A more secure scheme for CAPTCHA-based authentication in cloud environment

Althamary, Ibrahim; El-Alfy, El-Sayed M.

doi:10.1109/icitech.2017.8080034

Cited by 10 publications

(3 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, Althamary el al. [20] proposed a CAPTCHA based authentication method in cloud environments to strengthen weak passwords against different attacks including short-password attack, dictionary attack, keyloggers, phishing and social engineering. However, the CAPTCHA schemes used in these authentication methods are similar to existing commercial text-based CAPTCHAs and all of them have been broken with high percentages of accuracy, e.g., [6,21,22,23] and [24].…”

Section: Captcha Strengthened Authentication and Its Alternativesmentioning

confidence: 99%

Invisible CAPPCHA: A usable mechanism to distinguish between malware and humans on the mobile IoT

Guerar

Merlo

Migliardi

et al. 2018

Computers & Security

View full text Add to dashboard Cite

Smartphone devices are often assuming the role of edge systems in mobile IoT scenarios and the access to cloud-based services through smartphones, for transmitting multiple sensory data related to human activities, often implying some lawful evidence, has become increasingly common. Thus the need for protecting such transactions from abuses and frauds based on automation techniques is now a critical issue. The most widely adopted method to prevent unauthorized access and abuse of a service by malicious software automation is CAPTCHA. However, trying to strengthen CAPTCHA resilience to automated attacks has led to challenges that, while still being vulnerable, are both difficult and unpleasant for humans. Hence, the strong need for a mechanism that is both secure and usable. In this paper, we present Invisible CAPPCHA, a mechanism that, leveraging trusted sensors embedded in a secure element located on a smartphone is capable of separating humans from computers in a way that is completely transparent to users. Furthermore, as no challenge is required, no additional time is needed and the user cannot fail it by mistake. Compared to the state of the art, our proposal is both secure and more user friendly, lending itself optimally to secure mobile cloud services.

show abstract

Section: Captcha Strengthened Authentication and Its Alternativesmentioning

confidence: 99%

Invisible CAPPCHA: A usable mechanism to distinguish between malware and humans on the mobile IoT

Guerar

Merlo

Migliardi

et al. 2018

Computers & Security

View full text Add to dashboard Cite

show abstract

“…Ibrahim A. Althamary et al [6] proposed a well-known authentication scheme called "A More Secure Scheme for CAPTCHA-Based Authentication in Cloud Environment." This authentication mechanism combines the user's password with modified characters of CAPTCHA that a secret agreement between the cloud service provider and the user.…”

Section: Related Workmentioning

confidence: 99%

Asynchronous Password-Based Authentication and Service_Provider_ID Module for Secured Cloud Environment

Sudha¹,

Manikandasaran²

2020

IJCTE

View full text Add to dashboard Cite

“…This method is designed based on 3-dimensional sensors such as the accelerometer, the orientation, the magnetometer, the gravity sensors, and the gyroscope. Tap Logger [13], a Trojan application collects the data through an accelerometer (detect the number of taps) and orientation sensors (find position of the taps). This detected data are enough to log the screen on, detect credit card numbers and PIN numbers.…”

Section: Literature Reviewmentioning

confidence: 99%

Color Channel CAPTCHA: A Secure Scheme for Cloud Environment

Chithra*,

Sathya

2019

IJITEE

View full text Add to dashboard Cite

Abuse of cloud services consequently unauthorized access to cloud data by malicious software automation is prevented by CAPTCHA. The secure usable mechanism is mandatory for resilience to automate attacks accordingly to create pleasant challenges. In this paper, we propose a novel image-based graphical Color Channel CAPTCHA scheme to distinguish between malware and humans for data security in the cloud environment. This color channel CAPTCHA is designed with 2 X 2 grids of different color channels with micro invisible circles or less visible moving circles. This simple challenge is completed by click on the specified circles in the given order with very less solving time, while compared to the state of the art. The experimental study has been conducted among 41 participants on both usability and performance of color channel CAPTCHA.

show abstract

A more secure scheme for CAPTCHA-based authentication in cloud environment

Cited by 10 publications

References 26 publications

Invisible CAPPCHA: A usable mechanism to distinguish between malware and humans on the mobile IoT

Invisible CAPPCHA: A usable mechanism to distinguish between malware and humans on the mobile IoT

Asynchronous Password-Based Authentication and Service_Provider_ID Module for Secured Cloud Environment

Color Channel CAPTCHA: A Secure Scheme for Cloud Environment

Contact Info

Product

Resources

About