Abstract
A password-based user-authentication method is inputted from the keyboard, but the safety of the data is no longer ensured due to the theft of keyboard data. For this reason, a novel authentication method emerged whereby both mouse data and screen information are used, and this image-based authentication does not require the keyboard for the input of the password. This important method authenticates users based on the clicked information from the mouse that are within the specific positions of a displayed image. Just like the password-authentication method for which the keyboard is used, the security of the image-based authentication method is also now threatened because the displayed image and the clicked information of the mouse can be exposed; furthermore, the research studies that have assessed these security threats are insufficient. In this paper, the security of the image-based authentication is therefore analyzed according to the screen-capture tools that are easy to obtain from the Internet. The results of this paper can be utilized as a reference to improve the security of the image-based authentication in the future.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Wikipedia, Authentication. https://en.wikipedia.org/wiki/Authentication
Lee, C.-C., Li, L.-H., Hwang, M.-S.: A remote user authentication scheme using hash functions. ACM SIGOPS Oper. Syst. Rev. 36(4), 23–29 (2002)
Wikipedia, Personal identification number. https://en.wikipedia.org/wiki/Personal_identification_number
Liao, I.-E., Lee, C.-C., Hwang, M.-S.: A password authentication scheme over insecure networks. J. Comput. Syst. Sci. 72(4), 727–740 (2006)
Suo, X., Zhu, Y., Owen, G.S.: Graphical passwords: a survey. In: Proceedings of the ACSA (Annual Computer Security Applications Conference), pp. 463–472, December 2005
Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: PassPoints: design and longitudinal evaluation of a graphical password system. J. Hum. Comput. Stud. 63(1), 102–127 (2005)
Wikipedia, Virtual Keyboard. https://en.wikipedia.org/wiki/Virtual_keyboard
Wikipedia, Screen capture. https://en.wikipedia.org/wiki/Screen_capture
Chia, A.Y.-S., Bandara, U., Wang, X., Hirano, H.: Protecting against screenshots: an image processing approach. In: Proceedings of the CVPR (Computer Vision and Pattern Recognition), pp. 1437–1445, June 2015
Bandicamera. https://www.bandisoft.co.kr/bandicamera/
Dr.Capture. http://www.drcapture.com/ko/
PicPick. http://wiziple.tistory.com/
Snagit 12. https://www.techsmith.com/snagit.html
Capsun 6.02. http://www.kbench.com/software/?q=node/49215
ShareX. https://getsharex.com/
Kalmuri. http://kalmuri.kilho.net/
Acknowledgments
This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NRF) that is funded by the Ministry of Education (NRF-2015R1D1A1A01057300).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Oh, I., Lee, Y., Lee, H., Lee, K., Yim, K. (2018). Security Assessment of the Image-Based Authentication Using Screen-Capture Tools. In: Barolli, L., Enokido, T. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2017. Advances in Intelligent Systems and Computing, vol 612. Springer, Cham. https://doi.org/10.1007/978-3-319-61542-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-61542-4_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-61541-7
Online ISBN: 978-3-319-61542-4
eBook Packages: EngineeringEngineering (R0)