A Framework for experience based user authentication technique for minimizing risk of brute-force attacks

Amirul I. Mohamad, Mohamad A. Mohamed, Mokhairi Makhtar, Mustafa Mamat, Norziana Jamil, Marina Md Din

Research output: Contribution to journalArticle

Abstract

Authentication is the process of verifying somebody or something about who he claim he is. The current methods have some drawbacks, which is high cost for special tools, high maintenances, low reliability, lost or broken by user’s poor handling and needs for special expertise in operating the system. In addition, brute force attack has been used against the authentication system by using special software readily available. To address this issue, we proposed an experience-based authentication system, which makes use of user experience as a password during the verification process. In this study, we choose a list of mountains climbed by a user in combination with the year of visit as a password. The system consists of two parts, sign up and sign in. User registration is done during the sign up, whereas user authentication is carried out during the sign in process. Given the number of mountains around the world that is nearly a million in total, and by allowing user to have any combination of mountain, the risk of brute force attack can be minimize significantly. The ability of this system that can withstand such an attack from the outside could increase the current standard security level.

Original languageEnglish
Pages (from-to)660-664
Number of pages5
JournalInternational Journal of Recent Technology and Engineering
Volume7
Issue number5
Publication statusPublished - 01 Feb 2019

Fingerprint

Authentication
Attack
Costs

All Science Journal Classification (ASJC) codes

  • Engineering(all)
  • Management of Technology and Innovation

Cite this

@article{b20d1071fe864533ba0ae24515fd8b7c,
title = "A Framework for experience based user authentication technique for minimizing risk of brute-force attacks",
abstract = "Authentication is the process of verifying somebody or something about who he claim he is. The current methods have some drawbacks, which is high cost for special tools, high maintenances, low reliability, lost or broken by user’s poor handling and needs for special expertise in operating the system. In addition, brute force attack has been used against the authentication system by using special software readily available. To address this issue, we proposed an experience-based authentication system, which makes use of user experience as a password during the verification process. In this study, we choose a list of mountains climbed by a user in combination with the year of visit as a password. The system consists of two parts, sign up and sign in. User registration is done during the sign up, whereas user authentication is carried out during the sign in process. Given the number of mountains around the world that is nearly a million in total, and by allowing user to have any combination of mountain, the risk of brute force attack can be minimize significantly. The ability of this system that can withstand such an attack from the outside could increase the current standard security level.",
author = "Mohamad, {Amirul I.} and Mohamed, {Mohamad A.} and Mokhairi Makhtar and Mustafa Mamat and Norziana Jamil and {Md Din}, Marina",
year = "2019",
month = "2",
day = "1",
language = "English",
volume = "7",
pages = "660--664",
journal = "International Journal of Recent Technology and Engineering",
issn = "2277-3878",
publisher = "Blue Eyes Intelligence Engineering and Sciences Publication",
number = "5",

}

A Framework for experience based user authentication technique for minimizing risk of brute-force attacks. / Mohamad, Amirul I.; Mohamed, Mohamad A.; Makhtar, Mokhairi; Mamat, Mustafa; Jamil, Norziana; Md Din, Marina.

In: International Journal of Recent Technology and Engineering, Vol. 7, No. 5, 01.02.2019, p. 660-664.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A Framework for experience based user authentication technique for minimizing risk of brute-force attacks

AU - Mohamad, Amirul I.

AU - Mohamed, Mohamad A.

AU - Makhtar, Mokhairi

AU - Mamat, Mustafa

AU - Jamil, Norziana

AU - Md Din, Marina

PY - 2019/2/1

Y1 - 2019/2/1

N2 - Authentication is the process of verifying somebody or something about who he claim he is. The current methods have some drawbacks, which is high cost for special tools, high maintenances, low reliability, lost or broken by user’s poor handling and needs for special expertise in operating the system. In addition, brute force attack has been used against the authentication system by using special software readily available. To address this issue, we proposed an experience-based authentication system, which makes use of user experience as a password during the verification process. In this study, we choose a list of mountains climbed by a user in combination with the year of visit as a password. The system consists of two parts, sign up and sign in. User registration is done during the sign up, whereas user authentication is carried out during the sign in process. Given the number of mountains around the world that is nearly a million in total, and by allowing user to have any combination of mountain, the risk of brute force attack can be minimize significantly. The ability of this system that can withstand such an attack from the outside could increase the current standard security level.

AB - Authentication is the process of verifying somebody or something about who he claim he is. The current methods have some drawbacks, which is high cost for special tools, high maintenances, low reliability, lost or broken by user’s poor handling and needs for special expertise in operating the system. In addition, brute force attack has been used against the authentication system by using special software readily available. To address this issue, we proposed an experience-based authentication system, which makes use of user experience as a password during the verification process. In this study, we choose a list of mountains climbed by a user in combination with the year of visit as a password. The system consists of two parts, sign up and sign in. User registration is done during the sign up, whereas user authentication is carried out during the sign in process. Given the number of mountains around the world that is nearly a million in total, and by allowing user to have any combination of mountain, the risk of brute force attack can be minimize significantly. The ability of this system that can withstand such an attack from the outside could increase the current standard security level.

UR - http://www.scopus.com/inward/record.url?scp=85070270494&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85070270494&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:85070270494

VL - 7

SP - 660

EP - 664

JO - International Journal of Recent Technology and Engineering

JF - International Journal of Recent Technology and Engineering

SN - 2277-3878

IS - 5

ER -