A Dynamic Profile Questions Approach to Mitigate Impersonation in Online Examinations

Ullah, Abrar; Xiao, Hannan; Barker, Trevor

doi:10.1007/s10723-018-9442-6

Cited by 21 publications

(25 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…From previous researches, we found that it is very important to find a way to evaluate authentications for various platform's policies [9,10,29]. The evaluation criteria are built based on a combination of three parts: password intensity, guessability percentage rate, and entropy measurement.…”

Section: Knowledge-based Authentication Security Measurementsmentioning

confidence: 99%

Knowledge based Authentication Techniques and Challenges

Alhakami¹,

ShouqAlhrbi²

2020

IJACSA

View full text Add to dashboard Cite

Knowledge-based Authentication (KBA) is an authentication approach, which verifying the user identity when accessing services such as finical websites. KBA requests specific information to prove personal identity of the owner. This paper discusses the challenges that are faced by KBA techniques. Memorability is the main obstacle in KBA since the users trying to utilize simple passwords or unify the passwords in various services, a step that cause problems and issues with compliance with security policies. Furthermore, the technique of mixing username/password is considered as another important challenge of KBA due to the recall-based authentication. This discussion includes a comparative analysis of KBA's techniques based on trade-off criteria to support making of decision. This study's results can support organizations in the recommendations process of a suitable KBA technique for organizations.

show abstract

Section: Knowledge-based Authentication Security Measurementsmentioning

confidence: 99%

Knowledge based Authentication Techniques and Challenges

Alhakami¹,

ShouqAlhrbi²

2020

IJACSA

View full text Add to dashboard Cite

show abstract

“…The focus and research context of this work relates to summative assessment or remote online examinations. The growth in the use of online learning in higher education has been documented and reported in many studies [5], [6], [7], [8], [9]. It has attracted significant research focus on developing and delivering secure, efficient and effective learning environments.…”

Section: Introductionmentioning

confidence: 99%

“…In a similar vein, the use of image-based questions revealed improved usability [13], however, these questions were not sufficient to mitigate impersonation and abetting. In order to address the security issues, the authors proposed dynamic profile questions [7]. These questions are created in the background when a student performs learning activities.…”

Section: Introductionmentioning

confidence: 99%

“…To access an online assessment, the student is presented with a subset of questions randomly extracted from his/her profile. In a recent study, the authors conducted a focus group study [6] with online programme tutors who recommended the use of dynamic profile questions [7], remote proctoring [14], and a secure browser to mitigate impersonation and abetting attacks.…”

Section: Introductionmentioning

confidence: 99%

“…The focus group study presented in an earlier study indicates that the use of dynamic profile questions with a secure browser and proctoring (ProctorU) [14] can positively influence collusion attacks. As described above, the dynamic profile questions are created non-intrusively and non-distractingly in the background when a student performs learning activities [7]. Using this method, a student's profile is built and consolidated in the background during the learning process.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Multi-factor Authentication Method for Security of Online Examinations

Ullah

Xiao

Barker

2018

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

Self Cite

View full text Add to dashboard Cite

Security of online examinations is the key to success of remote online learning. However, it faces many conventional and non-conventional security threats. Impersonation and abetting are rising nonconventional security threats, when a student invites a third party to impersonate or abet in a remote exam. This work proposed dynamic profile questions authentication to identify that the person taking an online test is the same who completed the course work. This is combined with remote proctoring to prevent students from taking help from a third party during exam. This research simulated impersonation and abetting attacks in remote online course and laboratory based control simulation to analyse the impact of dynamic profile questions and proctoring. The study also evaluated effectiveness of the proposed method. The findings indicate that dynamic profile questions are highly effective. The security analysis shows that impersonation attack was not successful.

show abstract