Modern Authentication Methods: A Comprehensive Survey

Papathanasaki, Maria; Μαγλαράς, Λέανδρος; Ayres, Nick

doi:10.5772/acrt.08

Cited by 16 publications

(11 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other solutions, like Private Webmail, Virtu, and Xmail, generate and distribute encryption keys on their servers while concealing the key management process. However, these solutions are paid, and the unavailability of source codes raises trust concerns for end users; Multi-factor authentication (MFA) : MFA offers a robust method of authentication, demanding two or more verification factors to grant access to a resource [ 37 , 38 ]; Trusted Third Parties (TTPs) : Ensuring the secure distribution of public keys to the correct parties can pose significant challenges. The trust placed in the public-key infrastructure (PKI) is of the utmost importance.…”

Section: Related Workmentioning

confidence: 99%

BEC Defender: QR Code-Based Methodology for Prevention of Business Email Compromise (BEC) Attacks

Papathanasiou,

Liontos,

Paparis

et al. 2024

Sensors

View full text Add to dashboard Cite

In an era of ever-evolving and increasingly sophisticated cyber threats, protecting sensitive information from cyberattacks such as business email compromise (BEC) attacks has become a top priority for individuals and enterprises. Existing methods used to counteract the risks linked to BEC attacks frequently prove ineffective because of the continuous development and evolution of these malicious schemes. This research introduces a novel methodology for safeguarding against BEC attacks called the BEC Defender. The methodology implemented in this paper augments the authentication mechanisms within business emails by employing a multi-layered validation process, which includes a MAC address as an identity token, QR code generation, and the integration of timestamps as unique identifiers. The BEC-Defender algorithm was implemented and evaluated in a laboratory environment, exhibiting promising results against BEC attacks by adding an extra layer of authentication.

show abstract

Section: Related Workmentioning

confidence: 99%

BEC Defender: QR Code-Based Methodology for Prevention of Business Email Compromise (BEC) Attacks

Papathanasiou,

Liontos,

Paparis

et al. 2024

Sensors

View full text Add to dashboard Cite

show abstract

“…KBA includes text and picture-based authentication (Bhana & Flowerday, 2020). However, good passwords can sometimes be difficult to remember (Karim et al, 2020;Papathanasaki et al, 2022). PBA is a type of authentication based on the individual's private items (i.e., token-based authentication).…”

Section: Introductionmentioning

confidence: 99%

Using interface preferences as evidence of user identity: A feasibility study

Karim,

Abdulraheem,

Kanaker

et al. 2024

10.5267/j.ijdns

View full text Add to dashboard Cite

Research on human-computer interaction currently focuses on enhancing system usability by establishing an appropriate user interface (UI) that depends on users’ features. Online users typically have different perceptions of their favored interface design depending on their preferences. Thus, those interface preferences could be utilized to recognize online users’ identities. User authentication is another critical issue that should be considered to improve online security mechanisms without compromising usability. This study investigates the feasibility of using UI preferences as evidence of user identity. The proposed method applies to the design preferences of users dealing with online systems (e.g., e-exam and e-banking). These preferences are closely associated with individual characteristics, whether physical, cognitive, psychological, psychomotor, demographic, or experience based. Many design characteristics could be used in online systems; for example, the e-exam interface design may use features such as the font (size, color, and face), the number of questions per page, background color, questions group, timer type, and sound alert. The feasibility evaluation of this study indicated that 96.8% of research participants have variations in their preferences, and each participant kept 94.5% of their design preferences throughout different sessions.

show abstract

“…1,2 Among several emerging biometric-based approaches, fingerprint and face-based authentication mechanisms are the most widely used. 3,4 The features of biometric traits and their authentication mechanisms, such as universality, permanence, uniqueness, the low storage requirement for storing biometric templates, ease of use in fields, inexpensive scanning devices, and so forth, 5 make biometric authentication an attractive option for a variety of applications such as in banking, for home security, and so forth. 6 A biometric-based authentication system requires a scanning device to capture biometric traits, a database to store enrolled biometric templates, and application software to capture and verify the biometric template of the subject.…”

Section: Introductionmentioning

confidence: 99%

A protocol to establish trust on biometric authentication devices

Kiran

Moona

Biswas

2023

Security and Privacy

View full text Add to dashboard Cite

One of the most extensively utilized mechanisms for person authentication is a system built using biometric‐based authentication. However, many applications use biometric authentication devices that do not support any device authentication mechanisms. As a result, a counterfeit scanning device may be substituted for the genuine one. Non‐authentic biometric authentication devices may perform some additive / subtractive or malicious functions. This paper proposes a technique for establishing trust in biometric authentication devices. The device authentication procedure is essential to build trust in biometric authentication devices such that non‐genuine biometric authentication devices are not used, which may compromise the loss of authentication factor and its replay when the genuine user is not getting authenticated. The protocol uses strong cryptographic mechanisms to authenticate the biometric authentication device with the application server and includes mechanisms for protection against the tampering of biometric templates and to prevent replay attacks. We also perform a formal verification using BAN logic to demonstrate that the proposed protocol meets the defined objectives. The proposed protocol can be used with any biometric authentication device to achieve the same objectives.

show abstract

Modern Authentication Methods: A Comprehensive Survey

Cited by 16 publications

References 30 publications

BEC Defender: QR Code-Based Methodology for Prevention of Business Email Compromise (BEC) Attacks

BEC Defender: QR Code-Based Methodology for Prevention of Business Email Compromise (BEC) Attacks

Using interface preferences as evidence of user identity: A feasibility study

A protocol to establish trust on biometric authentication devices

Contact Info

Product

Resources

About