Omar Z. Akif
Other affiliations: Brunel University London
Bio: Omar Z. Akif is an academic researcher from University of Baghdad. The author has contributed to research in topics: Password & Entropy (arrow of time). The author has an hindex of 2, co-authored 6 publications receiving 16 citations. Previous affiliations of Omar Z. Akif include Brunel University London.
TL;DR: A new proposed algorithm was introduced with a new concept of dealing with steganography as an algorithmic secret key technique similar to stream cipher cryptographic system.
Abstract: Steganography is an important class of security which is widely used in computer and network security nowadays. In this research, a new proposed algorithm was introduced with a new concept of dealing with steganography as an algorithmic secret key technique similar to stream cipher cryptographic system. The proposed algorithm is a secret key system suggested to be used in communications for messages transmission steganography.
TL;DR: The authors introduce a simple and effective solution to the detection of password file disclosure events and suggest an alternative approach that selects the honeywords from existing user information, a generic password list, dictionary attack, and by shuffling the characters.
Abstract: Honeywords (decoy passwords) have been proposed to detect attacks against hashed password databases. For each user account, the original password is stored with many honeywords in order to thwart any adversary. The honeywords are selected deliberately such that a cyber-attacker who steals a file of hashed passwords cannot be sure, if it is the real password or a honeyword for any account. Moreover, entering with a honeyword to login will trigger an alarm notifying the administrator about a password file breach. At the expense of increasing the storage requirement by 24 times, the authors introduce a simple and effective solution to the detection of password file disclosure events. In this study, we scrutinise the honeyword system and highlight possible weak points. Also, we suggest an alternative approach that selects the honeywords from existing user information, a generic password list, dictionary attack, and by shuffling the characters. Four sets of honeywords are added to the system that resembles the real passwords, thereby achieving an extremely flat honeywords generation method. To measure the human behaviours in relation to trying to crack the password, a testbed engaged with by 820 people was created to determine the appropriate words for the traditional and proposed methods. The results show that under the new method it is harder to obtain any indication of the real password (high flatness) when compared with traditional approaches and the probability of choosing the real password is 1/k, where k = number of honeywords plus the real password.
01 Feb 2021
TL;DR: The proposed technique allows the user to keep the ease-of-use in the mouse motion, while minimizing the risk of password guessing, in a new password generation technique on the basis of mouse motion and a special case location recognized by the number of clicks.
Abstract: This paper proposes a new password generation technique on the basis of mouse motion and a special case location recognized by the number of clicks to protect sensitive data for different companies. Two, three special locations click points for the users has been proposed to increase password complexity. Unlike other currently available random password generators, the path and number of clicks will be added by admin, and authorized users have to be training on it. This method aims to increase combinations for the graphical password generation using mouse motion for a limited number of users. A mathematical model is developed to calculate the performance of the password. The proposed technique in this paper allows the user to keep the ease-of-use in the mouse motion, while minimizing the risk of password guessing. A comparative evaluation has been conducted against a traditional password. The results show that the proposed approach improves the complexity 200% for fix position technique and two variants technique but more than 200% for three variants technique.
••01 Jul 2017
TL;DR: A new password generating technique is proposed based on time, which can be used to protect a sensitive dataset in big data by using time as a part of the password, generated by using the shift-key to increase the possible combinations for the password.
Abstract: In this paper, a new password generating technique is proposed based on time, which can be used to protect a sensitive dataset in big data. Specifically, the proposed approach mitigates attacks and threats by using time as a part of the password, generated by using the shift-key. The aim is to increase the possible combinations for the password, thereby improving security when compared to traditional measures. First, a survey was carried out to determine the appropriate settings for the new password system. A mathematical model is built and the Password Quality Indicator (PQI) used to compare the outcomes generated by the model with those from the traditional password method. The difference percentage equation was employed to compare the new password technique is better than the traditional method. The results show that the former is better than the latter by 192 % when C=93 and the length of password is 4, whilst this improvement is up to 200% when the length is 15.
TL;DR: In this article , the authors proposed an algorithm for encrypting images based on the Carlisle Adams and Stafford Tavares CAST block cipher algorithm with 3D and 2D logistic maps.
Abstract: Background and Aim: due to the rapid growth of data communication and multimedia system applications, security becomes a critical issue in the communication and storage of images. This study aims to improve encryption and decryption for various types of images by decreasing time consumption and strengthening security. Methodology: An algorithm is proposed for encrypting images based on the Carlisle Adams and Stafford Tavares CAST block cipher algorithm with 3D and 2D logistic maps. A chaotic function that increases the randomness in the encrypted data and images, thereby breaking the relation sequence through the encryption procedure, is introduced. The time is decreased by using three secure and private S-Boxes rather than using six S-Boxes, as in the traditional method. Moreover, the CAST encryption algorithm was modified to be used on the private keys and substitution stage (S-Boxes), with the keys and S-Boxes of the encryption algorithm being generated according to the 2D and 3D chaotic map functions. The proposed system passed all evaluation criteria, including (MSE, PSNR, EQ, MD, SC, NC, AD, SNR, SIM, MAE, Time, CC, Entropy, and histograms). Results: Moreover, the results also illustrate that the created S-Boxes passed all evaluation criteria; compared with the results of the traditional method that was used in creating S-Box, the proposed method achieved better results than other methods used in the other works. The proposed solution improves the entropy which is between (7.991–7.999), reduces the processing time which is between (0.5–11 s/Images), and improves NCPR, which is between (0.991–1). Conclusions: The proposed solution focuses on reducing the total processing time for encryption and decryption and improving transmission security. Finally, this solution provides a fast security system for surgical telepresence with secure real-time communication. The complexity of this work needs to know the S-Box creation method used, the chaotic method, the values of the chaotic parameters, and which of these methods was used in the encryption process.
•26 Mar 2014
TL;DR: This paper finds that Markov models, when done correctly, perform significantly better than the Probabilistic Context-Free Grammar model proposed in Weir et al., which has been used as the state-of-the-art password model in recent research.
Abstract: A probabilistic password model assigns a probability value to each string. Such models are useful for research into understanding what makes users choose more (or less) secure passwords, and for constructing password strength meters and password cracking utilities. Guess number graphs generated from password models are a widely used method in password research. In this paper, we show that probability-threshold graphs have important advantages over guess-number graphs. They are much faster to compute, and at the same time provide information beyond what is feasible in guess-number graphs. We also observe that research in password modeling can benefit from the extensive literature in statistical language modeling. We conduct a systematic evaluation of a large number of probabilistic password models, including Markov models using different normalization and smoothing methods, and found that, among other things, Markov models, when done correctly, perform significantly better than the Probabilistic Context-Free Grammar model proposed in Weir et al., which has been used as the state-of-the-art password model in recent research.
TL;DR: This work has come up with a pixel pattern based steganography which involved hiding the message within in image by using the existing RGB values whenever possible at pixel level or with minimum changes.
Abstract: One of the drawback of most of the existing steganography methods is that it alters the bits used for storing color information. Some of the examples include LSB or MSB based steganography. There are also various existing methods like Dynamic RGB Intensity Based Steganography Scheme, Secure RGB Image Steganography from Pixel Indicator to Triple Algorithm etc that can be used to find out the steganography method used and break it. Another drawback of the existing methods is that it adds noise to the image which makes the image look dull or grainy making it suspicious for a person about existence of a hidden message within the image. To overcome these shortcomings we have come up with a pixel pattern based steganography which involved hiding the message within in image by using the existing RGB values whenever possible at pixel level or with minimum changes. Along with the image a key will also be used to decrypt the message stored at pixel levels. For further protection, both the message stored as well as the key file will be in encrypted format which can have same or different keys or decryption. Hence we call it as a RGB pixel pattern based steganography.
••10 Nov 2014
TL;DR: Based on the implementation and exhaustive testing of the methods, it was found that they help in proper hiding of messages so that it is not recovered by the intruder during the transfer of data from sender to the receiver.
Abstract: in this work we have implemented and discussed the performance evaluation of Least Significant Bit (LSB) and Least Significant Digit (LSD) on various formats of multimedia data. We have shown the performance variation on different formats for which these two techniques have been applied to hide the messages. Implementation of both the algorithms has been done to explore the security and distortion level in different formats. Based on the implementation and exhaustive testing of the methods on documents, it was found that they help in proper hiding of messages so that it is not recovered by the intruder during the transfer of data from sender to the receiver Keywords— LSB (Least Significant Bit), LSD (Least Significant Digit), Steganography, Data Compression, Encryption, Decryption
05 Feb 2013
TL;DR: Various methods of PVD are discussed and proposed method combines all the features of these methods and a novel steganographic approach based on pixel-value differencing is used.
Abstract: or data) hiding process embeds data into digital media for the purpose of security. In spatial or frequency domain several Steganographic algorithms have been proposed for embedding data in digital images as cover media. These criteria have been used to evaluate the effectiveness of a Steganographic method to measure how it is secure against detection. Other criteria include embedding capacity and invisibility to human eyes. To increase the capacity of the hidden secret information as well as to provide a stego-image imperceptible to human vision, a novel steganographic approach based on pixel-value differencing is used. In this paper various methods of PVD are discussed and proposed method combines all the features of these methods.
TL;DR: This paper presents a hierarchy of network security techniques such as: Secrecy, Authentication, Non-repudiation and Integrity control.
Abstract: The communication technology is very advanced in these days. Digital Communication has become very important to secure the transmission of information between sender and receiver. Security is very important feature for exchange the information because it secures the information from intruders. In this paper we present a hierarchy of network security techniques such as: Secrecy, Authentication, Non-repudiation and Integrity control. There are two popular security mechanisms, namely Cryptography and Steganography. Both are well known and widely used techniques. Cryptography is used for send the data in encrypted form with using the encryption key. Encrypted data is transmitted from insecure public media. In which Decryption algorithm is also used for decrypt the message while using the decryption key. Steganography is used for hiding the data into another cover media.