Security is a important factor in computer system
now a days. Users of computer system give a primary preference
to security. Authentication is a process used to provide security
to the user. Authentication is a process of identifying the
person’s identity or conforming the identity of a particular
person. There are various authentication method, but most
commonly used method is textual password. Combination of
alphabet and number create a secure password. But it has some
drawbacks i.e. it can be easily guess by third person also called
attacker. If it make complex then it could be hard to memorize.
Also it is susceptible to various attacks such as brute force
attack, dictionary attack, social engineering attack, eves
dropping, etc. to overcome the drawback of textual password
graphical password system introduced. Graphical system is easy
to memorize but it undergo shoulder surfing attack which is
quite big problem. in which any entity or person can observe
users password directly or by using any device. This paper
survey the various shoulder surfing attacks in graphical
password approach.
Pranjali Waghmare : Dept of CSE, GHRAET, R.T.M. Nagpur University
Nagpur, Maharashtra, India
Rushi Longadge : Dept of CSE, GHRAET, R.T.M. Nagpur University
Nagpur, Maharashtra, India
Deepak Kapgate : Dept of CSE, GHRAET, R.T.M. Nagpur University
Nagpur, Maharashtra, India
Authentication
Graphical Password
Shoulder
surfing attack
Authentication is a basic component in the aspect of
security. Authentication is required to provide the better
security to the user. Various survey papers study in above
section regarding the various attacks found during the
authentication. Textual password authentication is well
known authentication technique. it is simple and easy but
vulnerable to various attacks. Later graphical password is
invented. This is simple and easy to memorize to the user.
But undergo various problem such as, it require greater
storage space, some are complex and time consuming. A
session authentication technique which may help to
reduce the shoulder surfing attack.
[1] Ian Jermyn, Alain Mayer, Fabia manrose, Micheal K.
Reiter, Aveil D. Rubin, “The Design and analysis of
graphical password” Proceedig of the 8th USENIX
security symposium Washington, D.C. USA, August
1999.
[2] Narman poh, samy bengio,” how do correlation and
variance of base experts affect fusion in biometric
authentication tasks?”, IEEE transaction on signal
processing, volume 53, No 11, Nov 2005
[3] Arash Habibi lashkari, Samaneh Farmand, Dr. Rosli
Saleh, Dr. Omar Bin Zakaria,” A wide range Survey
on Recall Based Graphical user authentication
algorithm based on ISO and attack
patterns”,international journals of computer science
and information security, vol. 6, no. 3, 2009.
[4] Rachna Dhamija, Adrian Perrig, ,” Déjà vu: a user
study using images for authentication “, in 9th
USENIX security symposium,2000.
[5] Stamati Gkarafli, Anastasios A. Economides,
“comparing the proof by knowledge authentication
techniques”, international journals of computer
science and security vol.4, issue 2.
[6] Passfaces Corporation, “The science behind
Passfaces”, White paper, Available at
http://www.passfaces.com/enterprise/resources/whitep
apers.htm, July 2009.
[7] Susan Wiedenbeck, Jim Waters, Jean-Camille Birget,
Alex Broadskiy, Nasir Memon, “ Passpoints: Design
and longitudinal evaluation of a graphical password
system”, international journal of Human Computer
studies 63, 2005.
[8] Sonia chiasson, Alain Forget, Elizabeth Stobert, P. C.
Van Oorschot, Robert Biddle, ” Multiple password
interference in text passwords and click based
graphical passwords”, ACM CCS 09, Nov 2009.
[9] Leonardo sobrado, Jean Camille birget, Susan
Wiedenbeck, Jim Waters,” Design and evaluation of a
shoulder-surfing resistance graphical password
scheme”, ACM, may 2006
[10] Kanchan V. Warkar, Nitin J.Janwe,” A review on two
level Graphical authentication against Key-Logger
spyware”, national conference on Emerging trends in
computer science and information technology 2011.
[11] Sonia Chiasson, Elizabeth Stobert, Alain Forget,
Robert Biddle, Paul C. Van oorschot, ”Persuasive
cued click points: Design, implementation and
Evaluation of a knowledge based authentication
mechanism”, IEEE transactions of Dependable and
secure computing, vol. 9,no.2, mar/April 2012.
[12] D. Surya Devi, M. Tamil Selvi, T. Sowmiya, M.J.
Pavitra, J. Jeba Emilyn, “ Generating session
password using text and color to prevent shoulder
surfing”, international conference on modeling
optimization and computing 2012.
[13] H.K. Sarohi, F.U. Khan, ”graphical password
authentication scheme: current status and key issues“,
international journal of computer science, volume 10,
march 2013.
[14] M. swathi, M.V. Jagannatha Reddy, “ Authentication
using persuasive cued click points”, International
journal of engineering research and technology,
volume 2 , issue 7, july 2013.
[15] N.S. Joshi,” Session passwords using grid and colors
for web applications and PDA”, IJETAE, volume 3,
issue 5, may 2013.