CFP last date
20 December 2024
Reseach Article

Simplified Native Language Passwords for Intrusion Prevention

by Sreelatha Malempati, Shashi Mogalla
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 24 - Number 4
Year of Publication: 2011
Authors: Sreelatha Malempati, Shashi Mogalla
10.5120/2936-3891

Sreelatha Malempati, Shashi Mogalla . Simplified Native Language Passwords for Intrusion Prevention. International Journal of Computer Applications. 24, 4 ( June 2011), 44-49. DOI=10.5120/2936-3891

@article{ 10.5120/2936-3891,
author = { Sreelatha Malempati, Shashi Mogalla },
title = { Simplified Native Language Passwords for Intrusion Prevention },
journal = { International Journal of Computer Applications },
issue_date = { June 2011 },
volume = { 24 },
number = { 4 },
month = { June },
year = { 2011 },
issn = { 0975-8887 },
pages = { 44-49 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume24/number4/2936-3891/ },
doi = { 10.5120/2936-3891 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:10:07.897497+05:30
%A Sreelatha Malempati
%A Shashi Mogalla
%T Simplified Native Language Passwords for Intrusion Prevention
%J International Journal of Computer Applications
%@ 0975-8887
%V 24
%N 4
%P 44-49
%D 2011
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Authentication is necessary in multi-user systems. User name and password are used to authenticate a user. Textual passwords are most common type used for authentication. Authentication schemes that use textual passwords are vulnerable to attacks password stealing, dictionary attack and shoulder surfing. Graphical passwords provide an alternative to graphical passwords but, simple schemes are vulnerable to shoulder surfing and hidden cameras. Native language passwords can be used for authentication and the user can remember it better than any other language. A shape based textual authentication is discussed in this paper and simplification of the native language passwords is proposed. Session passwords are generated for each login, making the authentication scheme more resistant to shoulder surfing and hidden camera attacks.

References
  1. A. Adams and M. A. Sasse, "Users are not the enemy: why users compromise computer security mechanisms and how to take remedial measures," Communications of the ACM, vol. 42, pp. 41-46, 1999.
  2. A. S. Patrick, A. C. Long and S. Flinn, “HCI and Security Systems”. Presented at CHI, Extended Abstracts (Workshops). Ft. Lauderdale, Florida, USA, 2003.
  3. Gilbert Notoatmodjo, “Exploring the ‘Weakest Link’: A Study of Personal Password Security”. Thesis of Master Degree, the University of Auckland, New Zealand, 2007.
  4. R. N. Shepard, "Recognition memory for words, sentences, and pictures," Journal of Verbal Learning and Verbal Behavior, vol. 6, pp. 156-163, 1967.
  5. G. E. Blonder, “Graphical Passwords,” in Lucent Technologies, Inc., Murray Hill, NJ, U. S. Patent, Ed.United States, 1996.
  6. R. Dhamija and A Perrig, "Deja Vu: A User Study using Images For Authentication", 9th USENIX Security Symposium, 2000.
  7. RealUser. “www.realuser.com” last accessed in June 2005.
  8. Davis, D., F. Monrose, and M.K. Reiter. “On User Choice in Graphical Password Schemes” 13th USENIX Security Symposium, 2004.
  9. W. Jansen, "Authenticating Mobile Device User through Image Selection," in Data Security, 2004.
  10. W. Jansen, "Authenticating Users on Handheld Devices “in Proceedings of Canadian Information Technology Security Symposium, 2003.
  11. D. Weinshall and S. Kirkpatrick, “Passwords You’ll Never Forget, but Can’t Recall,” in Proceedings of Conference on Hman Factors in Computing Systems (CHI), Vienna, Austria: ACM, 2004.
  12. J. Goldberg, J. Hagman, V. Sazawal, "Doodling Our Way To Better Authentication", CHI '02 extended abstracts on Human Factors in Computer Systems, 2002.
  13. Jermyn, I., Mayer A., Monrose, F., Reiter,M., and Rubin., “The design and analysis of graphical passwords” in Proceedings of USENIX Security Symposium, August 1999.
  14. H. Zhao and X. Li, "S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme," in 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW 07), vol. 2. Canada, 2007, pp. 467-472.
  15. S.Man, D. Hong, and M.Mathews, "A shoulder surfing resistant graphical password scheme," in Proceedings of International conference on security and management. LasVergas, NV, 2003.
  16. A. D. Luca, R. Weiss, and H. Hussmann, "PassShape: stroke based shape passwords," in Proceedings of the conference of the computer-human interaction special interest group (CHISIG) of Australia on Computer-human interaction: design: activities, artifacts and environments. 28-30 November 2007, Adelaide, Australia, pp. 239-240.
  17. X. Suo, Y. Zhu, and G. S. Owen, "Graphical passwords: A survey," 21st Annual Computer Security Applications Conference (ASCSAC 2005). Tucson, 2005.
  18. H. Tao and C. adams, “Pass-Go: A proposal to improve the usability of graphical passwords” International Journal of Network Security, vol. 7, no. 2, pp. 273-292, 2008.
  19. H. Gao, X. Guo, X. Chen, L. Wang, and X. Liu, “YAGP: Yet another graphical password strategy”. in 24th Annual Computer Security Applications Conference, ACSAC08, California, 2008, 121-129.
  20. H. Gao, X. Liu, R. Dai, S. Wang, and X. Chang. Analysis and evaluation of the colorlogin graphical password scheme. In Fifth International Conference on Image and Graphics, 2009, 722-727.
  21. Z. Zheng, X. Liu, L. Yin, Z. Liu “A Hybrid password authentication scheme based on shape and text” Journal of Computers, vol.5, no.5 May 2010.
  22. Sreelatha Malempati and Shashi Mogalla , “ Intrusion Prevention by Native Language Password Authentication Scheme “ in Fourth International Conference on network security & Applications, CNSA 2011, India (Accepted)
Index Terms

Computer Science
Information Sciences

Keywords

Shape based authentication Textual Password Native language password Intrusion prevention