A New Dynamic Authentication Captcha Based on Negotiation Between Host and Mobile Terminal for Electronic Commerce

2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA) Pub Date : 2015-06-14 DOI:10.1109/ICICTA.2015.21

Yang Guangming, Ni Jingyu, Tan Zhenhua

{"title":"A New Dynamic Authentication Captcha Based on Negotiation Between Host and Mobile Terminal for Electronic Commerce","authors":"Yang Guangming, Ni Jingyu, Tan Zhenhua","doi":"10.1109/ICICTA.2015.21","DOIUrl":null,"url":null,"abstract":"In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.","PeriodicalId":231694,"journal":{"name":"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICTA.2015.21","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.

查看原文本刊更多论文

一种新的基于主机与移动终端协商的电子商务动态验证码

在电子商务中，特殊商品的供应不能满足用户的需求。许多用户倾向于使用恶意软件来订购稀缺商品，而不是合法的采购流程。为了解决这个问题，电子商务网站的设计者使用CAPTCHA来区分购买请求是人为的还是软件的。它不起作用，因为恶意软件(malware)可以通过特定功能识别各种CAPTCHA。因此，网站试图使用更复杂的验证码来抵御恶意软件，然而，用户也无法识别它。因此，使用CAPTCHA并不是处理鉴别问题的完美方法。本文提出了一种新的动态验证验证码(CAPTCHA)，以提高安全性并克服静态认证方案存在的局限性。本系统通过主机与移动终端之间的协商，实现人机识别。安全性分析表明，我们提出的方法可以有效地抵抗已知类型的攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)

自引率

0.00%

发文量