User authentication Research Papers - Academia.edu (original) (raw)

Gait recognition is a technique that identifies or verifies people based upon their walking patterns. Smartwatches, which contain an accelerometer and gyroscope have recently been used to implement gait-based biometrics. However, this... more

Gait recognition is a technique that identifies or verifies people based upon their walking patterns. Smartwatches, which contain an accelerometer and gyroscope have recently been used to implement gait-based biometrics. However, this prior work relied upon data from single sessions for both training and testing, which is not realistic and can lead to overly optimistic performance results. This paper aims to remedy some of these problems by training and evaluating a smartwatch-based biometric system on data obtained from different days. Also, it proposes an advanced feature selection approach to identify optimal features for each user. Two experiments are presented under three different scenarios: Same-Day, Mixed-Day, and Cross-Day. Competitive results were achieved (best EERs of 0.13% and 3.12% by using the Same day data for accelerometer and gyroscope respectively and 0.69% and 7.97% for the same sensors under the Cross-Day evaluation. The results show that the technology is sufficiently capable and the signals captured sufficiently discriminative to be useful in performing gait recognition.

Summary Nowadays, user authentication is one of the important topics in information security. Text-based strong password scheme can provide security to a certain degree. However, the fact that strong passwords being difficult to memorize... more

Summary Nowadays, user authentication is one of the important topics in information security. Text-based strong password scheme can provide security to a certain degree. However, the fact that strong passwords being difficult to memorize often leads their owners to write them down on papers or even save them in a computer file. Graphical authentication has been proposed as a possible alternative solution to text-based authentication, motivated particularly by the fact that humans can remember images better than text. Recently, many networks, computer system and Internet-based environments try using graphical authentication techniques as their user’s authentication. Graphical passwords have two essential aspects, usability and security. Unfortunately till now none of the proposed algorithms were able to cover both of them simultaneously. This paper presents a review on the security and usability features of graphical password authentication schemes. In this study we surveyed 23 paper...

For intelligent service robots, it is essential to recognize users in order to provide appropriate services to a correctly authenticated user. However, in robot environments in which users freely move around the robot, it is difficult to... more

For intelligent service robots, it is essential to recognize users in order to provide appropriate services to a correctly authenticated user. However, in robot environments in which users freely move around the robot, it is difficult to force users to cooperate for authentication as in traditional biometric security systems. This paper introduces a user authentication system that is designed to

In this paper we present a new Document Management System called DrStorage. This DMS is multi-platform, JCR-170 compliant, supports WebDav, versioning, user authentication and authorization and the most widespread file formats (Adobe PDF,... more

In this paper we present a new Document Management System called DrStorage. This DMS is multi-platform, JCR-170 compliant, supports WebDav, versioning, user authentication and authorization and the most widespread file formats (Adobe PDF, Microsoft Office, HTML,...). It is also easy to customize in order to enhance its search capabilities and to support automatic metadata assignment. DrStorage has been integrated with an automatic language guesser and with an automatic keyword extractor: these metadata can be assigned automatically to documents, because the DrStorage's server part has benn modified to allow that metadata assignment takes place as documents are put in the repository. Metadata can greatly improve the search capabilites and the results quality of a search engine. DrStorage's client has been customized with two search results view: the first, called timeline view, shows temporal trends of queries as an histogram, the second, keyword cloud, shows which words are ...

A new multi-modal biometric authentication approach using gait signals and fingerprint images as biometric traits is proposed. The individual comparison scores derived from the gait and fingers are normalized using four methods (min-max,... more

A new multi-modal biometric authentication approach using gait signals and fingerprint images as biometric traits is proposed. The individual comparison scores derived from the gait and fingers are normalized using four methods (min-max, z-score, median absolute deviation, tangent hyperbolic) and then four fusion approaches (simple sum, user-weighting, maximum score and minimum core) are applied. Gait samples are obtained by using a dedicated accelerometer sensor attached to the hip. The proposed method is evaluated using 7200 fingerprint images and gait samples. Fingerprints are collected by a capacitive line sensor, an optical sensor with total internal reflection and a touch-less optical sensor. The fusion results of these two biometrics show an improved performance and a large step closer for user authentication on mobile devices.

Abstract: Nowadays, user authentication is one of the important topics in information security. Text based strong password schemes could provide with certain degree of security. However, the fact that strong passwords being difficult to... more

Abstract: Nowadays, user authentication is one of the important topics in information security. Text based strong password schemes could provide with certain degree of security. However, the fact that strong passwords being difficult to memorize often leads their owners to write them down on papers or even save them in a computer file. Graphical user authentication (GUA) has been proposed as a possible alternative solution to text based authentication, motivated particularly by the fact that humans can remember images better ...

The development of communication technology have motivated the Citizen and the Government to communicate through electronic medium. For successful communication, a multifaceted electronic instrument must act as an interface between the... more

The development of communication technology have motivated the Citizen and the Government to communicate through electronic medium. For successful communication, a multifaceted electronic instrument must act as an interface between the participants, which will uniquely identify the Citizen. A brief literature review of several relevant research works further validate this concept of electronic transactions. In India though we have several instruments, which claim to uniquely identify the Citizen, non of them have proved to be efficient enough for all type of transactions. As a part of collective functioning towards problem solving approach, the authors have proposed a multivariate electronic smart card based E-Governance model. The proposed instrument named as Multipurpose Electronic Card (MEC) will attempt to uniquely identify the Citizen during various types of electronic transactions. As the complete solution of this problem is beyond the reach of an individual, to strengthen the user authentication scheme of our proposed model, we have shown the initial design for Digital Certificate based security protocols during Citizen-to-Government (C2G) type of transaction. For validation of the Citizen's identity,
initially we have used name and date of birth of the Citi zen. To further strengthen the validation process, we intend to include other vital parameters of the Citizen in near future, which will also explore future scope of research works in this field. To summarize, we can say that, the main objective of this research paper is to show the user authentication protocol using Digital Certificates, based on the vital parameters of the Citizen during Citizen -to-Government (C2G) type of proposed E-Governance transaction.

Smartwatches, which contain an accelerometer and gyroscope, have recently been used to implement gait/activity-based biometrics. However, many research questions have not been addressed in the prior work such as the training and test data... more

Smartwatches, which contain an accelerometer and gyroscope, have recently been used to implement gait/activity-based biometrics. However, many research questions have not been addressed in the prior work such as the training and test data was collected in the same day from a limited dataset, using unrealistic activities (e.g., punch) and/or the authors did not carry out any particular study to identify the most discriminative features. This paper aims to highlight the impact of these factors on the biometric performance. The acceleration and gyroscope data of the gait and game activity was captured from 60 users over multiple days, which resulted in a totally of 24 h of the user's movement. Segment-based approach was used to divide the time-series acceleration and gyroscope data. When the cross-day evaluation was applied, the best obtained EER was 0.69%, and 4.54% for the walking and game activities respectively. The EERs were significantly reduced into 0.05% and 2.35% for the above activities by introducing the majority voting schema. These results were obtained by utilizing a novel feature selection process in which the system minimizing the number of features and maximizing the discriminative information. The results have shown that smartwatch-based activity recognition has significant potential to recognize individuals in a continuous and user friendly approach.

This paper presents a security framework that continuously authenticates smart homes users in order to make sure that only authorized ones are allowed to control their Internet of Things (IoT) devices while, at the same time, preventing... more

This paper presents a security framework that continuously authenticates smart homes users in order to make sure that only authorized ones are allowed to control their Internet of Things (IoT) devices while, at the same time, preventing them in case of performing abnormal and dangerous control actions. To do so, control commands under normal operation of both users and devices, are first implicitly traced to build a One Class Support Vector Machine (OCSVM) model as a baseline from which deviations (i.e., anomalous commands) should be detected and rejected, while normal observations (i.e., normal commands) should be considered as legitimate and allowed to be executed. Experiments conducted on our artificial datasets show the efficiency of such user behavior-based approach achieving at least 95.29% and 4.12% of True Positive (TP) and False Positive (FP) rates, respectively.

With the recent advancements in technology, more and more people rely on their personal devices to store their sensitive information. Concurrently, the environment in which these devices are connected have grown to become more dynamic and... more

With the recent advancements in technology, more and more people rely on their personal devices to store their sensitive information. Concurrently, the environment in which these devices are connected have grown to become more dynamic and complex. This opens the discussion of if the current authentication methods being used in these devices are reliable enough to keep these user's information safe. This paper examines the different user authentication schemes proposed to increase the security of different devices. This article is split into two different avenues discussing authentication schemes that use either behavioral biometrics or physical-layer authentication. This survey will discuss both the advantages and challenges that arise with the accuracy, usability, and overall security of machine learning methods in these authentication systems. This article aims to improve further research in this field by exhibiting the various current authentication models, their schematics, and their results.

GRSB - guaranteed, reliable, secure broadcast - is a protocol that provides reliable and secure broadcast/multicast communications. It can be implemented in many types of networks - local area networks, wide area networks, as well as... more

GRSB - guaranteed, reliable, secure broadcast - is a protocol that provides reliable and secure broadcast/multicast communications. It can be implemented in many types of networks - local area networks, wide area networks, as well as satellite communications. The methodology used in this protocol is surprisingly simple. Three logical nodes are enforced in the network - a central retransmiter, a designated acknowledger, and a playback recorder(s). Through the coordinated service of the three nodes, every user node can be guaranteed to receive all broadcast messages in the correct temporal order. A fourth logical node, the security controller, can be added to the protocol to provide security-related services such as user authentication, message encryption, etc. In this paper, we have proposed a multilevel broadcast model of GRSB (guaranteed, reliable and secure broadcast) protocol , where 1st level broadcast mostly maintains the traditional GRSB model. 2nd level broadcast has two types of nodes where nodes of Is' kind i.e. nodes that are directly connected with the attachment nodes, can be temporarily in 'not alive' condition and hence follow the traditional GRSB model as well. On the other hand, nodes of 2nd kind i.e. nodes that are not directly connected with the attachment nodes, must be 'alive' all the time and have to follow two phases to finish the broadcast.

There are many secure authentication schemes that are secure but difficult to use. Most existing network applications authenticate users with a username and password pair. Such systems using the reusable passwords are susceptible to... more

There are many secure authentication schemes that are secure but difficult to use. Most existing network applications authenticate users with a username and password pair. Such systems using the reusable passwords are susceptible to attacks based on the theft of password. Each scheme has its merits and drawbacks (Misbahuddin, Aijaz Ahmed, & Shastri, 2006). To overcome the susceptibility in the existing applications, there is an authentication mechanism known as Two-Factor Authentication. Two-Factor Authentication is a process used to authenticate or verify the identity of a person or other entity requesting access under security constraints. It is a system wherein two different factors are used in conjunction to authenticate. Using two factors as opposed to one factor generally delivers a higher level of authentication assurance. The proposed scheme allows users to freely choose their PassFile (file password) instead of remembering the password, eliminating the problem of entering the reusable password and remembering the password. In this scheme, we proposed an efficient scheme for remote user authentication. It does not maintain verifier table and allows the user to freely choose and change their passwords. The proposed scheme provides best usability for the user in terms of PassFile without changing the existing protocol. This approach uses a smart card and is secure against identity theft, guessing attack, insider attack, stolen verifier attack, replay attack, impersonation attack, and reflection attack. The proposed achieves the mutual authentication essential for many applications.

The purpose of this paper is to present a set of well-investigated Internet of Things (IoT) security guidelines and best practices that others can use as a basis for future standards, certifications, laws, policies and/or product... more

The purpose of this paper is to present a set of well-investigated Internet of Things (IoT) security guidelines and best practices that others can use as a basis for future standards, certifications, laws, policies and/or product ratings. Most, if not all, of these guidelines would apply to any Internet- connected device; however, this paper focuses on security and privacy measures either peculiar to the IoT or especially relevant to the IoT. This paper assumes the end-to-end processing model of the Internet, in which application features such as security are handled by end nodes of the network, client and server hardware. It focuses on security mechanisms, including patching and updating, that should be considered at the manufacturing design phase rather than after devices have already been built or deployed.

User authentication is an important topic in the field of information security. To enforce security of information, passwords were introduced. Text based password is a popular authentication method used from ancient times. However text... more

User authentication is an important topic in the field of information security. To enforce security of information, passwords were introduced. Text based password is a popular authentication method used from ancient times. However text based passwords are prone to various attacks. Strong text-based password schemes could provide with certain degree of security. However, the fact that strong passwords are difficult to memorize often leads their users to write them down on papers or even save them in a computer file. Human actions such as choosing bad passwords and inputting passwords in an insecure way are regarded as the weakest link in the authentication chain. Graphical password is one of the alternative solution to alphanumeric password as it is very simple process to remember alphanumeric password. One of the major reasons behind this method implementation is that, according to psychological studies human mind can easily remember images than alphabets or digits. Graphical authentication has been proposed as a possible alternative solution to text-based authentication. A new technique of captcha and OTP is being used for the verification purpose. Three times a person is given chance to try for login if the person fails then he is blocked till the session expires. I. INTRODUCTION Initially all the web authentication was done on the basis of text password. Text password was the only system used for authentication system. But as time goes on this system finds many disadvantages to use it. As like this was not trusted as it had always threat of getting hacked. Text password always tested the memory of the user, so it wasn't good system. The basic concept of this system is simply the interaction of user with sequence of images. The basic goal of this system is to achieve higher security with simple technique to use by a user and harder to guess by a hacker. Image password authentication system is best alternative for text password. This system provides user-friendly environment for the users with a kind of image interaction. Here the password need not be a string of characters it can use few images this may be easy for the users to remember. Then the graphical password authentication system creates the great impact on authentication system, initially pass point and persuasive click point were the systems used as the alternative of the text password. A new technique of image password and OTP is being used for the verification purpose. 3 times a person is given chance to try for login if the person fails then he is blocked till the session expires. Image Password is a computer program or system intended to distinguish human from machine input, typically as a way of thwarting spam and automated extraction of data from websites. OTPs avoid a number of shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two factor authentication by ensuring that the one-time password requires access to something a person has (such as a specific cellphone).Then the Image Password input is been inserted and login is decided whether it is authenticated or not.

This paper presents a hybrid fingerprint matching al- gorithm for user authentication based on the fusion of heterogeneous schemes, and designed to run on pro- grammable smart cards. The approach is based on the well known texture vector... more

This paper presents a hybrid fingerprint matching al- gorithm for user authentication based on the fusion of heterogeneous schemes, and designed to run on pro- grammable smart cards. The approach is based on the well known texture vector and minutiae based tech- niques, where image processing and feature extraction occur on the host, while the card device performs the final

Wireless LAN technologies implemented on controller-based wireless LAN design not to mention their critical evaluation is an issue which causes a great deal of debate. Entering into a new era that the needs of technology optimization grow... more

Wireless LAN technologies implemented on controller-based wireless LAN design not to mention their critical evaluation is an issue which causes a great deal of debate. Entering into a new era that the needs of technology optimization grow rapidly, Enterprise wireless networking is meaningful to be achieved not to mention that it is considered a basic topic to be analyzed. This research is particularly outstanding for the reader because it will analyze the most important standards and protocols of wireless technology, distinctly 802.11 network tailored o business needs. It must be stressed that the wireless LAN controller-based WLAN design, and autonomous AP based wireless LAN design will be compared and contrasted. Furthermore, there will be critically evaluated related technologies including WLAN controller, CAPWAP and DTLS, user authentication - EAP and EAP methods not to mention 802.11n and 802.11ac. All the above, will be adopted and implemented on a medium company with 265 employees. There will also be provided floor plans for the two buildings and two floors that the company owes not to mention a logical diagram where all will be connected wirelessly based on national and international communication standards. Considering the factors related to this topic, the question of what specific consequences arise when addressing this theme must be elaborated.

The Internet of Things (IoT) is an extensive system of networks and connected devices with minimal human interaction and swift growth. The constraints of the System and limitations of Devices pose several challenges, including security;... more

The Internet of Things (IoT) is an extensive system of networks and connected devices with minimal human interaction and swift growth. The constraints of the System and limitations of Devices pose several challenges, including security; hence billions of devices must protect from attacks and compromises. The resource-constrained nature of IoT devices amplifies security challenges. Thus standard data communication and security measures are inefficient in the IoT environment. The ubiquity of IoT devices and their deployment in sensitive applications increase the vulnerability of any security breaches to risk lives. Hence, IoT-related security challenges are of great concern. Authentication is the solution to the vulnerability of a malicious device in the IoT environment. The proposed Multi-level Elliptic Curve Cryptography based Key Distribution and Authentication in IoT enhances the security by Multi-level Authentication when the devices enter or exit the Cluster in an IoT system. The decreased Computation Time and Energy Consumption by generating and distributing Keys using Elliptic Curve Cryptography extends the availability of the IoT devices. The Performance analysis shows the improvement over the Fast Authentication and Data Transfer method.

Abstract—The AVANTE Architecture described in this paper, implements a WBI environment based on CORBA distributed software components for course management, user authentication, collaborative work, database access, presentation, and other... more

Abstract—The AVANTE Architecture described in this paper, implements a WBI environment based on CORBA distributed software components for course management, user authentication, collaborative work, database access, presentation, and other services. ...

Goal: The present work aims to present how the use of a blockchain two-factor authentication solution 2FA on a page developed on WordPress can contribute to the information security regarding user authentication.... more

Goal: The present work aims to present how the use of a blockchain two-factor authentication solution 2FA on a page developed on WordPress can contribute to the information security regarding user authentication. Design/Methodology/Approach: The research method employed is characterized as an exploratory research, since all the analysis is based on the theoretical reference data available on the subject. A field research was carried out in relation to the implementation of the multi-factor authentication plugin Hydro Raindrop MFA, which uses blockchain technology offered by The Hydrogen Technology Corporation and the Project Hydro platform over the Ethereum network. Thus, this paper sought to present and conceptualize some of the technologies used, pointing out their contribution to information security. Results: The main results showed that the use of decentralized technology, such as blockchain and the Hydro Raindrop Plugin, can contribute considerably in the process of user authe...

In mobile banking schemes; financial services are availed and banking services are provided using mobile devices. GSM services are greatly utilized for data transmission by the technologies used in conducting mobile transactions. In their... more

In mobile banking schemes; financial services are availed and banking services are provided using mobile devices. GSM services are greatly utilized for data transmission by the technologies used in conducting mobile transactions. In their operations; these technologies send data in plaintext. Financial service providers tend to rely on the security services provided by the GSM which has been proved to be susceptible to cryptanalytic attacks. The used algorithms for crypto mechanisms are flawed leaving data carried through the network vulnerable upon interception. Operators need to take precaution by enforcing some protective measures on the information to be transmitted. This paper describes an SMS based model designed with security features to enhance data protection across mobile networks. Features for data encryption, integrity, secure entry of security details on the phone, and improved security policies in the application server are incorporated. We address issues of data confi...

A secure, user-convenient approach to authenticate users on their mobile devices is required as current approaches (e.g., PIN or Password) suffer from security and usability issues. Transparent Authentication Systems (TAS) have been... more

A secure, user-convenient approach to authenticate users on their mobile devices is required as current approaches (e.g., PIN or Password) suffer from security and usability issues. Transparent Authentication Systems (TAS) have been introduced to improve the level of security as well as offer continuous and unobtrusive authentication (i.e., user friendly) by using various behavioural biometric techniques. This paper presents the usefulness of using smartwatch motion sensors (i.e., accelerometer and gyroscope) to perform Activity Recognition for the use within a TAS. Whilst previous research in TAS has focused upon its application in computers and mobile devices, little attention is given to the use of wearable devices-which tend to be sensor-rich highly personal technologies. This paper presents a thorough analysis of the current state of the art in transparent and continuous authentication using acceleration and gyroscope sensors and a technology evaluation to determine the basis for such an approach. The best results are average Euclidean distance scores of 5.5 and 11.9 for users' intra acceleration and gyroscope signals respectively and 24.27 and 101.18 for users' inter acceleration and gyroscope activities accordingly. The findings demonstrate that the technology is sufficiently capable and the nature of the signals captured sufficiently discriminative to be useful in performing Activity Recognition.