scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Protecting a sensitive dataset using a time based password in big data

01 Jul 2017-pp 871-879
TL;DR: A new password generating technique is proposed based on time, which can be used to protect a sensitive dataset in big data by using time as a part of the password, generated by using the shift-key to increase the possible combinations for the password.
Abstract: In this paper, a new password generating technique is proposed based on time, which can be used to protect a sensitive dataset in big data. Specifically, the proposed approach mitigates attacks and threats by using time as a part of the password, generated by using the shift-key. The aim is to increase the possible combinations for the password, thereby improving security when compared to traditional measures. First, a survey was carried out to determine the appropriate settings for the new password system. A mathematical model is built and the Password Quality Indicator (PQI) used to compare the outcomes generated by the model with those from the traditional password method. The difference percentage equation was employed to compare the new password technique is better than the traditional method. The results show that the former is better than the latter by 192 % when C=93 and the length of password is 4, whilst this improvement is up to 200% when the length is 15.
Citations
More filters
Journal ArticleDOI
01 Feb 2021
TL;DR: The proposed technique allows the user to keep the ease-of-use in the mouse motion, while minimizing the risk of password guessing, in a new password generation technique on the basis of mouse motion and a special case location recognized by the number of clicks.
Abstract: This paper proposes a new password generation technique on the basis of mouse motion and a special case location recognized by the number of clicks to protect sensitive data for different companies. Two, three special locations click points for the users has been proposed to increase password complexity. Unlike other currently available random password generators, the path and number of clicks will be added by admin, and authorized users have to be training on it. This method aims to increase combinations for the graphical password generation using mouse motion for a limited number of users. A mathematical model is developed to calculate the performance of the password. The proposed technique in this paper allows the user to keep the ease-of-use in the mouse motion, while minimizing the risk of password guessing. A comparative evaluation has been conducted against a traditional password. The results show that the proposed approach improves the complexity 200% for fix position technique and two variants technique but more than 200% for three variants technique.

3 citations


Cites background from "Protecting a sensitive dataset usin..."

  • ...Point in every position=10L For a standard password with effective length L and total points available G , we have G = 10[23] (5)...

    [...]

  • ...To assess the effectiveness of a new password of this type: ∆L = L∗−L[23] (4)...

    [...]

  • ...In order to have the same number of password candidates in default password format with a Possible Password Candidates path (PPCP) of 10, We have to figure out the length L of the password candidates: C m = 10[23] (2)...

    [...]

  • ...Mathematical model To measure the quality of the passwords, a mathematical model has been developed [23] to calculate the complexity of the mouse path (behaviour)....

    [...]

Journal ArticleDOI
01 Nov 2022-Sensors
TL;DR: In this article , the authors proposed an algorithm for encrypting images based on the Carlisle Adams and Stafford Tavares CAST block cipher algorithm with 3D and 2D logistic maps.
Abstract: Background and Aim: due to the rapid growth of data communication and multimedia system applications, security becomes a critical issue in the communication and storage of images. This study aims to improve encryption and decryption for various types of images by decreasing time consumption and strengthening security. Methodology: An algorithm is proposed for encrypting images based on the Carlisle Adams and Stafford Tavares CAST block cipher algorithm with 3D and 2D logistic maps. A chaotic function that increases the randomness in the encrypted data and images, thereby breaking the relation sequence through the encryption procedure, is introduced. The time is decreased by using three secure and private S-Boxes rather than using six S-Boxes, as in the traditional method. Moreover, the CAST encryption algorithm was modified to be used on the private keys and substitution stage (S-Boxes), with the keys and S-Boxes of the encryption algorithm being generated according to the 2D and 3D chaotic map functions. The proposed system passed all evaluation criteria, including (MSE, PSNR, EQ, MD, SC, NC, AD, SNR, SIM, MAE, Time, CC, Entropy, and histograms). Results: Moreover, the results also illustrate that the created S-Boxes passed all evaluation criteria; compared with the results of the traditional method that was used in creating S-Box, the proposed method achieved better results than other methods used in the other works. The proposed solution improves the entropy which is between (7.991–7.999), reduces the processing time which is between (0.5–11 s/Images), and improves NCPR, which is between (0.991–1). Conclusions: The proposed solution focuses on reducing the total processing time for encryption and decryption and improving transmission security. Finally, this solution provides a fast security system for surgical telepresence with secure real-time communication. The complexity of this work needs to know the S-Box creation method used, the chaotic method, the values of the chaotic parameters, and which of these methods was used in the encryption process.

1 citations

Journal ArticleDOI
TL;DR: In this article, the authors proposed SDN SDN, which is a framework for SDN-based SDN applications in the context of the SDN project and is based on the concept of SFSA.
Abstract: لضمان الإستجابة للخطأ والإدارة الموزعة، يتم استخدام البروتوكولات الموزعة كأحد المفاهيم المعمارية الرئيسية التي تتضمنها شبكة الإنترنت. ومع ذلك، يمكن التغلب على عدم الكفاءة وعدم الاستقرار والقصور بمساعدة بنية الشبكات الجديدة التي تسمى الشبكات المعرفة بالبرمجيات SDN. الخاصية الرئيسية لهذه المعمارية هي فصل مستوى التحكم عن مستوى البيانات. إن تقليل التصادم سيؤدي إلى تحسين سرعة الإستجابة وزيادة البيانات المرسلة بصورة صحيحة، لهذا السبب يجب أن يكون هناك توزيع متجانس للحمل المروري عبر مسارات الشبكة المختلفة. تقدم هذه الورقة البحثية أداة توجيه ذكية SFSA لتوجيه تدفق البيانات بناءا على ظروف الشبكة الحالية. لتحسين الإنتاجية وتقليل زمن الوصول، فإن الخوارزمية المقترحة SFSA تقوم بتوزيع حركة مرور البيانات داخل الشبكة على مسارات مناسبة ، بالإضافة إلى الإشراف على الإرتباطات التشعبية وحمل مسارات نقل البيانات. تم استخدام سيناريو خوارزمية توجيه شجرة الامتداد الدنياMST وأخرى مع خوارزمية التوجيه المعروفة بفتح أقصر مسار أولا OSPF لتقييم جودة الخوارمية المقترحة SFSA . على سبيل المقارنة ، بالنسبة لخوارزميات التوجيه المذكروة آنفا ، فقد حققت استراتيجيةSFSA المقترحة انخفاضا بنسبة 2٪ في معدل ضياع حزم البيانات PDR ، وبنسبة تتراوح بين 15-45٪ في سرعة إستلام البيانات من المصدر إلى الالوجهة النهائية لحزمة البيانات وكذلك انخفاض بنسبة 23 ٪ في زمن رحلة ذهاب وعودة RTT . تم استخدام محاكي Mininet ووحدة التحكم POX لإجراء المحاكاة. ميزة أخرى من SFSA على MST و OSPF هي أن وقت التنفيذ والاسترداد لا يحمل تقلبات. يتقوم أداة التوجيه الذكية المقترحة في هذه الورقة البحثية من فتح أفقا جديدا لنشر أدوات ذكية جديدة في شبكة SDN تعزز قابلية برمجة الشبكات وإدارتها .
References
More filters
Journal ArticleDOI
TL;DR: The definition, characteristics, and classification of big data along with some discussions on cloud computing are introduced, and research challenges are investigated, with focus on scalability, availability, data integrity, data transformation, data quality, data heterogeneity, privacy, legal and regulatory issues, and governance.

2,141 citations


"Protecting a sensitive dataset usin..." refers background in this paper

  • ...These big data have three characteristics: (a) they are come in a variety of formats, (b) they cannot be classified as relational databases, and (c) they are created, caught and handled quickly[3, 4]....

    [...]

Proceedings ArticleDOI
01 Sep 2010
TL;DR: The calculation of password entropy is discussed and explained and why it is an inadequate indicator of password quality, and a password quality assessment scheme is established: password quality indicator (PQI).
Abstract: Passwords are the first line of defense for many computerized systems. The quality of these passwords decides the security strength of these systems. Many studies advocate using password entropy as an indicator for password quality where lower entropy suggests a weaker or less secure password. However, a closer examination of this literature shows that password entropy is very loosely defined. In this paper, we first discuss the calculation of password entropy and explain why it is an inadequate indicator of password quality. We then establish a password quality assessment scheme: password quality indicator (PQI). The PQI of a password is a pair (D, L), where D is the Levenshtein's editing distance of the password in relation to a dictionary of words and common mnemonics, and L is the effective password length. Finally, we propose to use PQI to prescribe the characteristics of good quality passwords.

62 citations


"Protecting a sensitive dataset usin..." refers background or methods in this paper

  • ...Regarding which, the Password Quality Indicator (PQI) is used to measure how long it takes to find the correct match [18]....

    [...]

  • ...D>=3 means that the password is at least 3 characters different from base dictionary words, and L>=14 means that there are at least 1014 possible candidates to be tried to crack the password [18]....

    [...]

Proceedings ArticleDOI
01 Nov 2013
TL;DR: This paper aims to give a brief overview of the field of biometrics and summarize various biometric authentication techniques including its strengths and limitations.
Abstract: Biometric authentication refers to the automatic identification of a person by analyzing their physiological and/or behavioral characteristics or traits. Since many physiological and behavioral characteristics are unique to an individual, biometrics provides a more reliable system of authentication than ID cards, keys, passwords, or other traditional systems. A wide variety of organizations are using automated person authentication systems to improve customer satisfaction, operating efficiency as well as to secure critical resources. Now a day an increasing number of countries including India have decided to adopt biometric systems for national security and identity theft prevention, which makes biometrics an important component in security-related applications such as: logical and physical access control, forensic investigation, IT security, identity fraud protection, and terrorist prevention or detection. Various biometric authentication techniques are available for identifying an individual by measuring fingerprint, hand, face, signature, voice or a combination of these traits. New biometric algorithms and technologies are proposed, tested, reviewed, and implemented every year. This paper aims to give a brief overview of the field of biometrics and summarize various biometric authentication techniques including its strengths and limitations.

49 citations


"Protecting a sensitive dataset usin..." refers background in this paper

  • ...Recently, one focus regarding authentication has been biometrics, but researchers have yet to overcome the difficulty of constructing systems that can apply to many different individual appliances and moreover, people’s biometric characteristics change with age [7]....

    [...]

Journal ArticleDOI
01 Aug 2015
TL;DR: This work proposes an enhanced authentication scheme, which reduces the computation overhead and satisfies all desirable security attributes, while retaining the original merits of Jiang et?al.'s scheme.
Abstract: Authentication schemes present a user-friendly and scalable mechanism to establish the secure and authorized communication between the remote entities over the insecure public network. Later, several authentication schemes have proposed in the literature. However, most of the existing schemes do not satisfy the desirable attributes, such as resistance against known attacks and user anonymity. In 2012, Chen et?al. designed a robust authentication scheme to erase the weaknesses of Sood et?al.'s scheme. In 2013, Jiang et?al. showed that Chen et?al.'s scheme is vulnerable to password guessing attack. Furthermore, Jiang et?al. presented an efficient solution to overcome the shortcoming of Chen et?al.'s scheme. We demonstrate that Jiang et?al.'s scheme does not withstand insider attack, on-line and off-line password guessing attacks, and user impersonation attack. Their scheme also fails to provide user's anonymity. To overcome these drawbacks, we aim to propose an enhanced scheme, which reduces the computation overhead and satisfies all desirable security attributes, while retaining the original merits of Jiang et?al.'s scheme. The proposed scheme is also comparable in terms of the communication and computational overheads with Jiang et?al.'s scheme and other existing schemes. Furthermore, we simulate the enhanced scheme for the formal security analysis utilizing the widely-accepted AVISPA tool and show that the proposed scheme is resistant against active and passive attacks.

40 citations


"Protecting a sensitive dataset usin..." refers background in this paper

  • ...Furthermore, some user behaviour, such as making their passwords too simple or installing dodgy software, makes it easier for attackers to steal passwords [6]....

    [...]

01 Jan 2014
TL;DR: This paper enables you to shield your web applications from various attacks on authentication and propose various countermeasures for mitigating attacks.
Abstract: Web applications are not capable of many security attacks. Many attacks needed only minimum effort. In this paper, we analyze different possible attacks on authentication aspects of security and propose various countermeasures for mitigating attacks. This paper enables you to shield your web applications from various attacks on authentication. Different types of authentication mechanisms have also been suggested for different types of attacks.

38 citations


"Protecting a sensitive dataset usin..." refers background in this paper

  • ...The attacker makes a dictionary of these words that grows day by day and then uses them to break the password [15]....

    [...]

  • ...It can also be applied to crack encrypted passwords wherever they are saved in the form of encrypted text [15]....

    [...]