Improving the Security of Secret Questions using Smartphone Sensor and App Data
Prabin Joshi1 , Naidila Sadashiv2 , Bivek Gyawali3 , Sudeep Simkhada4
Section:Research Paper, Product Type: Journal Paper
Volume-7 ,
Issue-6 , Page no. 1129-1134, Jun-2019
CrossRef-DOI: https://doi.org/10.26438/ijcse/v7i6.11291134
Online published on Jun 30, 2019
Copyright © Prabin Joshi, Naidila Sadashiv, Bivek Gyawali, Sudeep Simkhada . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: Prabin Joshi, Naidila Sadashiv, Bivek Gyawali, Sudeep Simkhada, “Improving the Security of Secret Questions using Smartphone Sensor and App Data,” International Journal of Computer Sciences and Engineering, Vol.7, Issue.6, pp.1129-1134, 2019.
MLA Style Citation: Prabin Joshi, Naidila Sadashiv, Bivek Gyawali, Sudeep Simkhada "Improving the Security of Secret Questions using Smartphone Sensor and App Data." International Journal of Computer Sciences and Engineering 7.6 (2019): 1129-1134.
APA Style Citation: Prabin Joshi, Naidila Sadashiv, Bivek Gyawali, Sudeep Simkhada, (2019). Improving the Security of Secret Questions using Smartphone Sensor and App Data. International Journal of Computer Sciences and Engineering, 7(6), 1129-1134.
BibTex Style Citation:
@article{Joshi_2019,
author = {Prabin Joshi, Naidila Sadashiv, Bivek Gyawali, Sudeep Simkhada},
title = {Improving the Security of Secret Questions using Smartphone Sensor and App Data},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {6 2019},
volume = {7},
Issue = {6},
month = {6},
year = {2019},
issn = {2347-2693},
pages = {1129-1134},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=4694},
doi = {https://doi.org/10.26438/ijcse/v7i6.11291134}
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v7i6.11291134}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=4694
TI - Improving the Security of Secret Questions using Smartphone Sensor and App Data
T2 - International Journal of Computer Sciences and Engineering
AU - Prabin Joshi, Naidila Sadashiv, Bivek Gyawali, Sudeep Simkhada
PY - 2019
DA - 2019/06/30
PB - IJCSE, Indore, INDIA
SP - 1129-1134
IS - 6
VL - 7
SN - 2347-2693
ER -
VIEWS | XML | |
567 | 2849 downloads | 174 downloads |
Abstract
Security and privacy is an important topic in the field of sensitive data communication. Secondary authentication methods like secret questions are widely used as a form of authentication which can be easily guessed. Moreover, users may forget his/her answers, and even if a user remembers the answer, they can forget how it was written. The recent prevalence of smartphone has provided a rich source of personal data concerning the user’s knowledge of its short-term history. Such a feature has made it possible for people to spend more and more time on these devices. Furthermore, the popularity of social media applications and single sign-on increases day after day, users with their information do not always take as many precautions as they need. We present a “Secret-Question based Authentication System” having a set of secret questions based on user’s short-term smartphone usage. We have developed prototype of android application, and have evaluated the security of the secret questions. We also present a multifactor authentication that creates more and more walls to prevent people from seeing your information. It allows the verification of user’s identity for a login or other transaction-based on more than one method of authentication from independent categories of credentials.
Key-Words / Index Term
Android, Secret Questions, Security, Authentication
References
[1] P. Zhao et al., "Understanding Smartphone Sensor and App Data for Enhancing the Security of Secret Questions," in IEEE Transactions on Mobile Computing, vol. 16, no. 2, pp. 552-565, 1 Feb. 2017.
[2] A. Bissada and A. Olmsted, "Mobile multi-factor authentication," 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), Cambridge, 2017, pp. 210-211. [3] Karthick S, Dr. SumitraBinu "Android Security Issues and Solutions," IEEE 2017
[4] S. Yadav, A. Apurva, P. Ranakoti, S. Tomer and N. R. Roy, "Android vulnerabilities and security," 2017 International Conference on Computing and Communication Technologies for Smart Nation (IC3TSN), Gurgaon, 2017, pp. 204-208.
[5] F. Aloul, S. Zahidi and W. El-Hajj, "Two factor authentication using mobile phones," 2009 IEEE/ACS International Conference on Computer Systems and Applications, Rabat, 2009, pp. 641-644.
[6] S. Schechter, A. B. Brush, and S. Egelman, “It’s no secret measuring the security and reliability of authentication via secret questions,” in S & P., IEEE, 2009, pp. 375–390.
[7] A. Babic, H. Xiong, D. Yao, and L. Iftode, “Building robust authentication systems with activity-based personal questions,” in SafeConfig. New York, NY, USA: ACM, 2009, pp. 19–24.
[8] M. Zviran and W. J. Haga, "User authentication by cognitive passwords: an empirical assessment," Proceedings of the 5th Jerusalem Conference on Information Technology, 1990. `Next Decade in Information Technology`, Jerusalem, Israel, 1990, pp. 137-144.
[9] J. Podd, J. Bunnell, and R. Henderson, “Cost-effective computer security: Cognitive and associative passwords,” in Computer-Human Interaction, 1996. Proceedings, Sixth Australian Conference on. IEEE, 1996, pp. 304–305.
[10] X. Jiang and J. Ling, "Simple and effective one-time password authentication scheme," 2013 2nd International Symposium on Instrumentation and Measurement, Sensor Network and Automation (IMSNA), Toronto, ON, 2013, pp. 529-531.
[11] P. B. Tiwari and S. R. Joshi, "Single sign-on with one time password," 2009 First Asian Himalayas International Conference on Internet, Kathmandu, 2009, pp. 1-4.
[12] K. Renaud, D. Kennes, J. van Niekerk and J. Maguire, "SNIPPET: Genuine knowledge-based authentication," 2013 Information Security for South Africa, Johannesburg, 2013, pp. 1-8.
[13] J. Bonneau, "The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords," 2012 IEEE Symposium on Security and Privacy, San Francisco, CA, 2012, pp. 538-552.
[14] Joseph Bonneau, Elie Bursztein, Ilan Caron, Rob Jackson, and Mike Williamson. 2015. Secrets, Lies, and Account Recovery: Lessons from the Use of Personal Knowledge Questions at Google, pp. 141-150.