A Taxonomy of Multimedia-based Graphical User Authentication for Green Internet of Things

By using standard alphanumeric passwords, attackers can easily compromise password systems through shoulder surfing or dictionary attacks. Unfortunately, the continuity of threats has been the motivator for the development of an alternative to alphanumeric password authentication systems, namely graphical passwords, which do not use alpha numeric characters, but instead images. This paper looks at the development and classification of graphical passwords. Graphical passwords can be classified into two major classes recognitional based and recall based. The pros and cons of relying on each method of graphical password authentication system are explained and an overview of the newer research and development in graphical passwords related to shoulder surfing attacks is presented. Finally, a novel password system is presented that utilizes a combination of the textual password and graphical images in order to develop an operationally secure password authentication system. The proposed password system will allow the users to register a textual password and graphical password with a movable frames grid and subsequently into a defined graphical image and produce an authentication response. Experimental results on the proposed system show that although user-friendly methods of authentication can be incorporated it will improve the security of graphical authentication against shoulder surfing attacks. Future studies in graphical passwords will also aim to determine whether these graphical passwords can also effectively secure alternate forms of user identification in different applications. Key Terms - Graphical Password Authentication, Movable Frame Scheme, Shoulder Surfing Resistance, Recognition-based Authentication, Recall-based Authentication, Image-based Password Security, AES-Rijndael Encryption, Banking Security Systems, User Authentication.

The password used to authenticate users is vulnerable to shoulder-surfing assaults, in which attackers directly observe users and steal their passwords without using any other technical upkeep. The graphical password system is regarded as a likely backup plan to the alphanumeric password system. Additionally, for system privacy and security, a number of programs make considerable use of the graphical password-based authentication method. The user chooses the image for the authentication procedure when using a graphical password. Furthermore, graphical password approaches are more secure than text-based password methods. In this paper, the effective graphical password authentication model, named as Deep Residual Network based Graphical Password is introduced. Generally, the graphical password authentication process includes three phases, namely registration, login, and authentication. The secret pass image selection and challenge set generation process is employed in the two-step registration process. The challenge set generation is mainly carried out based on the generation of decoy and pass images by performing an edge detection process. In addition, edge detection is performed using the Deep Residual Network classifier. The developed Deep Residual Network based Graphical Password algorithm outperformance than other existing graphical password authentication methods in terms of Information Retention Rate and Password Diversity Score of 0.1716 and 0.1643, respectively.

Nowadays, user authentication is one of the important topics in information security. Text-based strong password schemes could provide with certain degree of security. However, the fact that strong passwords being difficult to memorize often leads their owners to write them down on papers or even save them in a computer file. Graphical authentication has been proposed as a possible alternative solution to text-based authentication, motivated particularly by the fact that humans can remember images better than text. In recent years, many networks, computer systems and Internet-based environments try used graphical authentication technique for their user's authentication. All of graphical passwords have two different aspects which are usability and security, unfortunately none of these algorithms were not being able to cover both of these aspects at the same time. This paper presents a review on the pure and cued recall-based algorithms in graphical password authentication. On each of these algorithms the lacks and attacks are indentified. The most common lacks and attacks for recall-based algorithms are then identified and described.

A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI). For this reason, the graphical-password approach is called graphical user authentication (GUA). Graphical password schemes have been proposed as a possible alternative to text-based schemes, by the fact that humans can remember pictures better than text; Pictures are generally easier to be remembered or recognized than text. Graphical Password Authentication System provides a promising alternative to traditional alphanumeric passwords. User authentication is a fundamental part of most computer security settings. It provides support for access control and user responsibility. In Graphical Password Authentication System, users can create many points click sequence on a background image. The graphical password is a new technique that is more secure than text-based passwords. In graphical passwords, a sequence of clicks is generated to derive the password.

Internet plays a crucial role in today's life, so the usage of online social network monotonically increasing. People can share multimedia information's fastly and keep in touch or communicate with friend's easily through online social network across the world. Security in authentication is a big challenge in online social network and authentication is a preliminary process for identifying legitimate user. Conventionally, we are using alphanumeric textbased password for authentication approach. But the main flaw points of text based password is highly vulnerable to attacks and difficulty of recalling password during authentication time due to the irregular use of passwords. To overcome the shortcoming of text passwords, we propose a Graphical Password authentication. An approach of Graphical Password is an authentication of amalgam of pictures. It is less vulnerable to attacks and human can easily recall pictures better than text. So the graphical password is a better alternative to text passwords. As the image uploads are increasing by users share through online site, privacy preserving has become a major problem. So we need a Caption Based Metadata Stratification of images for delivers an automatic suggestion of similar category already in database, it works by comparing the caption metadata of album with caption metadata already in database or extract the synonyms of caption metadata of new album for checking the similarity with caption metadata already in database. This stratification offers an enhanced automatic privacy prediction for uploaded images in online social network, privacy is an inevitable factor for uploaded images, and privacy violation is a major concern. So we propose an Automatic Policy Prediction for uploaded images that are classified by caption metadata. An automatic policy prediction is a hassle-free privacy setting proposed to the user.

Nowadays, user authentication is one of the important topics in information security. Text-based strong password schemes could provide with certain degree of security. However, the fact that strong passwords being difficult to memorize often leads their owners to write them down on papers or even save them in a computer file. Graphical Password or Graphical user authentication (GUA) has been proposed as a possible alternative solution to text-based authentication, motivated particularly by the fact that humans can remember images better than text. All of Graphical Password algorithms have two different aspects which are usability and security. This paper focuses on security aspects of algorithms that most of researchers work on this part and try to define security features and attributes. Unfortunately, till now there isn’t a complete evaluation criterion for graphical password security. At first, this paper tries to study on most of GUA algorithm. Then, collects the major security attributes in GUA and proposed an evaluation criterion.

Now a days majority of computer systems, passwords are the method of choice for authenticating users. A process by which a system verifies the identity of a user is known as ‘Authentication’. Authentication may also be generalized by saying that “to authenticate” means “to authorize”. Authentication is the first line of defense against compromising confidentiality and integrity. The most widely and commonly used authentication is traditional “Username” and “Password”. For such authentication generally text (alphanumeric) is used. It is well-known, however, that passwords are susceptible to attack: users tend to choose passwords that are easy to remember, and often this means that they are also easy for an attacker to obtain by searching for candidate passwords . Token and biometric based authentication systems were introduced as an alternative for that schemes. However, these schemes are very costy . Thus, Graphical scheme was introduced as a variation to the login/password scheme. In this paper we explore an approach to user authentication that generalizes the notion of a textual password and that, in many cases, improves the security of user authentication over that provided by textual passwords. In this proposed system we have used a new technique for authentication. It is a variation to the login/password scheme using graphical password used in an graphical manner. We have introduced a framework of our proposed Graphical Password Authentication System (GPAS), which is immune to the common attacks suffered by other authentication schemes. We try to answer most important question “Are graphical passwords as secure and easy to use as text-based passwords”? Nowadays with the use of mobile phones, users can access any information including banking and corporate database. In this proposed work, we specifically target the mobile banking domain and propose a new and intelligent authentication scheme. However, our proposal can also be used in other domains where confidentiality and integrity are the major security requirements. Keywords: Authentication, security, Graphical password, mobile banking.

A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface(GUI). The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, user tends to pick a passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. In this paper, we conduct a comprehensive survey of the existing graphical password techniques and proposed a new technique. We discuss the strengths and limitations of each method and point out the future research directions in this area. And also major design and implementation issues are clearly explained. The main advantage of this method is it is difficult to hack. For example, If there are 100 images on each of the 8 pages in a 8-image password, there are 100^8 or 10 quadrillion (10,000,000,000,000,000), possible combinations that could form the graphical password. If the system has the built-in delay of only 0.1 second following the selection of each image until the selection of the next page, it would take millions of years to break into the system by hitting it with random image sequences. Therefore hacking by random combination is impossible.

These days passwords have a crucial role in the security of the system. so, these passwords must be unique and well-secured from Unauthorized access. Currently, passwords are generalized on each webpage. In today’s digital world ifit is a strong password then it makes our information more secure but this traditional method of text-based passwords which is a mix of both letters and numbers in lowercase and uppercase is very hard to remember So Graphical Passwords came into the picture. This Graphical Password Authentication is another approach to text-based Alphanumeric Passwords. In this user tiies to select the images that are available in the grid to log in to the system. The validation of Graphical Passwords is based on various authentication techniques like Recognition, Recall, and Cued Recall Techniques. Graphical Signature Password Authentication can help in overcoming many of the disadvantages faced by traditional Alphanumeiic Passwords. In this research paper, the survey on Graphical Password Authentication and providing a possible theory that can be used to authenticate ourselves and log in to the system or websites, which allows the user to set a password in the form of a graphical representation. our proposed solution deals with the disadvantages of existing systems that contain known attacks like shoulder surfing, Brute force, Guessing, and Dictionary. Graphical Password Authentication can help in overcoming many of the disadvantages faced by traditional Alphanumeric Passwords. Here as demonstrated in this research paper, is a result of our observation on Graphical Password Authentication and providing a possible theory that can be used to authenticate ourselves and login to the system or websites, which permits the user to select the pattern password in a graphical representation. our proposed solution deals with the disadvantages of existing systems which contain known attacks like shoulder surfing, Brute force, Guessing, and Dictionary.

Using AI Hans peter Wickelgren applying the usage of text-based passwords is common authentication system in any Application.This conventional authentication scheme faces some kind of limitations and drawbacks with usability and crypto-graphical security issues that bring troubles to users.For example, user tends to pick passwords that can be easily guessed.On the contrary, if a password is hard to guess, then it is often hard to remember.An alternative system is required to overcome these problems.To deal with these drawbacks, authentication scheme that use photo ,image, or set of pattern as password is proposed using knowledge Recall-Based System(KRBS).Graphical passwords consist of clicking or dragging activities on the pictures rather than typing textual characters, might be the option to overcome the problems that arise from the text-based passwords authentication system.In this paper, a comprehensive Artificial Intelligence(AI) study of the existing graphical password schemes is performed.The graphical password authentication systems are categorized into two AI approach types: An approach on recognition-based System (RBS) and second approach on Recall-based system (RCBS).We discuss adequately the strengths and limitations of each method in terms of usability and security aspects .

Authentication is most important topic in information security. Currently web applications are using text based password for authentication, but text based passwords are suffered to security and usability issues. Text passwords are vulnerable to spyware, brute force and dictionary attacks. Graphical based password is proposed to overcome vulnerabilities of text based passwords. Graphical based password authentication technique use images as a password. Psychological studies says that human mind remember images better than text. Graphical passwords are more secure than text. In this paper, we will propose recognition based graphical password scheme to provide security against spyware and shoulder surfing attacks as well as this scheme provide the two factor authentication in order to resist unauthorized users. In this scheme, at time of sign up user has to choose images from set of images given by server and at time of signing user has to recognize that images from set of images for authentication. We are using random character set generation for each image to resist shoulder surfing as well as spyware attacks. We also fetch user’s password images randomly from database to resist spyware attack.

Authentications, on web applications and service platforms such as the ones that enable collaborative information sharing and resource management, are typically handled via text based passwords. From a security usability perspective, text based passwords are easy to use and familiar to users. Text based passwords however, are prone to attacks that stem from challenges that users' face with memorability. Text-based password memorability issues pose problems for service providers on platforms where identity management is a key concern. Application examples emerge in social media, online commerce, and also in the management of critical infrastructure such as smart micro-grids. A further concern is that, large volumes of sensitive information are made available and shared on these applications and so constitute an attractive target for obtaining data in adversarial ways in order to provoke impersonation and inferential attacks, for instance. In this paper, we discuss the pros and cons of using graphical passwords instead of text-based passwords on information sharing platforms. We support our discussion by considering two graphical password schemes based on the principles of recall and cued-recall respectively which are philosophically similar to text-based passwords. Results from our proof-of-concept implementation indicate that, in comparison to text-based and recall graphical passwords, cued-recall graphical passwords are a better authentication mechanism in terms of memorability and password security.

User authentication is the process of verifying identity of a user. A user’s identity can be verified by using different types of authentication mechanisms such as text-based password, graphical password, and biometrics. Password-based authentication is the primary line of defense against intruders and cyberattacks. Text-based password is widely used for authentication purpose, but it is vulnerable to different kind of security attacks, such as brute force attack, dictionary attack, shoulder surfing attack etc. To overcome such risks, we propose a hybrid password authentication (HyPA) mechanism in this paper. In our proposed method we combine graphical password with text-based password. Using HyPA user needs to provide text-based password (alphanumerical character) along with image-based password. The analysis proves the efficiency, effectiveness, and security of HyPA. We also show that our proposed mechanism is secure against brute force attack, dictionary attack, and shoulder surfing attack.

Digital healthcare services have seen significant growth in this decade and many new technologies have been thoroughly examined to provide efficient services through secure infrastructures. The Internet of Medical Things (IoMT) revitalizes a healthcare infrastructure by creating an interconnected, intelligent, accessible, and efficient network. While there have been many studies on possible device authentication techniques for the IoMT, there is still much work to be done in user authentication to provide sustainable IoT solutions. Graphical passwords, which use visual content such as images instead of traditional text-based passwords, can help users authenticate themselves. However, current schemes have limitations. Therefore, this paper proposes a novel graphical authentication scheme that uses multiple factors to register and authenticate users using simple arithmetic operations, machine learning for hand gesture recognition, and medical images for recall purposes. The proposed method is designed to keep the authentication process simple, memorable, and robust. To evaluate the proposed scheme, we use the Post-Study System Usability Questionnaire (PSSUQ) to compare it with PIN-based and pattern-based authentication techniques. While comparing treatment and comparison groups, system quality showed a 16.7% better score, information quality a 25% increase, interface quality a 40% increase, and overall quality showed a 25% increase. The proposed method successfully revitalizes the use of graphical passwords, specifically in the field of IoMT, by developing a user-friendly, satisfying, and robust authentication scheme.

The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. To address this problem, some researchers have developed authentication methods that use pictures as passwords. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. We classify these techniques into two categories: recognition-based and recall-based approaches. We discuss the strengths and limitations of each method and point out the future research directions in this area. We also try to answer two important questions: "Are graphical passwords as secure as text-based passwords?"; "What are the major design and implementation issues for graphical passwords?" This survey will be useful for information security researchers and practitioners who are interested in finding an alternative to text-based authentication methods