Toward the design of adaptive selection strategies for multi-factor authentication

Dasgupta, Dipankar; Roy, Arunava; Nag, Abhijit Kumar

doi:10.1016/j.cose.2016.09.004

Cited by 67 publications

(34 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To calculate and report accuracy, the output from False Rejection Rate (FRR) and False Acceptance Rate (FAR) are considered. According to [9], the industry is more towards a…”

Section: Fig 2 Steps In Proposed Schemementioning

confidence: 99%

An Accuracy of Attack Detection using Attack Recognition Technique in Multi-Factor Authentication Scheme

Ariffin,

Rahim,

Rum

2019

IJEAT

View full text Add to dashboard Cite

One popular scheme used for authentication security is the implementation of multi-factor authentication (MFA). There have been several researches that discusses on multi-factor authentication scheme but most of these research do not entirely protect data against all types of attacks. Furthermore, most current research only focuses on improving the security part of authentication while neglecting other important parts such as the systems accuracy. Accuracy is based on how perfect is the system able to identify a genuine user or an intruder. Current multifactor authentication schemes were simply not designed to have security and accuracy as their focus. Accuracy can be measured as the success rate on tasks that requires a certain degree. For instance, the number of users who is successfully logging into the system using any technique provides a measure of accuracy. Usually, accuracy demands of users are impacted by other demands such as recall of required information, environmental, or other factors. In authentication, the accuracy factor was identified through the device pairing studies. In many cases in the authentication system requires users to enter a password or biometric traits with 100 percent accuracy for comparing it. Nevertheless, this research analyzes the level of accuracy based on the biometric accuracy of authentication. In this paper will explain the evaluation process on the accuracy level of the proposed authentication to get a highly accurate performance, which is based on FAR (false acceptance rate) and FRR (false rejection rate). Result from the experiment shows that the accuracy of proposed scheme is better than the accuracy of other previous schemes. This is even after additional security features has been added to the scheme.

show abstract

“…To calculate and report accuracy, the output from False Rejection Rate (FRR) and False Acceptance Rate (FAR) are considered. According to [9], the industry is more towards a…”

Section: Fig 2 Steps In Proposed Schemementioning

confidence: 99%

An Accuracy of Attack Detection using Attack Recognition Technique in Multi-Factor Authentication Scheme

Ariffin,

Rahim,

Rum

2019

IJEAT

View full text Add to dashboard Cite

show abstract

“…One can construct a more accurate classifier and improve the confidence in a particular user session by fusing the output of different features and their individual classifiers. Fridman et al [13] studied the combination of several different behavioral context elements, selecting suitable classifiers for each of them and combining their decision outputs using Chair and Varshney's [34] Optimal Fusion Rule, to combine the decisions of multiple detectors [1], minimizing the overall error probability [35]. Bailey et al [36] used Ensemble Based Decision Level (EBDL) fusion to combine classifiers for keyboard, mouse, and GUI interaction features and concluded that EBDL fusion significantly outperformed each individual modality as well as feature fusion.…”

Section: Related Workmentioning

confidence: 99%

“…However, this authentication method exhibits some severe security threats, such as password reuse on different services, easily guessable passwords, leaking passwords, or even entire password databases leaking from badly implemented online systems. State-of-practice multifactor authentication [1] combines inherence, possession, and knowledge factors, that is, something the user is, has, and knows, leveraging hardware tokens, smart cards or biometric devices [2] to strengthen authentication, but such solutions are often perceived as cumbersome or too expensive to roll out to users.…”

Section: Introductionmentioning

confidence: 99%

“…The goal is not an enhanced smart device locking feature that would protect resources on the device itself, although this would also be feasible with the techniques presented in this paper, but rather having the ability with a mobile device to securely authenticate an individual against an online web application or service that is usually protected by an identity and access management system (such as ForgeRock's Ope-nAM [3]). The challenges we aim to address are twofold: (1) how can we first conveniently and reliably authenticate the identity of a user and (2) how can we then continuously assess the confidence in the user's identity during the application session. Indeed, in the past decade we have observed a growing interest in Active Authentication, also known as Contextaware [4], Continuous [5], or Implicit [6] Authentication.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Leveraging Battery Usage from Mobile Devices for Active Authentication

Spooren¹,

Preuveneers²,

Joosen³

2017

Mobile Information Systems

View full text Add to dashboard Cite

Active authentication is the practice of continuously verifying the identity of users, based on their context, interactions with a system, and information provided by that system. In this paper, we investigate if battery charge readings from mobile devices can be used as an extra factor to improve active authentication. We make use of a large data set of battery charge readings from real users and construct two computationally inexpensive machine learning classifiers to predict if a user session is authentic: the first one only based on the battery charge at a certain time of day; the second one predicts the authenticity of the user session when a previous, recent battery charge reading is available. Our research shows that a simple two-figure battery charge value can make a useful albeit minor contribution to active authentication.

show abstract

“…Security issues on personal information are considered as one of the most important challenges and biggest concern in today's connected world [1], [2]. Therefore, a need for a more secure online environment is highly required to obtain the trust and confidence of every user [3]. To ensure security for online services and transactions, cryptography has been severely used since it makes information indecipherable to illegitimate users [4]- [6] thus promoting a safer virtual world [7] [8].…”

Section: Introductionmentioning

confidence: 99%

Blowfish-128: A Modified Blowfish Algorithm That Supports 128-bit Block Size

2018

Proceedings of 2018 the 8th International Workshop on Computer Science and Engineering

View full text Add to dashboard Cite

Symmetric crypto-algorithms are fast and extremely secure through strong key size. Among symmetric crypto-algorithms, Blowfish has shown superiority in performance amongst others and demonstrated excellent security as it is known to have no successful attacks. However, Blowfish algorithm became unfavorable to be used because of little block size support despite being known as an unbroken algorithm. In the present study, a novel modified version of the Blowfish cryptographic algorithm designed to support 128-bits block size input using dynamic selection encryption method and reduction of cipher function execution through randomly determined rounds is introduced. Experimental results on varied input lengths revealed that the modifications improved on performance and execution time, and increased the degree of complexity, and diffusion. The modification provided an additional layer of security that makes the virtual world safer and more resilient to attacks by unauthorized parties.

show abstract

Toward the design of adaptive selection strategies for multi-factor authentication

Cited by 67 publications

References 15 publications

An Accuracy of Attack Detection using Attack Recognition Technique in Multi-Factor Authentication Scheme

An Accuracy of Attack Detection using Attack Recognition Technique in Multi-Factor Authentication Scheme

Leveraging Battery Usage from Mobile Devices for Active Authentication

Blowfish-128: A Modified Blowfish Algorithm That Supports 128-bit Block Size

Contact Info

Product

Resources

About