CAPTCHA AS GRAPHICAL PASSWORDS—A NEW SECURITY PRIMITIVE BASED ON HARD AI PROBLEMS ASHWINI B.

Slides:

Advertisements

Similar presentations

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

Advertisements

Trustworthy Computing in My Mind: A Case Study on Visual Password Shujun Li Visiting Student at VC Group, Microsoft Research Asia Institute of Image Processing.

Abstract Shortest distance query is a fundamental operation in large-scale networks. Many existing methods in the literature take a landmark embedding.

CONTENTS  ABSTRACT  INTRODUCTION  HARDWARE & SOFTWARE REQUIREMENTS  PROBLEM ANALYSIS  MODULES DESCRIPTION  TABLE DESIGN  ER DIAGRAM  SCREEN SHOTS.

How to Install Windows 7.

INTRUSION DETECTION SYSTEM

Presented By: Shashank Bhadauriya Varun Singh Shakti Suman.

Under the Guidance of: Mr S.Karthikeyan.MCA..  The project is entitled as “ SMS Based Student Information System” created by using Visual Basic.  Flexible.

Rebrandable & Customizable Cleaner Application Software Smart Cleaner.

ABSTRACT Before the evolution of computers, all the details in a banking systems used to be maintained manually. This is not advisable because maintenance.

Webos Submitted by Rafeek. INTRODUCTION The term "WEBOS" has been used to describe a browser-based application that provides a desktop-like environment.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

WARNINGBIRD: A Near Real-time Detection System for Suspicious URLs in Twitter Stream.

E XPLORING USABILITY EFFECTS OF INCREASING SECURITY IN CLICK - BASED GRAPHICAL PASSWORDS Elizabeth StobertElizabeth Stobert, Alain Forget, Sonia Chiasson,

Guide to Linux Installation and Administration, 2e1 Chapter 3 Installing Linux.

Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs.

GRAPHICAL PASSWORD AUTHENTICATION PRESENTED BY SUDEEP KUMAR PATRA REGD NO Under the guidance of Mrs. Chinmayee Behera.

Internal Guide: Prof S M Narayana By: Meghana(1MS07CS049) Padmavathi T(1MS07CS057) Priyanka A L(1MS07CS069) Sandeep Kumar B(1MS07CS082)

Abstract Many security primitives are based on hard math¬ematical problems. Using hard AI problems for security is emerging as an exciting new paradigm,

Process by which a system verifies the identity of a user wishes to access it. Authentication is essential for effective security.

Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen.

Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,

EAACK—A Secure Intrusion-Detection System for MANETs

INTERNAL GUIDE: BALRAJU.M BY: CH MAHESH KUMAR 07D31A1237 B.CHANDRAKANTH 07D31A1209 CH.GOWTHAM 07D31A1217 ARUN KUMAR MISHRA 07D31A1205 M.Tech.

MOBILITY BILL DEFRAYMENT

Project Overview Graduate Selection Process Project Goal Automate the Selection Process.

Project Overview Graduate Selection Process Project Goal Automate the Selection Process.

Privacy Preserving Delegated Access Control in Public Clouds.

REVISITING DEFENSES AGAINST LARGE SCALE ONLINE PASSWORD GUESSING ATTACKS Mansour Alsaleh,Mohammad Mannan and P.C van Oorschot.

Jawaharlal Nehru National College of Engineering, Shimoga – Department of Computer Science & Engineering Technical Seminar on, Under the guidance.

Participatory Privacy: Enabling Privacy in Participatory Sensing

Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.

Presenting By CH . MADHURI(12QU1D5806) Under the supervision of

Under The Guidance of Smt. Ch.Ratna Kumari Asst.Professor Submitted by M Ravi Kumar Roll No:10021F0006 M.C.A.

VIGNAN'S NIRULA INSTITUTE OF TECHNOLOGY & SCIENCE FOR WOMEN TOOLS LINKS PRESENTED BY 1.P.NAVEENA09NN1A A.SOUJANYA09NN1A R.PRASANNA09NN1A1251.

INTERNAL GUIDE: T.BENERJI BY: CH MAHESH KUMAR 07D31A1237 B.CHANDRAKANTH 07D31A1209 CH.GOWTHAM 07D31A1217 ARUN KUMAR MISHRA 07D31A1205 M.Tech( Ph.D )

Multiparty Access Control for Online Social Networks : Model and Mechanisms.

Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption.

Privacy-Preserving and Content-Protecting Location Based Queries.

Whole Test Suite Generation. Abstract Not all bugs lead to program crashes, and not always is there a formal specification to check the correctness of.

ONLINE INTRUSION ALERT AGGREGATION WITH GENERATIVE DATA STREAM MODELING.

Guided By: Prof. Rajarshree Karande JSPM’S IMPERIAL COLLEGE OF ENGINEERING & RESEARCH WAGHOLI, PUNE Group MemberRoll No. Abhijeet Aralgundkar03.

CODERS ADJUNCTION POINT Presented by, Rumana Ahmed Deeba Tazeen CSE final year.

Presented By Shrikant Ravindra Kamble MCA 3 rd year.

Library Management System. Aim : To develop a project titled “LIBRARY MANAGEMENT” and is developed to maintain the operation done in a library. To develop.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

UNIVERSITY MANAGEMENT SYSTEM

Presentation on Online Shopping

Understanding Security Policies Lesson 3. Objectives.

ONLINE DETECTION AND PREVENTION PHISHING ATTACKS

VIRTUAL NETWORK COMPUTING SUBMITTED BY:- Ankur Yadav Ashish Solanki Charu Swaroop Harsha Jain.

7/10/20161 Computer Security Protection in general purpose Operating Systems.

 Abstract  Introduction  Literature Survey  Conclusion on Literature Survey  Threat model and system architecture  Proposed Work  Attack Scenarios.

PRESENTED BY. Keywords Firewall : Any barrier that is intended to thwart the spread of a destructive agent. Computer Definition : A system designed to.

CAM: Cloud-Assisted Privacy Preserving Mobile Health Monitoring.

Secure and Practical Outsourcing of Linear Programming in Cloud Computing.

BY S.S.SUDHEER VARMA (13NT1D5816)

Understanding Security Policies

Under the Guidance of V.Rajashekhar M.Tech Assistant Professor

Authentication Schemes for Session Passwords using Color and Images

Towards Scalable Traffic Management in Cloud Data Centers

INFORMATION RETRIEVAL AND KNOWLEDGE MANAGEMENT SYSTEM

ABSTRACT Recent work has shown that sink mobility along a constrained path can improve the energy efficiency in wireless sensor networks. Due to the.

ROBUST FACE NAME GRAPH MATCHING FOR MOVIE CHARACTER IDENTIFICATION

Bin B. Zhu, Jeff Yan, Guanbo Bao, Maowei Yang, and Ning Xu

Department Of Computer Science Engineering

ONLINE ANDROID VOTING SYSTEM

ONLINE ANDROID VOTING SYSTEM

REVISITING DEFENSES AGAINST LARGE SCALE ONLINE PASSWORD GUESSING ATTACKS Mansour Alsaleh,Mohammad Mannan and P.C van Oorschot.

Computer Security Protection in general purpose Operating Systems

Presentation transcript:

CAPTCHA AS GRAPHICAL PASSWORDS—A NEW SECURITY PRIMITIVE BASED ON HARD AI PROBLEMS ASHWINI B

Abstract  Using hard AI problems for security is emerging as an exciting new paradigm, but has been underexplored.  CaRP is both a Captcha and a graphical password scheme.  CaRP offers a novel approach to address the well-known image hotspot problem in popular graphical password systems, such as PassPoints, that often leads to weak password choices.

Existing System  Using hard AI problems for security is emerging as an exciting new paradigm, but has been underexplored.  A fundamental task in security is to create cryptographic primitives based on hard mathematical problems that are computationally intractable.

Disadvantages of Existing System  This paradigm has achieved just a limited success as compared with the cryptographic primitives based on hard math problems and their wide applications. . Under this paradigm, the most notable primitive invented is Captcha, which distinguishes human users from computers by presenting a challenge.

Proposed System  CaRP is both a Captcha and a graphical password scheme. CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks.  We present exemplary CaRPs built on both text Captcha and image-recognition Captcha. One of them is a text CaRP wherein a password is a sequence of characters like a text password, but entered by clicking the right character sequence on CaRP images.  CaRP offers protection against online dictionary attacks on passwords, which have been. Defense against online dictionary attacks ifor long time a major security threat for various online services.

Advantages of Proposed System  The proposed system offers reasonable security and usability and appears to fit well with some practical applications for improving online security.  This threat is widespread and considered as a top cyber security risk.  Defense against online dictionary attacks is a more subtle problem than it might appear.

Modules  Graphical Password  Captcha in Authentication  Thwart Guessing Attacks  Security Of Underlying Captcha

Modules Description Graphical Password  In this module, Users are having authentication and security to access the detail which is presented in the Image system.  Before accessing or searching the details user should have the account in that otherwise they should register first.

Captcha in Authentication  It was introduced in [14] to use both Captcha and password in a user authentication protocol, which we call Captcha-based Password Authentication (CbPA) protocol, to counter online dictionary attacks.  The CbPA-protocol in requires solving a Captcha challenge after inputting a valid pair of user ID and password unless a valid browser cookie is received.

Thwart Guessing Attacks  In a guessing attack, a password guess tested in an unsuccessful trial is determined wrong and excluded from subsequent trials.  The number of undetermined password guesses decreases with more trials, leading to a better chance of finding the password.  No matter how secure a graphical password scheme is, the password can always be found by a brute force attack.

Security Of Underlying Captcha  Computational intractability in recognizing objects in CaRP images is fundamental to CaRP.  Existing analyses on Captcha security were mostly case by case or used an approximate process. No theoretic security model has been established yet. on.

Minimum Hardware Configuration of the proposed system  Processor : Intel/AMD  Speed : 1.1 GHz  RAM : 256 MB  Hard Disk : 20 GB  Key Board : Standard Keyboard  Mouse : Standard Mouse  Monitor : SVGA/LCD

Software Configuration of the proposed system  Operating System : Windows  Java Version: JDK 1.7/1.8  Application Server : Tomcat 7/8  Front End : HTML, Java, JSP  Scripts : JavaScript  Database : MySQL 5.5  Database Connectivity : JDBC

References  R. Biddle, S. Chiasson, and P. C. van Oorschot, “Graphical passwords: Learning from the first twelve years,” ACM Comput. Surveys, vol. 44, no. 4,  (2012, Feb.). The Science Behind Passfaces [Online]. Available:  I. Jermyn, A. Mayer, F. Monrose, M. Reiter, and A. Rubin, “The design and analysis of graphical passwords,” in Proc. 8th USENIX Security Symp., 1999, pp. 1–15.  H. Tao and C. Adams, “Pass-Go: A proposal to improve the usability of graphical passwords,” Int. J. Netw. Security, vol. 7, no. 2, pp. 273–292,  S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, “PassPoints: Design and longitudinal evaluation of a graphical password system,” Int. J. HCI, vol. 63, pp. 102–127, Jul