Intersection Attacks Research Articles

Smart Android Graphical Password Strategy: A Review

In recent years, when users across the world have embraced smart devices in greater numbers owing to recent advances and appealing applications, they have also become a target for criminals who are zealously attempting to breach protection. As a result, a significant number of attacks have been observed on these systems. As a result, several password-based authentication mechanisms have been proposed to counteract these attacks. Among them, the graphical password scheme is more consistent with smart devices, which are highly graphic-oriented. However, current graphical password schemes are vulnerable to a variety of assaults, including shoulder surfing, smudging, intersection attacks, and reflection attacks. Thus, the paper aims to review recent published papers on android smart phone graphical password and identify used techniques. Moreover, the paper analyzes results to give better understanding for users of such devices to protect their devices from unauthorized access and attacks.

Secured Routing Using Neighbour Coverage with Minimum Overhead in Ad Hoc Networks

A wireless ad hoc network is a dispersed type of wireless network. The network is called as ad hoc as it does not rely on any pre existing infrastructure. Routing decisions are ready by node itself, so the determination of which node to forward data is prepared dynamically based on network connectivity. The overhead of a route discovery cannot be neglected. In this, Neighbour coverage protocol proposes for reducing routing overhead and to utilize the neighbour coverage knowledge and the probabilistic mechanism, which can radically decrease the number of retransmissions to reduce the routing overhead, and can also improve the routing performance. Due to high mobility of nodes in ad hoc networks, there exist regular link breakages, which lead to frequent path failures and route discoveries. ALERT dynamically partitions the network field into zones and arbitrarily chooses nodes in zones as intermediate relay nodes, which form a non-traceable unsigned route. In addition, it conceals the data initiator/receiver among many initiators/receivers to build up source and destination anonymity protection. Thus, ALERT offers anonymity security to sources, destinations, and routes for effective counter intersection and timing attacks and overheads are reduced.

Secure Human Authentication with Graphical Passwords

Both alphanumeric and graphical password schemes are vulnerable to the shoulder-surfing attack. Even when authentication schemes are secure against a single shoulder-surfing attack round, they can be easily broken by intersection attacks, using multiple shoulder-surfing attacker records. To this end, in this paper we propose a graphical password-based authentication scheme to provide security against the intersection attack launched by an attacker who may record the user’s screen, mouse clicks and keyboard input with the help of video recording devices and key logging software. We analyze our scheme’s security under various threat models and show its high security guarantees. Various analysis, usability studies and comparison with the previous work highlight our scheme’s practicality and merits.

A traffic analysis attack to compute social network measures

The development of digital media, the increasing use of social networks, the easier access to modern technological devices, is perturbing thousands of people in their public and private lives. People love posting their personal news without consider the risks involved. Privacy has never been more important. Privacy enhancing technologies research have attracted considerable international attention after the recent news against users personal data protection in social media websites like Facebook. It has been demonstrated that even when using an anonymous communication system, it is possible to reveal user’s identities through intersection attacks or traffic analysis attacks. Combining a traffic analysis attack with Analysis Social Networks (SNA) techniques, an adversary can be able to obtain important data from the whole network, topological network structure, subset of social data, revealing communities and its interactions. The aim of this work is to demonstrate how intersection attacks can disclose structural properties and significant details from an anonymous social network composed of a university community.

Frontier technologies of trust computing and network security

The increasing complexity of computer systems and communication networks induces tremendous requirements for trust and security. This special issue includes topics on trusted computing, risk and reputation management, network security and survivable computer systems/networks. These issues have evolved into an active and important area of research and development. The past decade has witnessed a proliferation of concurrency and computation systems for practice of highly trust, security and privacy, which has become a key subject in determining future research and development activities in many academic and industrial branches. This special issue aims to present and discuss advances of current research and development in all aspects of trusted computing and network security. In addition, this special issue provides snapshots of contemporary academia work in the field of network trusted computing. We prepared and organized this special issue to record state-of-the-art research, novel development and trends for future insight in this domain. In this special issue, 14 papers have been accepted for publication, which demonstrate novel and original work in this field. A detailed overview of the selected works is given below.

English

Mobile Ad Hoc Networks (MANETs) using anonymous routing protocols hidden node identity and external routes having anonymity protection. Anonymous routing protocols use either hop-by-by hop encryption or redundant traffic, which generates more cost or without providing full anonymity protection to the data source and destination. It has more cost and increase for naturally resource constraint problem in MANETs particularly in multimedia wireless applications. High anonymity protection at a lower cost, we propose an unsigned Location-based competent Routing protocol. It dynamically partitions the network field into different zones and randomly chooses nodes in various zones as intermediate relay nodes, it also non traceable. It's based on counter intersection and timing attacks. It performs better route anonymity. It has self configuring infrastructure less networks. In future, the Random forwarder node replication attack will be also eliminated. To consider this attack, set up server will assign the key for each random forwarder node is generated by using the polynomial bivariate key generation scheme. The key wrapping algorithm used to protect the key from the adversary. In this paper, one way hash chain algorithm is used for key wrapping.

MLRT: AN MYSTERIOUS LOCATION BASED EFFICIENT ROUTING PROTOCOL IN MANETS

Mysterious Location-based Efficient Routing Protocol (MLRT) is an anonymous routing protocol its play a vital role in Mobile Ad hoc Networks (MANETs). MLRT provide a secure communication by hiding the node identities and preventing the traffic analysis attacks from outside observers in order to provide a mysterious protection. It dynamically partition the network into subzones till the sender and receiver are in different zones and the nodes in the zones are connected as intermediate relay nodes. It uses random relay node selection is difficult for intruder detection and dynamically generating an unpredictable routing path for a message. It maintains a time limit for message transmission due to security and control the time delay. MLRT offers mysterious protection to sources, destinations and routes. It achieves better route anonymity protection and lower cost compared to other anonymous routing protocols. It has a strategy to effectively solve the intersection attacks and avoid timing attacks because of its non-fixed routing paths for a source and destination pair. Also MLRT mainly works on Greedy Perimeter Stateless Routing (GPSR) algorithm.

Simulating and modelling the effectiveness of graphical password intersection attacks

SummaryRecognition‐based graphical passwords (RBGPs) are often proposed as an alternative user authentication mechanism. However, discussion of attack resistance often lacks quantitative examination. Establishing the efficacy of countermeasures could allow selection of an appropriate countermeasure for the level of security required by a given system. Furthermore, this information could be used to construct a model to estimate the number of intersection attacks required before success. This research contributes to these goals by establishing effective countermeasures and a model for intersection attacks. The approach involves creating a simulation of intersection attacks using five possible countermeasures and performing analysis to determine efficacy. Results show that using dummy screens does not increase the number of attacks required. It is also shown that increasing the number of challenge screens can increase and reduce the number of attacks required. Also presented is a model for RBGP schemes that can be used to estimate the number of intersection attacks required for a RBGP scheme when configuration values such as the number of challenge screens are known. This allows a quantitative choice of countermeasure for intersection attacks and a calculation that can provide a basis of comparison with other RBGP schemes, which was previously not possible. Copyright © 2013 John Wiley & Sons, Ltd.

Passive-Logging Attacks Against Anonymous Communications Systems

Using analysis, simulation, and experimentation, we examine the threat against anonymous communications posed by passive-logging attacks. In previous work, we analyzed the success of such attacks under various assumptions. Here, we evaluate the effects of these assumptions more closely. First, we analyze the Onion Routing-based model used in prior work in which a fixed set of nodes remains in the system indefinitely. We show that for this model, by removing the assumption of uniformly random selection of nodes for placement in the path, initiators can greatly improve their anonymity. Second, we show by simulation that attack times are significantly lower in practice than bounds given by analytical results from prior work. Third, we analyze the effects of a dynamic membership model, in which nodes are allowed to join and leave the system; we show that all known defenses fail more quickly when the assumption of a static node set is relaxed. Fourth, intersection attacks against peer-to-peer systems are shown to be an additional danger, either on their own or in conjunction with the predecessor attack. Finally, we address the question of whether the regular communication patterns required by the attacks exist in real traffic. We collected and analyzed the Web requests of users to determine the extent to which basic patterns can be found. We show that, for our study, frequent and repeated communication to the same Web site is common.

Using caching for browsing anonymity

Privacy-providing tools, including tools that provide anonymity, are gaining popularity in the modern world. Among the goals of their users is avoiding tracking and profiling. While some businesses are unhappy with the growth of privacy-enhancing technologies, others can use lack of information about their users to avoid unnecessary liability and even possible harassment by parties with contrary business interests, and to gain a competitive market edge.Currently, users interested in anonymous browsing have the choice only between single-hop proxies and the few more complex systems that are available. These still leave the user vulnerable to long-term intersection attacks.In this paper, we propose a caching proxy system for allowing users to retrieve data from the World-Wide Web in a way that would provide recipient unobservability by a third party and sender unobservability by the recipient and thus dispose with intersection attacks, and report on the prototype we built using Google.