An Enhanced Password-Username Authentication System Using Cryptographic Hashing and Recognition Based Graphical Password
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2016, Vol 18, Issue 4
Abstract
Abstract: Password-username authentication is a critical component of today’s web application technology that is commonly used to control access to restricted resources. However, poor design, coding flaws and weakuser login credentials exposes this functionality to Sequel Query Language Injection (SQLI) and online password guessing attacks. Current techniques advanced by researchers to address authentication attacks only focus on either one of them, thus failing to envisage a scenario where the login form can be used to launch both SQLI and online password guessing attacks. To address this challenge, this paper presents an authentication solution that addresses the issue of SQLI and online password guessing attacks on login form as implemented in generic web applications. The solution combines the use of plain text credentials that are cryptographically hashed at runtime with recognition based graphical login credentials. The goal is to always guarantee access to a user account even when such account is under attack while at the same time ensuring convenient and secure login experience by legitimate users. This is achieved by blocking the Internet Protocol (IP) addresses fromwhich there are unsuccessful login attempts. Security test shows that the solution is not vulnerable to SQLI and online password guessing attacks.
Authors and Affiliations
Tivkaa, M. L , Choji, D. N , Agaji, I , Atsa‟am, D.
Keywords
Related Articles
- EP ID EP96185
- DOI -
- Views 134
- Downloads 0
Text Extraction of Vehicle Number Plate and Document Images Using Discrete Wavelet Transform in MATLAB
Text Extraction from colour images is a challenging task in computer vision. The concept of text extraction is derived from the vehicle plate recognization and their characters extractions individually. Some examples of...
Haar Wavelet Based Joint Compression Method Using Adaptive Fractal Image Compression
Abstract: We are introducing the discrete wavelet transform based joint methodology with the existing Adaptive Fractal Image Compression technique. By developing this method we will get the better quality of the image w....
Dynamic Process Scheduling and Sequencing Using Genetic Algorithm
Abstract: This paper present the implementation of genetic algorithm for operating system process scheduling. Scheduling in operating systems has a significant role in overall system performance and throughput. An...
Intelligent Phishing Website Detection and Prevention System by Using Link Guard Algorithm
Phishing is a new type of network attack where the attacker creates a replica of an existing Web page to fool users (e.g., by using specially designed e-mails or instant messages) into submitting personal, financ...
Improvised kernel graph cuts and continuous max-flow optimization scheme-for enhanced segmentation in Cervical Cancer Detection
The cervical cancer refers to the uncontrolled growth of cells in the internal lining of the cervix part that connects the uterus region to the vaginal part of the women. This cervical cancer needs to be screened for ide...