Accesso libero

A Scrutiny of Honeyword Generation Methods: Remarks on Strengths and Weaknesses Points

Yasser A. Yasser
Yasser A. Yasser
, 
Ahmed T. Sadiq
Ahmed T. Sadiq
 e 
Wasim AlHamdani
Wasim AlHamdani
   | 23 giu 2022
Cybernetics and Information Technologies's Cover Image
INFORMAZIONI SU QUESTO ARTICOLO
Articolo precedente
Articolo Successivo
Cita
Pubblicato online: 23 giu 2022
Pagine: 3 - 25
Ricevuto: 25 gen 2022
Accettato: 25 feb 2022
DOI: https://doi.org/10.2478/cait-2022-0013
Parole chiave
© 2022 Yasser A. Yasser et al., published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

1. Mohammed, A. A., A. K. Abdul-Hassan, B. S. Mahdi. Authentication System Based on Hand Writing Recognition. – In: Proc. of 2nd Scientific Conference of Computer Sciences (SCCS’19), March 2019, pp. 138-142. DOI: 10.1109/SCCS.2019.8852594. Open DOISearch in Google Scholar

2. Mukthineni, V., R. Mukthineni, O. Sharma, S. J. Narayanan. Face Authenticated Hand Gesture Based Human Computer Interaction for Desktops. – Cybernetics and Information Technologies, Vol. 20, 2020, No 4, pp. 74-89.10.2478/cait-2020-0048 Search in Google Scholar

3. Ahmed Tariq Sadiq, A. A. A., Sura Ali. Attacking Classical Cryptography Method Using Pso Based on Variable Neighborhood Search. – International Journal of Computer Engineering & Technology (IJCET), 2014. https://www.iaeme.com/ijcet.asp Search in Google Scholar

4. Qasaimeh, M., R. S. Al-qassas, S. Aljawarneh. Recent Development in Smart Grid Authentication Approaches : A Systematic Literature Review. – Cybernetics and Information Technologies, Vol. 19, 2019, No 1, pp. 27-52.10.2478/cait-2019-0002 Search in Google Scholar

5. Alaa Kadhim, F., H. I. Mhaibes. A New Initial Authentication Scheme for Kerberos 5 Based on Biometric Data and Virtual Password. – In: Proc. of International Conference on Advanced Science and Engineering (ICOASE’18), 2018, pp. 280-285. DOI: 10.1109/ICOASE.2018.8548852. Open DOISearch in Google Scholar

6. Sadiq, A. T., L. Ali. Attacking Transposition Cipher Using Improved Cuckoo Search. – Journal of Advanced Computer Science and Technology Research, Vol. 4, 2014, No 1, pp. 22-32. http://www.sign-ific-ance.co.uk/index.php/JACSTR/article/view/385 Search in Google Scholar

7. Chaudhari, S., R. Aparna, A. Rane. A Survey on Proxy Re-Signature Schemes for Translating One Type of Signature to Another. – Cybernetics and Information Technologies, Vol. 21, 2021, No 3, pp. 24-49.10.2478/cait-2021-0028 Search in Google Scholar

8. Abed, T. M., H. B. Abdul-Wahab. Anti-Phishing System Using Intelligent Techniques. – In: Proc. of 2nd Scientific Conference of Computer Sciences (SCCS’19), March 2019, pp. 44-50. DOI: 10.1109/SCCS.2019.8852601. Open DOISearch in Google Scholar

9. Genç, Z. A., S. Kardaş, M. S. Kiraz. Examination of a New Defense Mechanism: Honeywords. –Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 10741. G. P. Hancke, E. Damiani, Eds. Cham, Springer International Publishing, 2018, pp. 130-139.10.1007/978-3-319-93524-9_8 Search in Google Scholar

10. Kute, S., V. Thite, S. Chopade. Achieving Security using Honeyword. – Int. J. Comput. Appl., Vol. 180, Jun 2018, No 49, pp. 43-47. DOI: 10.5120/ijca2018917333. Open DOISearch in Google Scholar

11. Win, T., K. S. M. Moe. Protecting Private Data Using Improved Honey Encryption and Honeywords Generation Algorithm. – Adv. Sci. Technol. Eng. Syst., Vol. 3, 2018, No 5, pp. 311-320. DOI: 10.25046/aj030537. Open DOISearch in Google Scholar

12. Chakraborty, N., S. Mondal. Towards Improving Storage Cost and Security Features of Honeyword Based Approaches. – Procedia Comput. Sci., Vol. 93, 2016, No September, pp. 799-807. DOI: 10.1016/j.procs.2016.07.298. Open DOISearch in Google Scholar

13. Kusuma, A. B., Y. R. Pramadi. Implementation of Honeywords as a Codeigniter Library for a Solution to Password-Cracking Detection. – In: Proc. of IOP Conf. Ser. Mater. Sci. Eng., Vol. 508, May 2019, No 1, 012134. DOI: 10.1088/1757-899X/508/1/012134. Open DOISearch in Google Scholar

14. Juels, A., R. L. Rivest. Honeywords: Making Password-Cracking Detectable. – In: Proc. of 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS’13), 2013, No October 2015, pp. 145-160. DOI: 10.1145/2508859.2516671. Open DOISearch in Google Scholar

15. Erguler, I. Some Remarks on Honeyword Based Password-Cracking Detection. – IACR Cryptol. ePrint Arch., Vol. 2014, 2014, 323. https://eprint.iacr.org/2014/323.pdf Search in Google Scholar

16. Thakur, P. V. Honeywords: The New Approach for Password Security. – Int. J. Res. Appl. Sci. Eng. Technol., Vol. 7, April 2019, No 4, pp. 2449-2450. DOI: 10.22214/ijraset.2019.4446. Open DOISearch in Google Scholar

17. Ghare, H. Securing System Using Honeyword and MAC Address. – Int. J. Res. Appl. Sci. Eng. Technol., Vol. 7, May 2019, No 5, pp. 2685-2689. DOI: 10.22214/ijraset.2019.5446. Open DOISearch in Google Scholar

18. Wang, R., H. Chen, J. Sun. Phoney: Protecting Password Hashes with Threshold Cryptology and Honeywords. – Int. J. Embed. Syst., Vol. 8, 2016, No 2-3, pp. 146-154. DOI: 10.1504/IJES.2016.076108. Open DOISearch in Google Scholar

19. Palaniappan, S., V. Parthipan, S. Stewart Kirubakaran, R. Johnson. Secure User Authentication Using Honeywords. – Lecture Notes on Data Engineering and Communications Technologies, Vol. 31, 2020, pp. 896-903.10.1007/978-3-030-24643-3_105 Search in Google Scholar

20. Suryawanshi, B. D., P. B. Tayade, A. V. Patil, J. B. Patil, D. V. Rajput. Enhancing the Security Using Honeywords. – IJIRCT1601039 Int. J. Innov. Res. Creat. Technol., Vol. 208, 2017, No 6, pp. 208-211. www.ijirct.org Search in Google Scholar

21. Guo, Y., Z. Zhang, Y. Guo. Superword: A Honeyword System for Achieving Higher Security Goals. – Comput. Secur., Vol. 103, April 2021, 101689. DOI: 10.1016/j.cose.2019.101689. Open DOISearch in Google Scholar

22. Lanjulkar Pritee, I. V., I. Rupali, L. Arti. Honeywords : A New Approach for Enhancing Security. – Int. Res. J. Eng. Technol., Vol. 06, 2019, No 03, pp. 1360-1363. https://www.irjet.net/archives/V6/i3/IRJET-V6I3256.pdf Search in Google Scholar

23. Sivaji, N., K. S. Yuvaraj. Improving Usability of Password Management with Storage Optimized Honeyword Generation. – Int. J. Sci. Res. Sci. Technol., Vol. 4, 2018, No 5, pp. 55-60. DOI: 10.32628/IJSRST184531. Open DOISearch in Google Scholar

24. Pagar, V. R., R. G. Pise. Strengthening Password Security through Honeyword and Honeyencryption Technique. – In: Proc. of Int. Conf. Trends Electron. Informatics, ICEI 2017, Vol. 2018-January, 2018, pp. 827-831. DOI: 10.1109/ICOEI.2017.8300819. Open DOISearch in Google Scholar

25. H. R. B. B. S. J. Web Application: (with) HoneyWords and HoneyEncryption. – Int. J. Sci. Res., Vol. 4, 2015, No 2, pp. 2313-2316. https://www.ijsr.net/archive/v4i2/SUB151773.pdf Search in Google Scholar

26. Genç, Z. A., G. Lenzini, P. Y. A. Ryan, I. Vazquez Sandoval. A Critical Security Analysis of the Password-Based Authentication Honeywords System Under Code-Corruption Attack. –Communications in Computer and Information Science, Vol. 977, 2019, pp. 125-151.10.1007/978-3-030-25109-3_7 Search in Google Scholar

27. Brindtha, J., K. R. Hithaeishini, R. Komala, G. Abirami, U. Arul. Identification and Detecting of Attacker in a Purchase Portal Using Honeywords. – In: Proc. of 3rd IEEE Int. Conf. Sci. Technol. Eng. Manag. (ICONSTEM’17), Vol. 2018-January, 2017, pp. 389-393. DOI: 10.1109/ICONSTEM.2017.8261414. Open DOISearch in Google Scholar

28. Bamane, S. Achieving Flatness Using Honeywords Generation Algorithm. – Int. J. Res. Appl. Sci. Eng. Technol., Vol. 7, May 2019, No 5, pp. 3491-3496. DOI: 10.22214/ijraset.2019.5572. Open DOISearch in Google Scholar

29. Catuogno, L., A. Castiglione, F. Palmieri. A Honeypot System with Honeyword-Driven Fake Interactive Sessions. – In: Proc. of Int. Conf. High Perform. Comput. Simulation (HPCS’15), 2015, pp. 187-194. DOI: 10.1109/HPCSim.2015.7237039. Open DOISearch in Google Scholar

30. Fauzi, M. A., B. Yang, E. Martiri. Password Guessing-Based Legacy-UI Honeywords Generation Strategies for Achieving Flatness. – In: Proc. of 44th IEEE Annu. Comput. Software, Appl. Conf. (COMPSAC’20), 2020, pp. 1610-1615. DOI: 10.1109/COMPSAC48688.2020.00-25. Open DOISearch in Google Scholar

31. Gadgil, M. A. A. Enhancing Security in User Authentication through Honeyword. – Int. J. Sci. Res. Manag., Vol. 4, Jun 2016, No 6, pp. 4347-4350. DOI: 10.18535/ijsrm/v4i6.17. Open DOISearch in Google Scholar

32. Nathezhtha, T., V. Vaidehi. Honeyword with Salt-Chlorine Generator to Enhance Security of Cloud User Credentials. – Commun. Comput. Inf. Sci., Vol. 746, 2017, pp. 159-169. DOI: 10.1007/978-981-10-6898-0_13. Open DOISearch in Google Scholar

33. Moe, K. S. M., T. Win. Improved Hashing and Honey-Based Stronger Password Prevention against Brute Force Attack. – In: Proc. of International Symposium on Electronics and Smart Devices (ISESD’17), Vol. 2018-January, October 2017, pp. 1-5. DOI: 10.1109/ISESD.2017.8253295. Open DOISearch in Google Scholar

34. Shamini, P. B., E. Dhivya, S. Jayasree, M. P. Lakshmi. Detection and Avoidance of Attacker Using Honey Words in Purchase Portal. – In: Proc. of 3rd International Conference on Science Technology Engineering & Management (ICONSTEM’17), Vol. 2018-January, March 2017, pp. 260-263. DOI: 10.1109/ICONSTEM.2017.8261290. Open DOISearch in Google Scholar

35. Wang, D., H. Cheng, P. Wang, J. Yan, X. Huang. A Security Analysis of Honeywords. – In: Proc. of NDSS-Symposium, 2018, No February. DOI: 10.14722/ndss.2018.12345. https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_02B-2_Wang_paper.pdf Open DOISearch in Google Scholar

36. Karthik, A., M. D. Kamalesh. Rat Trap: Inviting, Detection & Identification of Attacker Using Honey Words in Purchase Portal. – In: Proc. of 3rd International Conference on Science Technology Engineering & Management (ICONSTEM’17), Vol. 2018-January, March 2017, pp. 130-132. DOI: 10.1109/ICONSTEM.2017.8261268. Open DOISearch in Google Scholar

37. Juels, A. A Bodyguard of Lies. – In: Proc. of 19th ACM Symposium on Access Control Models and Technologies (SACMAT’14), 2014, pp. 1-4. DOI: 10.1145/2613087.2613088. Open DOISearch in Google Scholar

38. Shinde, P. D., S. H. Patil. Secured Password Using Honeyword Encryption. – Iioab J., Vol. 9, 2018, No 2, SI, pp. 78-82. https://www.iioab.org/IIOABJ_9.2_78-82.pdf Search in Google Scholar

39. Genç, Z. A., G. Lenzini, P. Y. A. Ryan, I. V. Sandoval. A Security Analysis, and a Fix, of a Code-Corrupted Honeywords System. – In: Proc. of 4th International Conference on Information Systems Security and Privacy, Vol. 2018-January, 2018, No Icissp, pp. 83-95. DOI: 10.5220/0006609100830095. Open DOISearch in Google Scholar

40. Zhang, Y., F. Monrose, M. K. Reiter. The Security of Modern Password Expiration. – In: Proc. of 17th ACM Conference on Computer and Communications Security (CCS’10), 2010, 176. DOI: 10.1145/1866307.1866328. Open DOISearch in Google Scholar

41. Weir, M., S. Aggarwal, B. De Medeiros, B. Glodek. Password Cracking Using Probabilistic Context-Free Grammars. – In: Proc. of IEEE Symposium on Security and Privacy, May 2009, pp. 391-405. DOI: 10.1109/SP.2009.8. Open DOISearch in Google Scholar

42. Bojinov, H., E. Bursztein, X. Boyen, D. Boneh. Kamouflage: Loss-Resistant Password Management,” – Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 6345 LNCS, 2010, pp. 286-302.10.1007/978-3-642-15497-3_18 Search in Google Scholar

43. Erguler, I. Achieving Flatness: Selecting the Honeywords from Existing User Passwords. – IEEE Trans. Dependable Secur. Comput., Vol. 13, March 2015, No 2, pp. 284-295. DOI: 10.1109/TDSC.2015.2406707. Open DOISearch in Google Scholar

44. Chakraborty, N., S. Mondal. Few Notes towards Making Honeyword System More Secure and Usable. – In: Proc. of Int. ACM Conf. Ser., Vol. 08-10-September, 2015, No September 2015. DOI: 10.1145/2799979.2799992. Open DOISearch in Google Scholar

45. Akshaya, K., S. Dhanabal. Achieving Flatness from Non-Realistic Honeywords. – In: Proc. of International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS’17), March 2017, pp. 1-3. DOI: 10.1109/ICIIECS.2017.8276120. Open DOISearch in Google Scholar

46. Chakraborty, N., S. Mondal. On Designing a Modified-UI Based Honeyword Generation Approach for Overcoming the Existing Limitations. – Comput. Secur., Vol. 66, 2017, pp. 155-168. DOI: 10.1016/j.cose.2017.01.011. Open DOISearch in Google Scholar

47. Chor, A., A. Gawali, A. Mohite, M. Tanpure, P. S. P. B., P. T. P. B. Improving Security Using Honeyword for Online Banking Authentication System. – IJARCCE, Vol. 6, March 2017, No 3, pp. 976-978. DOI: 10.17148/IJARCCE.2017.63226. Open DOISearch in Google Scholar

48. Akshima, A., D. Chang, A. Goel, S. Mishra, S. K. Sanadhya. Generation of Secure and Reliable Honeywords, Preventing False Detection. – In: IEEE Trans. Dependable Secur. Comput. Vol. 5971. No c. 2018, pp. 1-13. DOI: 10.1109/TDSC.2018.2824323. Open DOISearch in Google Scholar

49. Chakraborty, N., S. Singh, S. Mondal. On Designing a Questionnaire Based Honeyword Generation Approach for Achieving Flatness. – In: Proc. of 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE’18), August 2018, pp. 444-455. DOI: 10.1109/TrustCom/BigDataSE.2018.00071. Open DOISearch in Google Scholar

50. Akif, O. Z., A. F. Sabeeh, G. J. Rodgers, H. S. Al-Raweshidy. Achieving Flatness: Honeywords Generation Method for Passwords Based on User Behaviours. – Int. J. Adv. Comput. Sci. Appl., Vol. 10, 2019, No 3, pp. 28-37. DOI: 10.14569/IJACSA.2019.0100305. Open DOISearch in Google Scholar

51. Fauzi, M. A., B. Yang, E. Martiri. PassGAN Based Honeywords System for Machine-Generated Passwords Database. – In: Proc. of 6th IEEE Intl. Conf. Big Data Secur. Cloud, BigDataSecurity 2020, 2020 IEEE Intl. Conf. High Perform. Smart Comput. HPSC 2020 2020 IEEE Intl Conf. Intell. Data Secur. IDS 2020, pp. 214-220, 2020. DOI: 10.1109/BigDataSecurity-HPSC-IDS49724.2020.00046. Open DOISearch in Google Scholar

52. Hitaj, B., P. Gasti, G. Ateniese, F. Perez-Cruz. PassGAN: A Deep Learning Approach for Password Guessing. – Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 11464 LNCS, 2019, pp. 217-237. DOI: 10.1007/978-3-030-21568-2_11. Open DOISearch in Google Scholar

53. Goodfellow, I. et al. Generative Adversarial Networks. – Communications of the ACM, Vol. 63, 2020, No 11. pp. 139-144. DOI: 10.1145/3422622. Open DOISearch in Google Scholar

54. Gulrajani, I., F. Ahmed, M. Arjovsky, V. Dumoulin, A. Courville. Improved Training of Wasserstein GANs. – Advances in Neural Information Processing Systems, Vol. 2017-December, 2017, pp. 5768-5778. Search in Google Scholar

55. Qi, P., W. Zhou, J. Han. A Method for Stochastic L-BFGS Optimization. – In: Proc. of 2nd IEEE International Conference on Cloud Computing and Big Data Analysis (ICCCBDA’17), 2017, pp. 156-160. DOI: 10.1109/ICCCBDA.2017.7951902. Open DOISearch in Google Scholar

eISSN:
1314-4081
Lingua:
Inglese
Frequenza di pubblicazione:
4 volte all'anno
Argomenti della rivista:
Computer Sciences, Information Technology
Feed RSS della rivista