Abstract
The prevalence of smart devices in our day-to-day activities increases the potential threat to our secret information. To counter these threats like unauthorized access and misuse of phones, only authorized users should be able to access the device. Authentication mechanism provide a secure way to safeguard the physical resources as well the information that is processed. Text-based passwords are the most common technique used for the authentication of devices, however, they are vulnerable to a certain type of attacks such as brute force, smudge and shoulder surfing attacks. Graphical Passwords (GPs) were introduced as an alternative for the conventional text-based authentication to overcome the potential threats. GPs use pictures and have been implemented in smart devices and workstations. Psychological studies reveal that humans can recognize images much easier and quicker than numeric and alphanumeric passwords, which become the basis for creating GPs. In this paper a novel Fractal-Based Authentication Technique (FBAT) has been proposed by implementing a Sierpinski triangle. In the FBAT scheme, the probability of password guessing is low making system resilient against abovementioned threats. Increasing fractal level makes the system stronger and provides security against attacks like shoulder surfing.
Highlights
Smart devices have become an intrinsic part of modern life
The methodology section explains the proposed technique, i.e., Fractal-Based Authentication Technique (FBAT), it is developed in order to mitigate the attacks that might breach the security of smart devices, e.g., shoulder surfing, brute force and smudge attacks, by combining the benefits of recognition-based and cued recall-based authentication schemes
In the Sierpinski triangle, a selected pattern with the help of a color scheme is saved in the device storage which is retrieved from the device storage during the authentication phase
Summary
Smart devices have become an intrinsic part of modern life These devices store our sensitive information like Personal Identification Numbers (PINs), contact details, pictures, important documents, and financial information [1]. Such information needs to be protected to provide security and privacy to the user. 36% users use a basic lock for the security of their phone (4-digit PIN lock) [2]. It has been observed from real-time events that many text-based passwords are not enough and can be breached to access sensitive data. British Broadcasting Corporation (BBC) reported that Superdrug online store [3], last.fm [4] and Ticketmaster [5] in the United Kingdom (UK) had all suffered from
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
