安全:肩冲攻击很容易被阻挠

2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI:10.1109/DSNW.2013.6615517

Narayan Gowraj, S. Avireddy, P. Ravi, R. B. Subramanian, S. Prabhu

{"title":"安全:肩冲攻击很容易被阻挠","authors":"Narayan Gowraj, S. Avireddy, P. Ravi, R. B. Subramanian, S. Prabhu","doi":"10.1109/DSNW.2013.6615517","DOIUrl":null,"url":null,"abstract":"Websites have become an integral part of everyones life. The most important vulnerable issue in websites which has to be subjected to uncompromising security is user authentication. There is a good level of security when we use the conventional textual based password but memorizing these passwords is difficult when they are too long. Hence, users tend to keep password that are simple and short which compromises security and makes it vulnerable to many password cracking attacks. Users may also tend to write them down or store them inside the computer in the form of sticky notes which makes it even more vulnerable. This issue has motivated users towards an alternative solution which is the Graphical User Authentication (GUA) which makes use of images, patterns instead of plain text. However, one big issue incurred with the GUA is that it is very vulnerable to shoulder-surfing and spyware attacks. In this paper we propose a system called SAFE (Shoulder-Surfing Attacks Filibustered with Ease) that could restrict or filibuster shoulder-surfing and spyware attacks. This system uses an algorithm called as RALUT-G (Randomized Lookup Table-Generator) that generates a randomized look-up table with dynamic content for the user authentication based on its working module. We have also evaluated the efficiency and the effectiveness of our system using comprehensive experimental analysis.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"SAFE: Shoulder-surfing attack filibustered with ease\",\"authors\":\"Narayan Gowraj, S. Avireddy, P. Ravi, R. B. Subramanian, S. Prabhu\",\"doi\":\"10.1109/DSNW.2013.6615517\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Websites have become an integral part of everyones life. The most important vulnerable issue in websites which has to be subjected to uncompromising security is user authentication. There is a good level of security when we use the conventional textual based password but memorizing these passwords is difficult when they are too long. Hence, users tend to keep password that are simple and short which compromises security and makes it vulnerable to many password cracking attacks. Users may also tend to write them down or store them inside the computer in the form of sticky notes which makes it even more vulnerable. This issue has motivated users towards an alternative solution which is the Graphical User Authentication (GUA) which makes use of images, patterns instead of plain text. However, one big issue incurred with the GUA is that it is very vulnerable to shoulder-surfing and spyware attacks. In this paper we propose a system called SAFE (Shoulder-Surfing Attacks Filibustered with Ease) that could restrict or filibuster shoulder-surfing and spyware attacks. This system uses an algorithm called as RALUT-G (Randomized Lookup Table-Generator) that generates a randomized look-up table with dynamic content for the user authentication based on its working module. We have also evaluated the efficiency and the effectiveness of our system using comprehensive experimental analysis.\",\"PeriodicalId\":377784,\"journal\":{\"name\":\"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)\",\"volume\":\"60 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSNW.2013.6615517\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSNW.2013.6615517","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

网站已经成为每个人生活中不可或缺的一部分。在网站中，最重要的脆弱问题是用户身份验证，它必须受到不妥协的安全性。当我们使用传统的基于文本的密码时，有一个很好的安全级别，但是当密码太长时，记忆这些密码是困难的。因此，用户倾向于保留简单和简短的密码，这损害了安全性，使其容易受到许多密码破解攻击。用户也可能倾向于把它们写下来或以便利贴的形式存储在电脑里，这使得电脑更容易受到攻击。这个问题促使用户寻求另一种解决方案，即图形用户身份验证(GUA)，它利用图像、模式而不是纯文本。然而，GUA产生的一个大问题是，它非常容易受到肩部冲浪和间谍软件攻击。在本文中，我们提出了一个名为SAFE (Shoulder-Surfing Attacks filibuster with Ease)的系统，可以限制或阻挠肩冲浪和间谍软件攻击。该系统使用随机查找表生成器(random Lookup table - generator, RALUT-G)算法，根据其工作模块为用户身份验证生成具有动态内容的随机查找表。我们还通过综合实验分析对系统的效率和有效性进行了评估。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SAFE: Shoulder-surfing attack filibustered with ease

Websites have become an integral part of everyones life. The most important vulnerable issue in websites which has to be subjected to uncompromising security is user authentication. There is a good level of security when we use the conventional textual based password but memorizing these passwords is difficult when they are too long. Hence, users tend to keep password that are simple and short which compromises security and makes it vulnerable to many password cracking attacks. Users may also tend to write them down or store them inside the computer in the form of sticky notes which makes it even more vulnerable. This issue has motivated users towards an alternative solution which is the Graphical User Authentication (GUA) which makes use of images, patterns instead of plain text. However, one big issue incurred with the GUA is that it is very vulnerable to shoulder-surfing and spyware attacks. In this paper we propose a system called SAFE (Shoulder-Surfing Attacks Filibustered with Ease) that could restrict or filibuster shoulder-surfing and spyware attacks. This system uses an algorithm called as RALUT-G (Randomized Lookup Table-Generator) that generates a randomized look-up table with dynamic content for the user authentication based on its working module. We have also evaluated the efficiency and the effectiveness of our system using comprehensive experimental analysis.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)

自引率

0.00%

发文量