Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2014, Article ID 838623, 12 pages
http://dx.doi.org/10.1155/2014/838623
Research Article

Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information

1Faculty of Computer Science and Information Technology, University of Malaya, 50603 Lembah Pantai, Kuala Lumpur, Malaysia
2Multimedia University, Jalan Multimedia, 63100 Cyberjaya, Selangor, Malaysia

Received 4 February 2014; Revised 8 April 2014; Accepted 1 May 2014; Published 27 May 2014

Academic Editor: Agusti Solanas

Copyright © 2014 Peng Foong Ho et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. C. Herley, P. C. Oorschot, and A. Patrick, Passwords: If We're So Smart, Why Are We Still Using Them?Springer, Berlin, Germany, 2009.
  2. K. Renaud and A. De Angeli, “Visual passwords: cure-all or snake-oil?” Communications of the ACM, vol. 52, no. 12, pp. 135–140, 2009. View at Publisher · View at Google Scholar · View at Scopus
  3. M. A. Sasse, S. Brostoff, and D. Weirich, “Transforming the “weakest link”—a human/computer interaction approach to usable and effective security,” BT Technology Journal, vol. 19, no. 3, pp. 122–131, 2001. View at Publisher · View at Google Scholar · View at Scopus
  4. A. Paivio and K. Csapo, “Concrete image and verbal memory codes,” Journal of Experimental Psychology, vol. 80, no. 2, pp. 279–285, 1969. View at Publisher · View at Google Scholar · View at Scopus
  5. A. De Angeli, L. Coventry, G. Johnson, and K. Renaud, “Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems,” International Journal of Human Computer Studies, vol. 63, no. 1-2, pp. 128–152, 2005. View at Publisher · View at Google Scholar · View at Scopus
  6. W. Moncur and G. Lepltre, “Pictures at the ATM: exploring the usability of multiple graphical passwords,” in Proceedings of the 25th SIGCHI Conference on Human Factors in Computing Systems (CHI '07), pp. 887–894, Los Angeles, Calif, USA, May 2007. View at Publisher · View at Google Scholar · View at Scopus
  7. A. Forget, S. Chiasson, and R. Biddle, “Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords,” in Proceedings of the 28th Annual CHI Conference on Human Factors in Computing Systems (CHI '10), pp. 1107–1110, Atlanta, Ga, USA, April 2010. View at Publisher · View at Google Scholar · View at Scopus
  8. H. Gao, Z. Ren, X. Chang, X. Liu, and U. Aickelin, “A new graphical password scheme resistant to shoulder-surfing,” in Proceedings of the 10th International Conference on Cyberworlds (CW '10, pp. 194–199, Singapore, October 2010. View at Publisher · View at Google Scholar · View at Scopus
  9. A. De-Angeli, M. Coutts, L. Coventry, G. Johnson, D. Cameron, and M.-H. Fischer, “VIP: a visual approach to user authentication,” in Proceedings of the Working Conference on Advanced Visual Interfaces, pp. 316–323, Trento, Italy, 2002.
  10. V. Roth, K. Richter, and R. Freidinger, “A PIN-entry method resilient against shoulder surfing,” in Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS '04), pp. 236–245, Washington, DC, USA, October 2004. View at Scopus
  11. H. Gao, X. Liu, R. Dai, S. Wang, and X. Chang, “Analysis and evaluation of the colorlogin graphical password scheme,” in Proceedings of the 5th International Conference on Image and Graphics (ICIG '09), pp. 722–727, Shanxi, China, September 2009. View at Publisher · View at Google Scholar · View at Scopus
  12. S. Wiedenbeck, J. Waters, L. Sobrado, and J.-C. Birget, “Design and evaluation of a shoulder-surfing resistant graphical password scheme,” in Proceedings of the Working Conference on Advanced Visual Interfaces (AVI '06), pp. 177–184, Venezia, Italy, May 2006. View at Publisher · View at Google Scholar · View at Scopus
  13. “Passfaces. The science behind Passfaces. White paper,” 2013, http://www.passfaces.com/published/The%20Science%20Behind%20Passfaces.pdf.
  14. D. Davis, F. Monrose, and M. K. Reiter, “On user choice in graphical password schemes,” in Proceedings of the 13th Conference on USENIX Security Symposium, pp. 1–14, Berkeley, Calif, USA, 2004.
  15. R. Dhamija and A. Perrig, “Déjà Vu: a user study using images for authentication,” in Proceedings of the 9th Conference on USENIX Security Symposium, p. 4, Denver, Colo, USA, 2000.
  16. L. Y. Por and X. T. Lim, “Issues, threats and future trend for GSP,” in Proceedings of The 7th WSEAS International Conference on Applied Computer & Applied Computational Science, pp. 627–633, Hangzhou, China, 2008.
  17. L. Y. Por and X. T. Lim, “Multi-grid background Pass-Go,” WSEAS Transactions on Information Science & Applications, vol. 5, no. 7, pp. 1137–1148, 2008. View at Google Scholar
  18. L. Y. Por, X. T. Lim, and F. Kianoush, “Background Pass-Go (BPG), a New Approach for GPS,” in Proceedings of the 12th WSEAS International Conference on Computers, pp. 369–374, 2008.
  19. A. De-Angeli, L. Coventry, G. Johnson, and M. Coutts, “Usability and user authentication: pictorial passwords vs. PIN,” in Contemporary Ergonomics, P.-T. McCabe, Ed., Taylor & Francis, London, UK, 2003. View at Google Scholar
  20. L. Y. Por, “Frequency of occurrence analysis attack and its countermeasure,” The International Arab Journal of Information Technology, vol. 10, no. 2, pp. 189–197, 2013. View at Google Scholar
  21. H. Asghar, S. Li, J. Pieprzyk, and H. Wang, “Cryptanalysis of the convex hull click human identification protocol,” International Journal of Information Security, vol. 12, no. 2, pp. 83–96, 2013. View at Google Scholar
  22. K. Renaud, P. Mayer, M. Volkamer, and J. Maguire, “Are graphical authentication mechanisms as strong as passwords?” in Proceedings of the Federated Conference on Computer Science and Information Systems, pp. 837–844, 2013.
  23. S. Wiedenbeck, J. Waters, J.-C. Birget, A. Brodskiy, and N. Memon, “PassPoints: design and longitudinal evaluation of a graphical password system,” International Journal of Human Computer Studies, vol. 63, no. 1-2, pp. 102–127, 2005. View at Publisher · View at Google Scholar · View at Scopus
  24. R. Dhamija and A. Perrig, “Déjà Vu: a user study using images for authentication,” in Proceedings of the 9th conference on USENIX Security Symposium, p. 4, Denver, Colo, USA, 2000.
  25. L. Y. Por, Mitigation of Shoulder-Surfing Attack on Picture-Based Passwords Using Falsifying Authentication Methods, Faculty of Computer Science and Information Technology, University of Malaya, 2012.
  26. S. Furnell, “An assessment of website password practices,” Computers and Security, vol. 26, no. 7-8, pp. 445–451, 2007. View at Publisher · View at Google Scholar · View at Scopus
  27. P. L. Yee and M. L. M. Kiah, “Shoulder surfing resistance using penup event and neighbouring connectivity manipulation,” Malaysian Journal of Computer Science, vol. 23, no. 2, pp. 121–140, 2010. View at Google Scholar · View at Scopus
  28. N. Hamad, “Hiding text information in a digital image based on entropy function,” The International Arab Journal of Information Technology, vol. 7, no. 2, pp. 146–151, 2010. View at Google Scholar · View at Scopus
  29. L. Y. Por and B. Delina, “Information hiding—a new approach in text steganography,” in Proceedings of the 7th WSEAS International Conference on Applied Computer and Applied Computational Science, pp. 689–695, 2008.
  30. L. Y. Por, B. Delina, T. F. Ang, and S. Y. Ong, “An enchanced mechanism for image steganography using sequential colour cycle algorithm,” The International Arab Journal of Information Technology, vol. 10, no. 1, pp. 51–60, 2013. View at Google Scholar
  31. L. Y. Por, W. K. Lai, Z. Alireza, and B. Delina, “StegCure: an amalgamation of different steganographic methods in GIF image,” in Proceedings of the 12th WSEAS International Conference on Computers, pp. 420–425, Heraklion, Greece, 2008.
  32. L. Y. Por, K. Wong, and K. O. Chee, “UniSpaCh: a text-based data hiding method using Unicode space characters,” Journal of Systems and Software, vol. 85, no. 5, pp. 1075–1082, 2012. View at Google Scholar