Relevant bibliographies by topics / Dictionary Attacks / Journal articles
To see the other types of publications on this topic, follow the link: Dictionary Attacks.

Journal articles on the topic 'Dictionary Attacks'

Author: Grafiati
Published: 4 June 2021
Last updated: 1 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Dictionary Attacks.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Kapoor, Pranav, Pratham Agrawal, and Aju D. "ANALYZING PASSWORD DECRYPTION TECHNIQUES USING DICTIONARY ATTACK." International Journal of Advanced Research 9, no. 08 (August 31, 2021): 515–23. http://dx.doi.org/10.21474/ijar01/13299.

Full text
Abstract:
To guard ourselves against a word attack or a breach, it is always important to have an awareness of the unremarkably used sorts of attacks. The most common type of attack is password guessing. Hackers can guess the passwords locally or remotely using either manually or through an automated approach. One such attack is Dictionary Attack. A dictionary attack tries to make an authentication mechanism fail by sequentially entering each word in a dictionary as a password or trying to find the decryption key of an encrypted message or document. In this paper, an empirical research on how dictionary attack works are performed. In addition to that, different techniques and approaches to the existing dictionary attacks are implemented to make the system more robust. Furthermore, a comparison of methods is performed to find which approach is better to protect the system.
APA, Harvard, Vancouver, ISO, and other styles
2

Dagelić, Ante, Toni Perković, Bojan Vujatović, and Mario Čagalj. "SSID Oracle Attack on Undisclosed Wi-Fi Preferred Network Lists." Wireless Communications and Mobile Computing 2018 (July 22, 2018): 1–15. http://dx.doi.org/10.1155/2018/5153265.

Full text
Abstract:
User’s location privacy concerns have been further raised by today’s Wi-Fi technology omnipresence. Preferred Network Lists (PNLs) are a particularly interesting source of private location information, as devices are storing a list of previously used hotspots. Privacy implications of a disclosed PNL have been covered by numerous papers, mostly focusing on passive monitoring attacks. Nowadays, however, more and more devices no longer transmit their PNL in clear, thus mitigating passive attacks. Hidden PNLs are still vulnerable against active attacks whereby an attacker mounts a fake SSID hotspot set to one likely contained within targeted PNL. If the targeted device has this SSID in the corresponding PNL, it will automatically initiate a connection with the fake hotspot thus disclosing this information to the attacker. By iterating through different SSIDs (from a predefined dictionary) the attacker can eventually reveal a big part of the hidden PNL. Considering user mobility, executing active attacks usually has to be done within a short opportunity window, while targeting nontrivial SSIDs from user’s PNL. The existing work on active attacks against hidden PNLs often neglects both of these challenges. In this paper we propose a simple mathematical model for analyzing active SSID dictionary attacks, allowing us to optimize the effectiveness of the attack under the above constraints (limited window of opportunity and targeting nontrivial SSIDs). Additionally, we showcase an example method for building an effective SSID dictionary using top-N recommender algorithm and validate our model through simulations and extensive real-life tests.
APA, Harvard, Vancouver, ISO, and other styles
3

Nam, Junghyun, Kim-Kwang Raymond Choo, Juryon Paik, and Dongho Won. "Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks." Scientific World Journal 2014 (2014): 1–15. http://dx.doi.org/10.1155/2014/802359.

Full text
Abstract:
While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.
APA, Harvard, Vancouver, ISO, and other styles
4

Lasc, Ioana, Reiner Dojen, and Tom Coffey. "A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications." International Journal of Information Security and Privacy 5, no. 1 (January 2011): 33–49. http://dx.doi.org/10.4018/jisp.2011010103.

Full text
Abstract:
Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.
APA, Harvard, Vancouver, ISO, and other styles
5

Chakrabarti, Saikat, and Mukesh Singhal. "Password-Based Authentication: Preventing Dictionary Attacks." Computer 40, no. 6 (June 2007): 68–74. http://dx.doi.org/10.1109/mc.2007.216.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Tajari Siahmarzkooh, A., J. Karimpour, and S. Lotfi. "A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks." Engineering, Technology & Applied Science Research 6, no. 6 (December 18, 2016): 1227–34. http://dx.doi.org/10.48084/etasr.937.

Full text
Abstract:
In this paper, we provide an approach to detect network dictionary attacks using a data set collected as flows based on which a clustered graph is resulted. These flows provide an aggregated view of the network traffic in which the exchanged packets in the network are considered so that more internally connected nodes would be clustered. We show that dictionary attacks could be detected through some parameters namely the number and the weight of clusters in time series and their evolution over the time. Additionally, the Markov model based on the average weight of clusters,will be also created. Finally, by means of our suggested model, we demonstrate that artificial clusters of the flows are created for normal and malicious traffic. The results of the proposed approach on CAIDA 2007 data set suggest a high accuracy for the model and, therefore, it provides a proper method for detecting the dictionary attack.
APA, Harvard, Vancouver, ISO, and other styles
7

Wang, Chenyu, and Guoai Xu. "Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card." Security and Communication Networks 2017 (2017): 1–14. http://dx.doi.org/10.1155/2017/1619741.

Full text
Abstract:
Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from offline dictionary attack or fail to achieve forward secrecy and user anonymity. It is worth mentioning that we divide offline dictionary attacks into two categories: (1) the ones using the verification from smart cards and (2) the ones using the verification from the open channel. The second is more complicated and intractable than the first type. Such distinction benefits the exploration of better design principles. We also discuss some practical solutions to the two kinds of attacks, respectively. Furthermore, we proposed a reference model to deal with the first kind of attack and proved its effectiveness by taking one of our cryptanalysis schemes as an example.
APA, Harvard, Vancouver, ISO, and other styles
8

Liu, Hui. "An Improvement Password-Based Authentication Protocol Using Smart Card." Applied Mechanics and Materials 303-306 (February 2013): 2182–85. http://dx.doi.org/10.4028/www.scientific.net/amm.303-306.2182.

Full text
Abstract:
To access resources from a remote system, the user authentication is a very important security mechanism. Among remote authentication protocol, password-based authenticated key exchange protocol is most popular since the two communication entities only shared a human-memorable password can establish a session key which is used to protected their later communication over an insecure networks. Recently, Xu Zhu proposed improved password-based protocol using smart card based on previous research. He claims that his protocol is secure against various attacks. However, Song points out that the Xu Zhu’s protocol suffers from attacks. In addition, Song gives an improved version of Xu Zhu. In this paper, we first found Song’s protocol also is vulnerable to off-line dictionary attack. Later, we extend Song’s protocol so that the extended protocol can resist to off-line dictionary attack even if an adversary captures the smart card.
APA, Harvard, Vancouver, ISO, and other styles
9

Sekhar Reddy, Y. Chandra, M. Venkateswara Rao, M. Kameswara Rao, C. V. Phaneendra Kumar, and A. Anil Sai. "Graphical Password Using Captcha." International Journal of Advances in Applied Sciences 5, no. 2 (June 1, 2016): 94. http://dx.doi.org/10.11591/ijaas.v5.i2.pp94-100.

Full text
Abstract:
In this 21st century one of the main issue to tackle was Cyber Security attack. We have numerous authentication processes like two key factor passwords, graphical passwords and many other. Text based passwords are prone to many attacks like dictionary attacks. In this paper, we have implemented a new authentication method namely; a family of graphical passwords built on Captcha technology. As graphical password addresses many security problems like online guessing attacks, relay attacks etc. Captcha is used to distinguish humans and bots. So, we use images with captcha’s as one of the authentication step along with normal alpha-numeric password. It also overcome the problems of pass points in graphical password systems.
APA, Harvard, Vancouver, ISO, and other styles
10

Wang, Chenyu, Guoai Xu, and Wenting Li. "A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment." Security and Communication Networks 2018 (2018): 1–15. http://dx.doi.org/10.1155/2018/9062675.

Full text
Abstract:
With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that (1) their description of the adversary’s abilities is inaccurate; (2) their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.
APA, Harvard, Vancouver, ISO, and other styles
11

NAMPREMPRE, C., and M. N. DAILEY. "Mitigating Dictionary Attacks with Text-Graphics Character CAPTCHAs." IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E90-A, no. 1 (January 1, 2007): 179–86. http://dx.doi.org/10.1093/ietfec/e90-a.1.179.

Full text
APA, Harvard, Vancouver, ISO, and other styles
12

Goyal, Vipul, Virendra Kumar, Mayank Singh, Ajith Abraham, and Sugata Sanyal. "A new protocol to counter online dictionary attacks." Computers & Security 25, no. 2 (March 2006): 114–20. http://dx.doi.org/10.1016/j.cose.2005.09.003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
13

Asaad, Renas R. "Penetration Testing: Wireless Network Attacks Method on Kali Linux OS." Academic Journal of Nawroz University 10, no. 1 (February 4, 2021): 7. http://dx.doi.org/10.25007/ajnu.v10n1a998.

Full text
Abstract:
This paper implements a wireless attack technique by cracking the password on kali Linux OS using Hashcat technique. This study identifies the security weakness, using brute-force attack for online attacking and straight attack for offline attacking. The brute-force attack is also recognized as a detailed search, where it attempts guessing the target password one password at a time until reaching the correct password, which is called a dictionary attack. then using hash algorithms to deal with MD5 hash algorithm and SHA-512 (Linux). In this article, we will learn about the various wireless attacks. These days, wireless networks are everywhere. With users being on the go like never before, having to remain stationary because of having to plug into an Ethernet cable to gain Internet access is not feasible. For this convenience, wireless connections are not as secure as Ethernet connections. In this article, we will explore various methods for manipulating wireless attacks and their techniques including several methods on Linux.
APA, Harvard, Vancouver, ISO, and other styles
14

Lai, Hong, Jinghua Xiao, Lixiang Li, and Yixian Yang. "Applying Semigroup Property of Enhanced Chebyshev Polynomials to Anonymous Authentication Protocol." Mathematical Problems in Engineering 2012 (2012): 1–17. http://dx.doi.org/10.1155/2012/454823.

Full text
Abstract:
We apply semigroup property of enhanced Chebyshev polynomials to present an anonymous authentication protocol. This paper aims at improving security and reducing computational and storage overhead. The proposed scheme not only has much lower computational complexity and cost in the initialization phase but also allows the users to choose their passwords freely. Moreover, it can provide revocation of lost or stolen smart card, which can resist man-in-the-middle attack and off-line dictionary attack together with various known attacks.
APA, Harvard, Vancouver, ISO, and other styles
15

Glancy, Fletcher, David P. Biros, Nan Liang, and Andy Luse. "Classification of malicious insiders and the association of the forms of attacks." Journal of Criminal Psychology 10, no. 3 (June 29, 2020): 233–47. http://dx.doi.org/10.1108/jcp-03-2020-0012.

Full text
Abstract:
Purpose The authors argue that the current studies about malicious insiders confuse the fact that malicious attacks belong to two different categories, namely, those that launch instrumental attacks and expressive attacks. The authors collect malicious insider data from publicly available sources and use text-mining techniques to analyze the association between malicious insiders’ characteristics and the different types of attack. Design/methodology/approach The authors investigated the relationship between personality characteristics and different types of malicious attacks. For the personality characteristics, the authors use the same method as Liang et al. (2016), which extracted these characteristics based on a keyword-characteristic dictionary. For different types of malicious attacks, two raters rated each case based on criteria modified from criminology research to determine the degree of expressiveness and instrumentality. Findings The results show that malicious insiders who are manipulative or seeking personal gain tend to carry out instrumental attacks. Malicious insiders who are arrogant tend to conduct expressive attacks. Research limitations/implications This study uses third party articles to identify the personality characteristics of known malicious insiders. As such, not all personality characteristics may have been reported. Data availability was an issue. Practical implications Understanding if different personality characteristics lead different types of attacks can help managers identify employees who exhibit them and mitigate an attack before it occurs. Social implications Malicious insider attacks can have devastating results on businesses and employees. Help to identify potential malicious insiders before they act, may prevent undue harm. Originality/value This study used 132 cases of none malicious insiders to examine their attack objectives. No other study that the authors know of used that many cases.
APA, Harvard, Vancouver, ISO, and other styles
16

Yeh, Kuo-Hui, N. W. Lo, Tien-Ruey Hsiang, Yi-Chun Wei, and Hung-Yi Hsieh. "Chaos Between Password-Based Authentication Protocol and Dictionary Attacks." Advanced Science Letters 19, no. 3 (March 1, 2013): 1048–51. http://dx.doi.org/10.1166/asl.2013.4864.

Full text
APA, Harvard, Vancouver, ISO, and other styles
17

Corin, Ricardo, Jeroen Doumen, and Sandro Etalle. "Analysing Password Protocol Security Against Off-line Dictionary Attacks." Electronic Notes in Theoretical Computer Science 121 (February 2005): 47–63. http://dx.doi.org/10.1016/j.entcs.2004.10.007.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Kohlios, Christopher, and Thaier Hayajneh. "A Comprehensive Attack Flow Model and Security Analysis for Wi-Fi and WPA3." Electronics 7, no. 11 (October 30, 2018): 284. http://dx.doi.org/10.3390/electronics7110284.

Full text
Abstract:
The presence of wireless communication grows undeniably more prevalent each year. Since the introduction of the IEEE 802.11 standard for Wireless Local Area Networks (WLAN) in 1997, technologies have progressed to provide wireless accessibility to industries and consumers with growing ease and convenience. As the usage of personal devices, such as phones and watches, that connect to the Internet through Wi-Fi increases, wireless attacks on users are becoming more critical. This paper provides a novel attack model to offer an organized and comprehensive view of the possible attacks on Wi-Fi latest security standards. All existing attacks will be investigated, with emphasis on more recent attacks, such as the KRACK and PMKID Dictionary attacks. The main contribution of this paper is to analyze the technology offered in the new Wi-Fi Protected Access III (WPA3) security scheme and provide the first comprehensive security analysis and discussion to determine whether it has addressed the vulnerabilities of its predecessor. An interesting finding of this paper is that WPA3 still lacks in addressing all the issues existing in WPA2 and exploring other mitigations for future research.
APA, Harvard, Vancouver, ISO, and other styles
19

Zhang, Li Hua, Li Ping Zhang, and Er Fei Bai. "Generalized Elliptic Curve Digital Signature Chain Based Authentication and Key Agreement Scheme." Advanced Materials Research 108-111 (May 2010): 1503–8. http://dx.doi.org/10.4028/www.scientific.net/amr.108-111.1503.

Full text
Abstract:
Recently, several one time password authentication schemes have been proposed. However, most one-time password authentication schemes have security flaws. In this paper, a novel one-time password authentication and key agreement scheme (EAKAS) based on elliptic curve digital signature chain is developed. The proposed scheme has the following merits password or verification table is not required in the server; users can choose or change password; it can resist off-line dictionary attacks and achieves mutual authentication; it has no system clock synchronization and no constraint of transmission delay; it can resist replay attacks, man-in-the-middle attack and insider attack; it is sensitive to password error and strong in security restoration; the session keys in proposed scheme have the feature of freshness, confidentiality, known key security and forward security. Compared with the related schemes, our proposed scheme has better security and well suited to scenarios requiring a high level security.
APA, Harvard, Vancouver, ISO, and other styles
20

Schweitzer, Dino, Jeff Boleng, Colin Hughes, and Louis Murphy. "Visualizing Keyboard Pattern Passwords." Information Visualization 10, no. 2 (November 18, 2010): 127–33. http://dx.doi.org/10.1057/ivs.2010.12.

Full text
Abstract:
Passwords are fundamental security vulnerabilities in many systems. Several researchers have investigated the trade-off between password memorability versus resiliency to cracking and have looked at alternative systems such as graphical passwords and biometrics. To create stronger passwords, many systems enforce rules regarding the required length and types of characters passwords must contain. Another suggested approach is to use passphrases to combat dictionary attacks. One common ‘trick’ used to remember passwords that conform to complex rules is to select a pattern of keys on the keyboard. Although appearing random, the pattern is easy to remember. The purpose of this research was to investigate how often patterns are used, whether patterns could be classified into common categories, and whether those categories could be used to attack and defeat pattern-based passwords. Visualization techniques were used to collect data and assist in pattern categorization. The approach successfully identified 2 out of 11 passwords in a real-world password file that were not discovered with a traditional dictionary attack. This article will present the approach used to collect and categorize patterns, and describe the resulting attack method that successfully identified passwords in a live system.
APA, Harvard, Vancouver, ISO, and other styles
21

Nam, Junghyun, Kim-Kwang Raymond Choo, Junghwan Kim, Hyun-Kyu Kang, Jinsoo Kim, Juryon Paik, and Dongho Won. "Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model." Scientific World Journal 2014 (2014): 1–11. http://dx.doi.org/10.1155/2014/825072.

Full text
Abstract:
Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.
APA, Harvard, Vancouver, ISO, and other styles
22

Xu, Meijia, Qiying Dong, Mai Zhou, Chenyu Wang, and Yangyang Liu. "Security Analysis on “Anonymous Authentication Scheme for Smart Home Environment with Provable Security”." Wireless Communications and Mobile Computing 2020 (November 14, 2020): 1–4. http://dx.doi.org/10.1155/2020/8838363.

Full text
Abstract:
As an important application of the Internet of Things, smart home has greatly facilitated our life. Since the communication channels of smart home are insecure and the transmitted data are usually sensitive, a secure and anonymous user authentication scheme is required. Numerous attempts have been taken to design such authentication schemes. Recently, Shuai et al. (Computer & Security 86(2019):132146) designed an anonymous authentication scheme for smart home using elliptic curve cryptography. They claimed that the proposed scheme is secure against various attacks and provides ideal attributes. However, we show that their scheme cannot resist inside attack and offline dictionary attack and also fails to achieve forward secrecy. Furthermore, we give some suggestions to enhance the security of the scheme. These suggestions also apply to other user authentication schemes with similar flaws.
APA, Harvard, Vancouver, ISO, and other styles
23

L.P.Ramyasri, P., D. Malathi, J. D. Dorathi Jayaseeli, and K. Senthilkumar. "Study and Development of Graphical Authentication System for Secure File Transmission." International Journal of Engineering & Technology 7, no. 4.10 (October 2, 2018): 470. http://dx.doi.org/10.14419/ijet.v7i4.10.21042.

Full text
Abstract:
The text-based password has been the most common practice from ancient days till present. Text based pass-words are also known for various threats, and it is prone to attacks like guessing attacks, dictionary attacks, social engineering attacks, brute force attacks, etc. The next immediate concept following the text based password is the graphical password schemes to improve password security and usability. In present days graphical passwords are being implemented more commonly. This approach is different from the traditional alpha numeric as it deals with images. In this paper a survey study is done to analyse various techniques used for authentication and also some of the methods for graphical authentication techniques like Pass Matrix, Cued Clicked points(CPP), CAPTCHA, Image distortion with text association, Doodle scheme, Standard recognition-based scheme, Stegno pin authentication method. Based on the existing methods, the future research can be done in order to improve security for graphical authentication.
APA, Harvard, Vancouver, ISO, and other styles
24

Selvi, P. Tamil, and N. Radha. "Palmprint and Iris based Authentication and Secure Key Exchange against Dictionary Attacks." International Journal of Computer Applications 11, no. 11 (December 10, 2010): 7–12. http://dx.doi.org/10.5120/1629-2190.

Full text
APA, Harvard, Vancouver, ISO, and other styles
25

Kumar, A. "Enhancing a Dynamic user Authentication scheme over Brute Force and Dictionary attacks." IOSR Journal of Computer Engineering 12, no. 3 (2013): 20–24. http://dx.doi.org/10.9790/0661-1232024.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

Satoh, Akihiro, Yutaka Nakamura, and Takeshi Ikenaga. "A flow-based detection method for stealthy dictionary attacks against Secure Shell." Journal of Information Security and Applications 21 (April 2015): 31–41. http://dx.doi.org/10.1016/j.jisa.2014.08.003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Narasimha, C., and M. Sreedevi. "Secured authentication using CAPTCHA and visualized passcode." International Journal of Engineering & Technology 7, no. 1.8 (February 9, 2018): 72. http://dx.doi.org/10.14419/ijet.v7i1.8.9973.

Full text
Abstract:
Numerical harms initiate many privacy characteristics like cryptography. But Artificial intelligence is the best aid for the current privacy requirements, still not properly applied for privacy issues. Now we introduce a new privacy model of privacy that uses Captcha model, in our privacy model we use both the Captcha and a visualized pass code. This model tolerates from most of the privacy attacks like dictionary attacks, keyboard logging attacks, forwarding methods, search set methods etc., This model is well suitable for either a small or large scale applications, the primary intention is improving privacy in internet technology and related services. In this methodology solving a Captcha is a challenge in every login. Finally to improve privacy for practical applications this technique is efficient.
APA, Harvard, Vancouver, ISO, and other styles
28

Curran, Kevin, and Andrew Snodgrass. "A Novel Cue based Picture Word Shape Character Password Creation Scheme." International Journal of Digital Crime and Forensics 7, no. 3 (July 2015): 37–59. http://dx.doi.org/10.4018/ijdcf.2015070103.

Full text
Abstract:
The number of internet users is growing at a rapid rate and this means users now have to remember passwords for many different accounts. The side effects of this increase of user accounts is that users are putting password usability before password security in order to remember these passwords. This paper outlines a novel password creation scheme for creating strong, secure unique passwords that are easier for users to remember on multiple sites. The scheme includes features to more easily create a secure password and recall this password, whilst including multiple layers of security against a targeted attack by an adversary. Results showed that users who did not use a scheme had a much lower login success rate for their accounts than the users who used the created scheme. They also showed that the average password length for each group of users was the same meaning the created scheme passwords in this sample has no greater protection against brute-force attacks, but in terms of dictionary and hybrid attacks the scheme passwords generally seemed to have a lot more protection.
APA, Harvard, Vancouver, ISO, and other styles
29

Van Oorschot, Paul C., and Stuart Stubblebine. "On countering online dictionary attacks with login histories and humans-in-the-loop." ACM Transactions on Information and System Security 9, no. 3 (August 2006): 235–58. http://dx.doi.org/10.1145/1178618.1178619.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Journal, Baghdad Science. "Evaluating Windows Vista user account security." Baghdad Science Journal 8, no. 2 (June 5, 2011): 419–28. http://dx.doi.org/10.21123/bsj.8.2.419-428.

Full text
Abstract:
In the current Windows version (Vista), as in all previous versions, creating a user account without setting a password is possible. For a personal PC this might be without too much risk, although it is not recommended, even by Microsoft itself. However, for business computers it is necessary to restrict access to the computers, starting with defining a different password for every user account. For the earlier versions of Windows, a lot of resources can be found giving advice how to construct passwords of user accounts. In some extent they contain remarks concerning the suitability of their solution for Windows Vista. But all these resources are not very precise about what kind of passwords the user must use. To assess the protection of passwords, it is very useful to know how effective the widely available applications for cracking passwords. This research analyzes, in which way an attacker is able to obtain the password of a Windows Vista PC. During this research the physical access to the PC is needed. This research shows that password consists of 8 characters with small letter characters and numbers can easily be cracked if it has know usual combinations. Whereas a Dictionary Attack will probably not find unusual combinations. Adding captel letter characters will make the process harder as there are several more combinations, so it will take longer time but is still feasible. Taking into account special characters it will probably take too long time and even most Dictionary Attacks will fail. For rainbow tables the size of the table has to be considered. If it is not too big, even these small passwords cannot be cracked. For longer passwords probably the simplest ones, small letter characters and numbers, can be cracked only. In this case brute force takes too long time in most cases and a dictionary will contain only a few words this long and even the rainbow tables become too large for normal use. They can only be successful if enough limitations are known and the overall size of the table can be limited.
APA, Harvard, Vancouver, ISO, and other styles
31

Choi, Jun-Ho, Chang Choi, Byeong-Kyu Ko, and Pan-Koo Kim. "Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM." Mobile Information Systems 8, no. 3 (2012): 275–86. http://dx.doi.org/10.1155/2012/605495.

Full text
Abstract:
Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.
APA, Harvard, Vancouver, ISO, and other styles
32

Rodwald, Przemysław. "Choosing a password breaking strategy with imposed time restrictions." Bulletin of the Military University of Technology 68, no. 1 (March 29, 2019): 79–100. http://dx.doi.org/10.5604/01.3001.0013.1467.

Full text
Abstract:
The aim of the article is to present the password breaking methodology in case when an attacker (forensic investigator, court expert, pen tester) has imposed time restrictions. This is a typical situation during many legal investigations where computers are seized by legal authorities but they are protected by passwords. At the beginning, the current state of law in that matter is presented, along with good practices in seizing the evidence. Then, the ways of storing static passwords in information systems are showed, after which various classes of password breaking methods are reviewed (dictionary, brute-force, rule, combinator, mask, hybrid, etc.). The most popular tools supporting this process are listed as well. The main part of the paper presents the original strategy of conducting an attack on a single hashed password with time constraints. Costs as well as economic efficiency for four different hardware solutions (laptop, gaming computer, rig with 6 GPU’s, cloud computing) are discussed. The calculations are shown on the example of two real attacks carried out by the author in the real legal cases. Keywords: passwords, breaking passwords, hash functions, computer forensics.
APA, Harvard, Vancouver, ISO, and other styles
33

Musliyana, Zuhar, Teuku Yuliar Arif, and Rizal Munadi. "Peningkatan Sistem Keamanan Autentikasi Single Sign On (SSO) Menggunakan Algoritma AES dan One-Time Password Studi Kasus: SSO Universitas Ubudiyah Indonesia." Jurnal Rekayasa Elektrika 12, no. 1 (March 25, 2016): 21. http://dx.doi.org/10.17529/jre.v12i1.2896.

Full text
Abstract:
Single Sign On (SSO) merupakan model autentikasi independen yang diimplementasikan Universitas Ubudiyah Indonesia (UUI) menggunakan Message-Digest Algorithm 5 (MD5) dan web service NuSOAP berbasis bahasa pemograman PHP. Sistem ini berjalan pada protokol Hypertext Transfer Protocol (HTTP). Faktanya penggunaan protokol HTTP ini sangat rentan terhadap berbagai jenis serangan karena data dikirim dalam bentuk plaintext tanpa ada proses enkripsi dan penerapan algoritma MD5 pada autentikasi login juga rentan terhadap serangan dictionary attacks dan rainbow tables. Disisi lain, Penggunaan web service NuSOAP juga menciptakan celah keamanan karena pengiriman dan penerimaan payload tidak dienkripsi. Saat ini diketahui sudah ada beberapa metode yang dapat digunakan untuk meningkatkan pengamanan kerentanan tersebut diantaranya yaitu menggunakan Hypertext Transfer Protocol Secure (HTTPS), Secure Hypertext Transfer Protocol (SHTTP) dan Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA). Namun beberapa hasil penelitian terkait memperlihatkan masih terdapat beberapa kelemahan dari penggunaan HTTPS, SHTTP dan CAPTCHA. Penelitian ini mengusulkan penggunaan algoritma Advanced Encryption Standard (AES) dengan pembangkit kunci dinamis dan metode One-Time Password (OTP) berbasis sinkronisasi waktu dengan kombinasi salt untuk meningkatkan keamanan pada autentikasi SSO UUI. Hasil pengujian menunjukkan penerapan algoritma AES dan OTP dapat mengamankan proses autentikasi SSO dari serangan dictionary attack dan rainbow table.
APA, Harvard, Vancouver, ISO, and other styles
34

Yang, Chao, Junwei Zhang, Jingjing Guo, Yu Zheng, Li Yang, and Jianfeng Ma. "Fingerprint Protected Password Authentication Protocol." Security and Communication Networks 2019 (June 26, 2019): 1–12. http://dx.doi.org/10.1155/2019/1694702.

Full text
Abstract:
With the rapid development of industrial Internet of things (IIOT), a variety of cloud services have been deployed to store and process the big data of IIOT. The traditional password only authentication is unable to meet the needs of security situation in IIOT. Therefore, a lot of mobile phone assisted password authentication schemes have been proposed. However, in existing schemes, the secret information is required to be stored in the user’s mobile phone. Once the phone is lost, the secret information may be obtained by the opponent, which will bring irreparable loss to the user. To address the above problems, we propose a fingerprint protected password authentication scheme which has no need to store the secret parameter in the mobile phone. When a user logs in, he uses his mobile phone to generate the private key which is used to decrypt the encrypted text generated during the registration phase. The process of generating the private key needs to enter the password and the fingerprint. When the computer interacts with the mobile phone, the user’s password will be blinded so that it can protect the user’s password from adversary’s attacks. Theoretical analysis and experimental results show that our scheme improves the security of the user’s secret. Meanwhile, our scheme can resist the opponent’s dictionary attacks, replay attacks, and phishing attack. Our scheme can reduce the storage pressure of the mobile phone and is easy to deploy.
APA, Harvard, Vancouver, ISO, and other styles
35

Sri Ram Varma, D., K. Meghana, V. Sai Deepak, and R. Murugan. "Graphical password scheme to diminish shoulder surfing." International Journal of Engineering & Technology 7, no. 1.1 (December 21, 2017): 234. http://dx.doi.org/10.14419/ijet.v7i1.1.9474.

Full text
Abstract:
Many authentication schemes are known to us but none of them are completely secure. Textual password is the most common technique used by majority of the people in the industry. But Textual passwords are vulnerable to dictionary attacks, keyloggers, brute-force attacks, even guessing may work out sometimes. Alternative authentication schemes have been proposed to overcome this problem, some of them are Biometric authentication, retina based authentication, graphical password scheme ETC., Authentication Schemes such as biometric and retina scans are too costly, so they are not always preferred. Not every graphical authentication is secure and efficient. In this paper, an authentication scheme with a combination of text and colour is proposed. This allows the user to log-in to the framework a little more secure.
APA, Harvard, Vancouver, ISO, and other styles
36

Delaune, Stéphanie, and Florent Jacquemard. "Decision Procedures for the Security of Protocols with Probabilistic Encryption against Offline Dictionary Attacks." Journal of Automated Reasoning 36, no. 1-2 (July 20, 2006): 85–124. http://dx.doi.org/10.1007/s10817-005-9017-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Puthuparambil, Arun Babu, and Jithin Jose Thomas. "Freestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks." Journal of Information Security and Applications 49 (December 2019): 102396. http://dx.doi.org/10.1016/j.jisa.2019.102396.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Youn, Taek-Young, Nam-Su Jho, Keonwoo Kim, Ku-Young Chang, and Ki-Woong Park. "Locked Deduplication of Encrypted Data to Counter Identification Attacks in Cloud Storage Platforms." Energies 13, no. 11 (May 29, 2020): 2742. http://dx.doi.org/10.3390/en13112742.

Full text
Abstract:
Deduplication of encrypted data is a significant function for both the privacy of stored data and efficient storage management. Several deduplication techniques have been designed to provide improved security or efficiency. In this study, we focus on the client-side deduplication technique, which has more advantages than the server-side deduplication technique, particularly in communication overhead, owing to conditional data transmissions. From a security perspective, poison, dictionary, and identification attacks are considered as threats against client-side deduplication. Unfortunately, in contrast to other attacks, identification attacks and the corresponding countermeasures have not been studied in depth. In identification attacks, an adversary tries to identify the existence of a specific file. Identification attacks should be countered because adversaries can use the attacks to break the privacy of the data owner. Therefore, in the literature, some counter-based countermeasures have been proposed as temporary remedies for such attacks. In this paper, we present an analysis of the security features of deduplication techniques against identification attacks and show that the lack of security of the techniques can be eliminated by providing uncertainness to the conditional responses in the deduplication protocol, which are based on the existence of files. We also present a concrete countermeasure, called the time-locked deduplication technique, which can provide uncertainness to the conditional responses by withholding the operation of the deduplication functionality until a predefined time. An additional cost for locking is incurred only when the file to be stored does not already exist in the server’s storage. Therefore, our technique can improve the security of client-side deduplication against identification attacks at almost the same cost as existing techniques, except in the case of files uploaded for the first time.
APA, Harvard, Vancouver, ISO, and other styles
39

Selvaraj, Divya, and Padmavathi Ganapathi. "Packet Payload Monitoring for Internet Worm Content Detection Using Deterministic Finite Automaton with Delayed Dictionary Compression." Journal of Computer Networks and Communications 2014 (2014): 1–9. http://dx.doi.org/10.1155/2014/206867.

Full text
Abstract:
Packet content scanning is one of the crucial threats to network security and network monitoring applications. In monitoring applications, payload of packets in a network is matched against the set of patterns in order to detect attacks like worms, viruses, and protocol definitions. During network transfer, incoming and outgoing packets are monitored in depth to inspect the packet payload. In this paper, the regular expressions that are basically string patterns are analyzed for packet payloads in detecting worms. Then the grouping scheme for regular expression matching is rewritten using Deterministic Finite Automaton (DFA). DFA achieves better processing speed during regular expression matching. DFA requires more memory space for each state. In order to reduce memory utilization, decompression technique is used. Delayed Dictionary Compression (DDC) is applied for achieving better speeds in the communication links. DDC achieves decoding latency during compression of payload packets in the network. Experimental results show that the proposed approach provides better time consumption and memory utilization during detection of Internet worm attacks.
APA, Harvard, Vancouver, ISO, and other styles
40

., Pankhuri, Akash Sinha, Gulshan Shrivastava, and Prabhat Kumar. "A Pattern-Based Multi-Factor Authentication System." Scalable Computing: Practice and Experience 20, no. 1 (March 9, 2019): 101–12. http://dx.doi.org/10.12694/scpe.v20i1.1460.

Full text
Abstract:
User authentication is an indispensable part of a secure system. The traditional authentication methods have been proved to be vulnerable to different types of security attacks. Artificial intelligence is being applied to crack textual passwords and even CAPTCHAs are being dismantled within few attempts. The use of graphical password as an alternate to the textual passwords for user authentication can be an efficient strategy. However, they have been proved to be susceptible to shoulder surfing like attacks. Advanced authentication systems such as biometrics are secure but require additional infrastructure for efficient implementation. This paper proposes a novel pattern-based multi-factor authentication scheme that uses a combination of text and images resulting for identifying the legitimate users. The proposed system has been mathematically analyzed and has been found to provide much larger password space as compared to simple text based passwords. This renders the proposed system secure against brute force and other dictionary based attacks. Moreover, the use of text along with the images also mitigates the risk of shoulder surfing.
APA, Harvard, Vancouver, ISO, and other styles
41

Mülazimoğlu, Emre, Murat P. Çakır, and Cengiz Acartürk. "The Role of Visual Features in Text-Based CAPTCHAs: An fNIRS Study for Usable Security." Computational Intelligence and Neuroscience 2021 (May 4, 2021): 1–24. http://dx.doi.org/10.1155/2021/8842420.

Full text
Abstract:
To mitigate dictionary attacks or similar undesirable automated attacks to information systems, developers mostly prefer using CAPTCHA challenges as Human Interactive Proofs (HIPs) to distinguish between human users and scripts. Appropriate use of CAPTCHA requires a setup that balances between robustness and usability during the design of a challenge. The previous research reveals that most usability studies have used accuracy and response time as measurement criteria for quantitative analysis. The present study aims at applying optical neuroimaging techniques for the analysis of CAPTCHA design. The functional Near-Infrared Spectroscopy technique was used to explore the hemodynamic responses in the prefrontal cortex elicited by CAPTCHA stimulus of varying types. The findings suggest that regions in the left and right dorsolateral and right dorsomedial prefrontal cortex respond to the degrees of line occlusion, rotation, and wave distortions present in a CAPTCHA. The systematic addition of the visual effects introduced nonlinear effects on the behavioral and prefrontal oxygenation measures, indicative of the emergence of Gestalt effects that might have influenced the perception of the overall CAPTCHA figure.
APA, Harvard, Vancouver, ISO, and other styles
42

Wang, Chenyu, Ke Ding, Bin Li, Yiming Zhao, Guoai Xu, Yanhui Guo, and Ping Wang. "An Enhanced User Authentication Protocol Based on Elliptic Curve Cryptosystem in Cloud Computing Environment." Wireless Communications and Mobile Computing 2018 (October 1, 2018): 1–13. http://dx.doi.org/10.1155/2018/3048697.

Full text
Abstract:
With the popularity of cloud computing, information security issues in the cloud environment are becoming more and more prominent. As the first line of defense to ensure cloud computing security, user authentication has attracted extensive attention. Though considerable efforts have been paid for a secure and practical authentication scheme in cloud computing environment, most attempts ended in failure. The design of a secure and efficient user authentication scheme for cloud computing remains a challenge on the one hand and user’s smart card or mobile devices are of limited resource; on the other hand, with the combination of cloud computing and the Internet of Things, applications in cloud environments often need to meet various security requirements and are vulnerable to more attacks. In 2018, Amin et al. proposed an enhanced user authentication scheme in cloud computing, hoping to overcome the identified security flaws of two previous schemes. However, after a scrutinization of their scheme, we revealed that it still suffers from the same attacks (such as no user anonymity, no forward secrecy, and being vulnerable to offline dictionary attack) as the two schemes they compromised. Consequently, we take the scheme of Amin et al. (2018) as a study case, we discussed the inherent reason and the corresponding solutions to authentication schemes for cloud computing environment in detail. Next, we not only proposed an enhanced secure and efficient scheme, but also explained the design rationales for a secure cloud environment protocol. Finally, we applied BAN logic and heuristic analysis to show the security of the protocol and compared our scheme with related schemes. The results manifest the superiority of our scheme.
APA, Harvard, Vancouver, ISO, and other styles
43

Kamboj, Minakshi, and Sanjeev Rana. "Toward Improving Secret Sharing Scheme Based on Encryption in Cloud Computing Environment." Journal of Computational and Theoretical Nanoscience 17, no. 6 (June 1, 2020): 2669–73. http://dx.doi.org/10.1166/jctn.2020.8964.

Full text
Abstract:
Flexibility, acceptance of hire of Cloud Computing, control facilities originates a number of challenges. In precise, safety has been widely conveyed to create the key issues which stop movement to the cloud. Shamir’s Secret Sharing Scheme splits the secret message into n shares with threshold k and distribution of shares to n participants and each participant has unique share of secret message. For reconstructing the secret message, minimum k fragments are required. Threshold scheme which requires only k shares to re-construct the secret message is implemented, as collection of shares from all the n participants to reconstruct the secret message may be unfeasible. AES encryption turns out to be totally inappropriate if a password is used as an alternative of providing the key. The attacker finds file, downloads Ax crypt, and brute force/dictionary attacks it until it’s cracked. An additional security can provided to user password which of varying length by splitting the password into n shares. Advance Encryption Standard (AES) procedure is implemented to encipher the produced shares. AES with 256-bit key is applied to encode the share for every member. Covering arrangement alternative to Boolean masking established on Shamir’s Secret Sharing arrangement is suggested.
APA, Harvard, Vancouver, ISO, and other styles
44

Ballesteros, Juan. "SEGURIDAD EN REDES INALÁMBRICAS DE ACCESO LOCAL BAJO PARÁMETROS DE USO DE HERRAMIENTAS LIBRES." Revista Cientifica TECNIA 26, no. 1 (November 28, 2016): 57. http://dx.doi.org/10.21754/tecnia-26012016.06.

Full text
Abstract:
RESUMENEn este documento se presenta una auditoria en redes bajo funcionamiento en protocolo IEEE 802.11xx, redesutilizadas para la comunicación entre dispositivos en casa y oficina para verificar la seguridad que garantizan lasmismas; para este propósito se utilizó software libre que funciona bajo sistema operativo Linux, específicamentela suite de Aircrack; se presenta la auditoria a las redes que funcionan con encriptación WEP y WPA, populares yutilizadas en redes inalámbricas de este tipo; de manera transversal se muestran los diferentes tipos de ataquesdisponibles por mencionar sniffers, ataques de denegación de servicio y autenticaciones falsas con clonación dedirecciones MAC, particularmente.Palabras clave.- Wife, Welan, Inalámbrico, Wpa Wep.ABSTRACTIn this paper we present an audit IEEE 802.11x networks to check how secure these networks are for use in thehome and office, will be used for this purpose free software Linux with aircrack suite, tests were done for the2 encryptions WEP and WPA these popular encryptions for security in wireless networks, also show differentforms to develop attacks for example denial of service sniffers, fake authentication, etc. The dictionary attack isthe most popular and will be the starting point for the audit, but it is important also to mention other equallyeffective methods to develop this attack.Key words.- Wife, Wlan, Wireless, Wpa Wep.
APA, Harvard, Vancouver, ISO, and other styles
45

Ballesteros, Juan, and Fabián Chaparro. "SEGURIDAD EN REDES INALÁMBRICAS DE ACCESO LOCAL BAJO PARÁMETROS DE USO DE HERRAMIENTAS LIBRES." Revista Cientifica TECNIA 26, no. 1 (November 28, 2016): 57. http://dx.doi.org/10.21754/tecnia.v26i1.7.

Full text
Abstract:
RESUMENEn este documento se presenta una auditoria en redes bajo funcionamiento en protocolo IEEE 802.11xx, redesutilizadas para la comunicación entre dispositivos en casa y oficina para verificar la seguridad que garantizan lasmismas; para este propósito se utilizó software libre que funciona bajo sistema operativo Linux, específicamentela suite de Aircrack; se presenta la auditoria a las redes que funcionan con encriptación WEP y WPA, populares yutilizadas en redes inalámbricas de este tipo; de manera transversal se muestran los diferentes tipos de ataquesdisponibles por mencionar sniffers, ataques de denegación de servicio y autenticaciones falsas con clonación dedirecciones MAC, particularmente.Palabras clave.- Wife, Welan, Inalámbrico, Wpa Wep.ABSTRACTIn this paper we present an audit IEEE 802.11x networks to check how secure these networks are for use in thehome and office, will be used for this purpose free software Linux with aircrack suite, tests were done for the2 encryptions WEP and WPA these popular encryptions for security in wireless networks, also show differentforms to develop attacks for example denial of service sniffers, fake authentication, etc. The dictionary attack isthe most popular and will be the starting point for the audit, but it is important also to mention other equallyeffective methods to develop this attack.Keywords.- Wife, Wlan, Wireless, Wpa Wep.
APA, Harvard, Vancouver, ISO, and other styles
46

Hamid, S., N. Z. Bawany, and S. Khan. "AcSIS: Authentication System Based on Image Splicing." Engineering, Technology & Applied Science Research 9, no. 5 (October 9, 2019): 4808–12. http://dx.doi.org/10.48084/etasr.3060.

Full text
Abstract:
Text-based passwords are widely used for the authentication of digital assets. Typically, password security and usability is a trade-off, i.e. easy-to-remember passwords have higher usability that makes them vulnerable to brute-force and dictionary attacks. Complex passwords have stronger security but poor usability. In order to strengthen the security in conjunction with the improved usability, we hereby propose a novel graphical authentication system. This system is a picture-based password scheme which comprises of the method of image splicing. Authentication data were collected from 33 different users. The usability of the method was evaluated via a comparison between the number of correct and incorrect authentication attempts and time taken. Additionally, a comparison was made between our proposed method and a complex text-based password authentication method using the authentication success rate. Authentication using image splicing proved to be resilient to brute-force attacks since the processing of images consumes a voluminous password space. The evaluation of the usability revealed that graphical passwords were easy-to-remember, resulting in a higher number of correct attempts. The proposed method produced 50% higher success rate compared to the text-based method. Findings motivate the use of the proposed method for securing digital assets.
APA, Harvard, Vancouver, ISO, and other styles
47

Wise, Robert A., Julie A. Anderson, Pierre Amarenco, Nicholas J. Cowans, Courtney Crim, Martin A. Denvir, Camilo R. Gomez, et al. "Adjudication of cardiovascular events in patients with chronic obstructive pulmonary disease: SUMMIT trial." Clinical Trials 17, no. 4 (May 22, 2020): 430–36. http://dx.doi.org/10.1177/1740774520920897.

Full text
Abstract:
Background: Adjudicated cause-specific mortality has been used in major trials of chronic obstructive pulmonary disease. However, there is less experience with adjudicated major adverse cardiovascular events as a key efficacy outcome in chronic obstructive pulmonary disease trials. The Study to Understand Mortality and Morbidity in chronic obstructive pulmonary disease trial required a Clinical Endpoint Committee to adjudicate the outcomes of modified major adverse cardiovascular events and cause-specific mortality. Methods and results: A six-member Clinical Endpoint Committee reviewed adverse event and serious adverse event reports included in a list of 204 Medical Dictionary for Regulatory Activities terms. Adverse events were triaged by one Clinical Endpoint Committee member, and then reviewed by three reviewers (round 1). If these three disagreed on the adjudication, the event was discussed by the full committee to reach a consensus (round 2). Among 16,485 participants, 48,105 adverse events were reported, among which 3314 were reviewed by the Clinical Endpoint Committee. After triage, 1827 were adjudicated in round 1; 338 required committee consensus in round 2, yielding 450 myocardial infarctions, strokes, unstable anginas or transient ischaemic attacks. Only 20/1627 (1%) non-serious adverse events were adjudicated as cardiovascular events. Only 45/204 Medical Dictionary for Regulatory Activities terms reviewed yielded cardiovascular events. A total of 430 deaths were adjudicated in round 1 and 631 in round 2, yielding 459 cardiovascular deaths. Adjudication of chest pain and sudden death often required additional information from site investigators. Site assessment of cardiovascular death was moderately specific (501/602 = 83%) but not sensitive (256/459 = 56%). Conclusion: A Clinical Endpoint Committee is useful for adjudication of major adverse cardiovascular events in chronic obstructive pulmonary disease trials but requires considerable resources and effort by investigators. This process can be streamlined by reviewing only serious adverse events and filtering by selected Medical Dictionary for Regulatory Activities terms.
APA, Harvard, Vancouver, ISO, and other styles
48

Bouzelat, H., F. A. Allaert, A. M. Benhamiche, J. Faivre, L. Dusserre, and C. Quantin. "Automatic Record Hash Coding and Linkage for Epidemiological Follow-up Data Confidentiality." Methods of Information in Medicine 37, no. 03 (July 1998): 271–77. http://dx.doi.org/10.1055/s-0038-1634527.

Full text
Abstract:
AbstractA protocol is proposed to allow linkage of anonymous medical information within the framework of epidemiological follow-up studies. The protocol is composed of two steps; the first concerns the irreversible transformation of identification data, using a one-way hash function which is used after spelling processing. To avoid dictionary attacks, two large random files of keys, called pads, are introduced. The second step consists in the linkage of files rendered anonymous. The weight given to each linkage field is estimated by a mixture model, the likelihood of which being maximized with the Expectation and Maximization (EM) algorithm. The performance of this method has been assessed by comparing record linkage, based on exclusive use of the automatic procedure, with a manual linkage, obtained by the Burgundy Registry of Digestive Cancers. The result of the linkage of a file of 2,847 cancers with a file of 388,614 hospitalization stays in the Dijon university hospital showed a sensitivity of 97% and a specificity of 93%.
APA, Harvard, Vancouver, ISO, and other styles
49

Vivek Tammineedi, Venkata Satya, and V. N. Rajavarman. "A Novel Analysis of Advanced Visual Cryptography Techniques for Providing Security Against Web Attacks Using Support Vector Machine Technique." Journal of Computational and Theoretical Nanoscience 17, no. 5 (May 1, 2020): 2097–114. http://dx.doi.org/10.1166/jctn.2020.8855.

Full text
Abstract:
In today’s internet applications such as some real time application services like core banking and other public service oriented application have been major issue in authentication of user specification. To perform online dictionary attacks, passwords have been used for security and authentication mechanism. Present days, hacking of databases on web oriented applications is unavoidable to access them easily. Data maintenance is a complex task in internet applications. To solve these type of problems in internet applications, in this paper, we proposed a novel Integrated and Dynamic CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) (I&D CAPTCHA), which is extension version of existing CAPTCHA that valuated third party human attacks in internet applications based Visual Cryptography approach to discuss about authentication problem in real time applications. There is more number of methods presented for security in advanced pictures for insurance from inventive uninvolved or dynamic assaults in system correspondence environment. Like insightful Visual Cryptographic (VC) is a cutting edge strategy, which is utilized to mystery picture safely impart furthermore keep up to privacy. To proceed with difficulties of security in advanced picture information sharing, so in this paper we break down various VC security instruments for computerized picture information offering to regard tomystery information secrecy. Our examination give effective security answers for relative mystery advanced picture information imparting to correspondence progressively environment. Security aspects are main concepts in present days because of increasing statistical data storage. In Artificial Intelligence (AI) oriented applications, it is very difficult in terms of protection to increasing new aspects in real time world. So we also plan a Novel and Advanced Security system to enable solution for basic AI problems in this paper. This framework mainly works based on Captcha as visual security passwords (CaRP); it is two way communication plan which means that, it is the combination of Captcha and visual security plan. Our approach mainly worked with image security with respect to selection of passwords based on random way. In this paper, we also propose AMODS, an adaptive system that periodically updates the detection model to detect the latest unknown attacks. We also propose an adaptive learning strategy, called SVM HYBRID, leveraged by our system to minimize manual work. Our system out performs existing web attack detectionmethods, with an F-value of 94.79% and FP rate of 0.09%. The total number of malicious queries obtained by SVM HYBRID is 2.78 times that by the popular Support Vector Machine Adaptive Learning (SVMAL) method. The malicious queries obtained can be used to update the Web Application Firewall (WAF) signature library.
APA, Harvard, Vancouver, ISO, and other styles
50

Pigliucci, Massimo. "Fundamentalism and science." Journal of Science Communication 05, no. 02 (June 21, 2006): C06. http://dx.doi.org/10.22323/2.05020306.

Full text
Abstract:
The many facets of fundamentalism. There has been much talk about fundamentalism of late. While most people's thought on the topic go to the 9/11 attacks against the United States, or to the ongoing war in Iraq, fundamentalism is affecting science and its relationship to society in a way that may have dire long-term consequences. Of course, religious fundamentalism has always had a history of antagonism with science, and – before the birth of modern science – with philosophy, the age-old vehicle of the human attempt to exercise critical thinking and rationality to solve problems and pursue knowledge. “Fundamentalism” is defined by the Oxford Dictionary of the Social Sciences1 as “A movement that asserts the primacy of religious values in social and political life and calls for a return to a 'fundamental' or pure form of religion.” In its broadest sense, however, fundamentalism is a form of ideological intransigence which is not limited to religion, but includes political positions as well (for example, in the case of some extreme forms of “environmentalism”).
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Dictionary Attacks' for other source types:
Dissertations / Theses
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography