International Journal of Fuzzy Logic and Intelligent Systems

Korean Institute of Intelligent Systems (한국지능시스템학회)
권호 표지
DOI QR코드

DOI QR Code

Automatic Fortified Password Generator System Using Special Characters

  • Jeong, Junho (Department of Computer Science and Engineering, Dongguk University) ;
  • Kim, Jung-Sook (Division of IT, Kimpo University)
  • Received : 2015.12.15
  • Accepted : 2015.12.25
  • Published : 2015.12.25
Download PDF
⟨ Previous Next ⟩

Abstract

The developed security scheme for user authentication, which uses both a password and the various devices, is always open by malicious user. In order to solve that problem, a keystroke dynamics is introduced. A person's keystroke has a unique pattern. That allows the use of keystroke dynamics to authenticate users. However, it has a problem to authenticate users because it has an accuracy problem. And many people use passwords, for which most of them use a simple word such as "password" or numbers such as "1234." Despite people already perceive that a simple password is not secure enough, they still use simple password because it is easy to use and to remember. And they have to use a secure password that includes special characters such as "#!($^*$)^". In this paper, we propose the automatic fortified password generator system which uses special characters and keystroke feature. At first, the keystroke feature is measured while user key in the password. After that, the feature of user's keystroke is classified. We measure the longest or the shortest interval time as user's keystroke feature. As that result, it is possible to change a simple password to a secure one simply by adding a special character to it according to the classified feature. This system is effective even when the cyber attacker knows the password.

Keywords

References

  1. R. S. Gaines, W. Lisowski, S. J. Press, and N. Shapiro, "Authentication by keystroke timing: some preliminary results," Rand Corporation, Santa Monica, CA, Report No. RAND-R-2526-NSF, 1980.
  2. M. Obaidat and S. Sadoun, "Verification of a computer user using keystroke dynamics," IEEE Transactions on Systems, Man and Cybernetics, Part B: Cybernetics, vol. 27, no. 2, pp. 262-269, 1997. http://dx.doi.org/10.1109/3477.558812
  3. P. Kang, S. Park, S. Cho, S. S. Hwang, and H. J. Lee, "The effectiveness of artificial rhythms and cues in keystroke dynamics based user authentication," in Proceedings of International Workshop on Intelligence and Security Informatics, Singapore, 2006, pp. 161-162. http://dx.doi.org/10.1007/11734628 22
  4. S. S. Hwang, S. Cho, and S. Park, "Keystroke dynamicsbased authentication for mobile devices," Computers & Security, vol. 28, no. 1, pp. 85-93, 2009. http://dx.doi.org/10.1016/j.cose.2008.10.002
  5. D. Gunetti and C. Picardi, "Keystroke analysis of free text," ACM Transactions on Information and System Security, vol. 8, no. 3, pp. 312-347, 2005. http://dx.doi.org/10.1145/1085126.1085129
  6. F. Monrose and A. D. Rubin, "Keystroke dynamics as a biometric for authentication," Future Generation Computer Systems, vol. 16, no. 4, pp. 351-359, 2000. http://dx.doi.org/10.1016/S0167-739X(99)00059-X
  7. D. Shanmugapriya and G. Padmavathi, "A survey of biometric keystroke dynamics: approaches, security and challenges," International Journal of Computer Science and Information Security, vol. 5, no. 1, pp. 115-119, 2009.
  8. S. Hocquet, J. Y. Ramel, and H. Cardot, "User classification for keystroke dynamics authentication," in Advances in Biometrics, S. W. Lee and S. Z. Li, Eds. Berlin: Springer, 2007, pp. 531-539. http://dx.doi.org/10.1007/978-3-540-74549-5 56
  9. L. C. Araujo, L. H. Sucupira, M. G. Lizarraga, L. L. Ling, and J. B. T. Yabu-Uti, "User authentication through typing biometrics features," IEEE Transactions on Signal Processing, vol. 53, no. 2, pp. 851-855, 2005. http://dx.doi.org/10.1109/TSP.2004.839903
  10. P. Campisi, E. Maiorana, M. Lo Bosco, and A. Neri, "User authentication using keystroke dynamics for cellular phones," IET Signal Processing, vol. 3, no. 4, pp. 333-341, 2009. http://dx.doi.org/10.1049/iet-spr.2008.0171
  11. J. Jeong and J. S. Kim, "Development of the fortified automatic password generator system," Advanced Science and Technology Letters, vol. 58, pp. 63-66, 2014. http://dx.doi.org/10.14257/astl.2014.58.13

Cited by

  1. Comparasion of Password Generator between Coupled Linear Congruential Generator (CLCG) and Linear Congruential Generator (LCG) vol.953, pp.1742-6596, 2018, https://doi.org/10.1088/1742-6596/953/1/012136