期刊名称:International Journal of Engineering and Computer Science
印刷版ISSN:2319-7242
出版年度:2016
卷号:5
期号:6
页码:16785-16791
DOI:10.18535/ijecs/v5i6.10
出版社:IJECS
摘要:In general, all the keypad based authentication system having several possibilities of password guessing by means of shouldermovements. Shoulder-surfing is an attack on password authentication that has traditionally been hard to defeat. This problem has come upwith a new solution. Devising a user authentication scheme based on personal identification numbers (PINs) that is both secure and practicallyusable is a challenging problem. The greatest difficulty lies with the susceptibility of the PIN entry process to direct observational attacks, suchas human shoulder-surfing and camera-based recording. PIN entry mechanism is widely used for authenticating a user. It is a popular schemebecause it nicely balances the usability and security aspects of a system. However, if this scheme is to be used in a public system then thescheme may suffer from shoulder surfing attack. In this attack, an unauthorized user can fully or partially observe the login session. Even theactivities of the login session can be recorded which the attacker can use it later to get the actual PIN. In this paper, we propose an intelligentuser interface, known as Color Pass to resist the shoulder surfing attack so that any genuine user can enter the session PIN without disclosingthe actual PIN. The Color Pass is based on a partially observable attacker model. The experimental analysis shows that the Color Pass interfaceis safe and easy to use even for novice users
关键词:PIN; Shoulder Surfing Attack; User Interface; Partially;Observable.
