Citation
Mohd Ariffin, Noor Afiza
(2017)
A multi-factor authentication scheme using attack recognition and key generator technique.
Doctoral thesis, Universiti Putra Malaysia.
Abstract
In today’s world, security plays an important role in many authentication applications. Modern era information sharing is boundless and becoming much easier to access with the introduction of the Internet and the World Wide Web. Although this can be considered as a good point, issues such as privacy and data integrity arise due to the lack of control and authority. For this reason the concept of data security was introduced. Data security can be categorized into two which are secrecy and authentication. This research in particular was focused on the authentication of data security.
One popular scheme used for authentication security is the implementation of multi-factor authentication (MFA). There have been several researches which discusses on multi-factor authentication scheme but most of these research do not entirely protect data against all types of attacks. Furthermore, most current research only focuses on improving the security part of authentication while neglecting other important parts such as the systems accuracy and efficiency. Accuracy is based on how perfect is the system able to identify a genuine user or an intruder. Efficiency is based on the processing time of the overall authentication system. Current multifactor authentication schemes were simply not designed to have security, accuracy and efficiency as their main focus.
To overcome the above issue, this research will propose a new multi-factor authentication scheme which is capable to withstand external attacks which are known security vulnerabilities and user attacks which are based on user behavior. On the other hand, the proposed scheme still needs to maintain an optimum level of accuracy and efficiency.
This framework consists of the task to design, implement and perform vulnerability assessment on the proposed multi-factor authentication scheme. In the design phase, the factors of authentication is identified and also clasified accordingly. Basically, all the factors that are used in the proposed research which are username, password, face and fingerprint were selected based on its simplicity, applicability, and cost effectiveness. The factors chosen are still widely used in various applications such as security systems, surveillance systems, and general identity verification systems. The research then continues to the implementation stage which uses Microsoft Visual Studio 2013 as the platform and C# as the programming language. Once the scheme is done, comes the final vulnerability assessment stage which is to evaluate the security level of the proposed scheme. In this stage a vulnerabilities assessment (VA) test was conducted on the proposed scheme with the use of some well-known attacks. Another experiment was then conducted to measure the accuracy and efficiency of the proposed multi-factor authentication scheme. All the results was then compared with previous researches.
From the result of the experiments, the proposed scheme was proven to be able to withstand the attacks. This is due to the implementation of the attack recognition and key generator technique together with the use of multi-factor in the proposed scheme. Furthermore, the experiment on accuracy showed the proposed scheme having a score of 96% accuracy which is more than the score of the other 2 previous schemes. For efficiency the proposed scheme had an average speed processing time 15 seconds which is the lowest among all the compared schemes. This shows that the proposed scheme provides a strong authentication scheme, which ensures security, while still maintaining good accuracy and efficiency.
Finally, the proposed research is suitable to implement in high-security places such as the government sector, financial institutions or health institutions. It largely motivated by improving traditional authentication through the additional layers of security in authentication. These can be used to overcome some of the limitations faced by existing authentications.
Download File
Additional Metadata
Actions (login required)
|
View Item |