Title: HoneyString: an improved methodology over tag digit-based honeypot to detect shoulder surfing attack

Authors: Nilesh Chakraborty; Samrat Mondal

Addresses: Department of Computer Science and Engineering, Indian Institute of Technology Patna, Patna, Bihar, India ' Department of Computer Science and Engineering, Indian Institute of Technology Patna, Patna, Bihar, India

Abstract: Shoulder surfing attack is often a matter of concern if one is using a public computer system to submit her login credentials. Many methodologies have been proposed by the researchers to prevent such attack. Most of the schemes require high cognitive skills from user end and due to that these schemes are less implementable in real life scenario. So instead of prevention, we work on developing detection of shoulder surfing attack as the detection scheme requires less cognitive overhead than prevention schemes. In this paper, we have proposed a detection mechanism termed as HoneyString which overcomes the limitation of previously proposed tag digit-based scheme. HoneyString provides robust security against DoS attack which was a limitation in the previously proposed scheme. A comparative analysis shows that the proposed scheme has higher detection rate and requires less login time than the existing scheme.

Keywords: authentication; passwords; partially observable; trust management; shoulder surfing attacks; honeyWord; security; tag digit-based honeypot; attack detection; DoS attacks; denial of service.

DOI: 10.1504/IJTMCC.2015.076952

International Journal of Trust Management in Computing and Communications, 2015 Vol.3 No.2, pp.93 - 114

Received: 06 Jan 2015
Accepted: 14 Jun 2015

Published online: 08 Jun 2016 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article