSWORD = FINAL_PASSWORD + TV;
FINAL_PASSWORD = 22 + viral@123
FINAL_PASSWORD = 22viral@123
/* Third Iteration when i=2(Processing Third token which is Pattern)*/
If(ARRAY_TOKEN[2]!=”Password”) /* Condition Become true Because
M*10!=”Password” */
{DIGIT=10 /*Extracting digit from pattern M*10 */
If(M==’d’) /* Processing First Character Of Pattern M*10 */
{/*Condition False!!*/}
If(M==’m’) /* Processing First Character Of Pattern M*10 */
{/*Condition False!!*/}
If(M==’y’) /* Processing First Character Of Pattern M*10 */
{/*Condition False!!*/}
If(M==’H’) /* Processing First Character Of
Pattern M*10 */{ /*Condition False!!*/}
If(M==’M’) /* Processing First Character Of
Pattern M*10 */
{/*Condition True*/
TV=12; /* Current value of Minute */
}
If(*==’+’) /* Processing second Character Of Pattern M*10 */
{/*Condition FAlLSE!!*/}
If(*==’-’) /* Processing second Character Of Pattern M*10 */
{/*Condition FAlLSE!!*/}
If(*==’*’) /* Processing second Character Of Pattern M*10 */
{
/*Condition TRUE*/
TV = TV * DIGIT;
TV = 12 * 10;
TV = 120;}
FINAL_PASSWORD = FINAL_PASSWORD + TV;
FINAL_PASSWORD =22viral@123 +120;
FINAL_PASSWORD = 22viral@123120;
}
} /* For Loop Ended. */
If(USER_PASSWORD==FINAL_PASSWORD) /* 22viral@123120==22viral@123120 */
{/* Condition True… */
LOGIN SUCCESSFUL…
}
10. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
152
5. STUDY OF ATTACKS ON OUR APPROCH
Our solution provides the security by defending several attacks discussed below.
Brute force Attack:The major disadvantage of Brute force Attack is it take Too much time.[5,8] In
our method password is frequently changing and it is being near too impossible for brute force
attack to attempt all the combination before the password is changed.
Dictionary Attack: The major disadvantage of Dictionary attack is it attempts only to a targeted
list of weak passwords or attempts on a limited number of key combinations that has a high
possibility of getting succeeded.[2] In our method the password is combination of pattern and
original password which is not common or simple. Thus it is not in the list of dictionary of the
attack.
Phishing Attack: In Phishing attack, Attacker gets the password through sniffing or eavesdropper
while password is transmitted over the network. But in our solution password is being frequently
updated so whatever the password is stolen by attacker it becomes useless for him.
Keylogger Attack: Key logger store each and every keystroke of the system in which password is
also included. That password can be used by attacker to attack to the system. But in our solution
password is being frequently updated so attacker couldn’t use that password for getting the access
to the system.
Shoulder Surfing Attack: In our solution Password is changed frequently so Shoulder surfing
attack can’t happen because the password which attacker gets through Shoulder Surfing is
outdated.
Video Recording Attack: Video Recording attack is making the video of user while he is entering
the password. But video also can’t get the right password because whenever attacker tries to fetch
the password from video it is already outdated.
Replay Attack: Replay attack is also can’t be successful against our solution although the password in
it is in simple text and password is being changed frequently.
Comparative Analysis
The table 1, shows the comparative analysis of different authentication techniques/methods which
helps to protect password from attacks[5]. Our method does not require any hardware as it has
resistance from all major attacks while here in this table not any method/technique that are
applicable to defend all major password attacks. However our method is for security used by
smart person. It gives high security with less effort.
11. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
153
Table 1. Comparative analysis of authentication methods
Additional
Mental
Resistance To Hardware Protection Processing
Method Cost Attitude
Attacks Require- Level Time
Effects
Ment
Conventional
Password No Normal Yes Low Fast
Scheme
Key Stroke
Shoulder Surfing,
Phishing, Key No Normal Yes Medium Medium
Dynamics
Loggers
Shoulder Surfing,
Click Patterns Phishing, Key No Normal Yes Medium Medium
Loggers
Graphical
Shoulder Surfing Yes Yes Medium Slow
Passwords
Shoulder Surfing,
Biometrics Phishing, Key Yes No High Slow
Loggers Etc
Authentication Video Recording,
No Normal Yes High Medium
Panel Shouldering
Brute Force, Video
Reformation Recording,
No Normal No Medium Fast
Based Shouldering And
Dictionary Attacks
Moving Balls Dictionary Attacks,
No Normal Yes High Medium
Based Shouldering
Brute Force, Video
Expression Recording,
No Normal Yes High Fast
Based Shouldering And
Dictionary Attacks
Virtual
Phishing, Key May
Loggers And All May Be No Medium Fast
Passwords
Other Online Attacks High
Shoulder Surfing,
Time Signature
Dictionary Attacks,
No Normal Yes High Slow
Replay Attacks, Key
Loggers Etc
6. CONCLUSIONS
The paper discussed the challenges and major attacks on password and the common techniques
which are used to protect the password. However one method or technique does not provide the
security from the majority of attacks. We have proposed the pattern based time variable password
scheme that includes some arithmetic operation on pattern. This method is totally user friendly
and the user has option to choose the pattern and arithmetic operation for generating secured
password. To the best of our knowledge, this method provides the security to the user’s password
against majority attacks. However, simplicity and security both are necessary but is difficult to
achieve both.
12. International Journal of Information Sciences and Techniques (IJIST) Vol.6, No.1/2, March 2016
154
We proposed one of the best schemes to protect password against different attacks. But in case
of social engineering our system may fail because the user itself being fool and give the
password pattern to attacker to knowingly or unknowingly. In case when user is forgets the
pattern of password, then we will propose some other authentication method for user to check
his identity and give him access to the system. In such kind of situation whatever method is used
it’s dis-advantages is also our systems disadvantage. Eg: we can use OTP (One Time Password)
to check user identity but OTP has dis-advantage that if the device is in the wrong hand in which
OTP is send then the security purpose is not being fulfilled.
REFERENCES
[1] JayeetaMajumder. "Dictionary Attack on MD5 Hash." International Journal of Engineering
Research and Applications, vol. 2, no. 3, pp. 721-724, May-June 2012.
[2] Jesudoss A, Subramaniam N.P. "A Survey On Authentication Attacks And Countermeasures In A
Distributed Environment." Indian Journal of Computer Science and Engineering (IJCSE), vol. 5,
no. 2, pp. 71-77, April-May 2014.
[3] Kanagaraj S, JavithIbramSha M, MadhanKumaran D, Rajkumar D. "Differentiated Virtual
Passwords For Protecting Users From Password Theft." International Journal of Engineering
Reserch and Science & Technology, vol. 2, no. 2, pp. 93-100, May 2013.
[4] M. VijuPrakash, P. Alwin Infant and S. JeyaShobana. "Eliminating Vulnerable Attacks Using One
Time Password and PassText – Analytical Study of Blended Schema." Universal Journal of
Computer Science and Engineering Technology vol. 1, no. 2, pp. 133-140, Nov 2010.
[5] MudassarRaza, Muhammad Iqbal, Muhammad Sharif, WaqasHaider. "A Survey of Password
Attacks and Comparative Analysis on Methods for Secure Authentication." World Applied
Sciences Journal, vol. 19, no. 4, pp. 439-444, 2012.
[6] Shabana T Pirjade, P. K. Deshmukh. "Defend Against Online Password Guessing
Attacks."International Journal of Advanced Research in Computer Sci ence and Software
Engineering, vol.4, no. 9, pp. 106-111, September 2014.
[7] SoonduckYoo, Seung-jang Shin, Dae-hyunRyu,. "An Innovative Two Factor Authentication
Method TheQRLogin System." International Journal Of Secure And Its Application, vol. 7, no. 3,
pp. 293-302, May 2013.
[8] SunainaOberoi, Harmandeep Singh "Design & Development of Two Factor Hash Based
Authentication Framework." International Journal of Computer Science and Information
Technology Research, vol. 2, no. 4, pp. 199-203, October - December 2014.
[9] Yoshihiro Kita, Fumio Sugai, MiRang Park, Naonobu Okazaki. "Proposal and its Evaluation of a
Shoulder-Surfing Attack Resistant Authentication Method:Secret Tap with Double
Shift."International Journal of Cyber-Security and Digital Forensics, vol. 2, no. 1, pp. 48-55, 2013.
[10] J.Zdziarski, Hacking and Securing IOS Applications : Stealing data, Hijacking Software & How to
Prevent , 1st ed. , O’reilly,2012
Authors
Kalyani A. Patel, (B.E., M.C.A. Ph.D.)
Currently working as an Assistant Professor M.Sc.(CA & IT), K.S. School of
business Management, Gujarat University . Her research area is: Software
Engineering, Information Security, Big Data Analytics, NLP , Information
Retrieval,
Viral Panchal
B.Sc(CA & IT) GPA:3.05
M.Sc(CA & IT) pursuing
M: 9409602632
Raviraj Prajapati
B.Sc(CA & IT) GPA:3.44
M.Sc(CA & IT) pursuing
M: 8672015134