Abstract
User authentication systems (in short authentication systems) have wide utilization in our daily life. Unfortunately, existing authentication systems are prone to various attacks while both system security and usability are expected to be satisfied. But the current research still lacks a thorough survey on various types of attacks and corresponding countermeasures regarding user authentication, including traditional password-based and emerging biometric-based systems. In this paper, we make a comprehensive review on attacks and defenses of the authentication systems. We firstly introduce a number of common attacks by classifying them into different categories based on attacker knowledge, attack target, attack form and attack strength. Then, we propose a set of evaluation criteria for evaluating different kinds of attack defense mechanisms. Furthermore, we review and evaluate the existing methods of detecting and resisting attacks in the authentication systems by employing the proposed evaluation criteria as a common measure. Specifically, we focus on comparing and analyzing the performance of different defense mechanisms in different types of authentication systems. Through serious review and analysis, we put forward a number of open issues and propose some promising future research directions, hoping to inspire further research in this field.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
