Abstract
User authentication is one of the most important security requirements for online financial transactions services to support users on the web. These securityservices should posses features, such as secure tunneling connection, and sniping attackprevention, keylog attack prevention etc. Malicious attackers maycapture user information such as users entered authentication information (ID, Password, card number, bank account number, etc)through keyboard hooking.This paper proposesa keyboard hooking protected password input method using CAPTCHA. The proposed password input method is based on entering the password using mouse click or touch pad on the CAPTCHA image. The mapping of CAPTCHA image pixels is random.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kim, S.J., Kwon, J.O.: Secure Key Exchange Protocols against Leakage of Long-term Private Keys for Financial Security Servers. KIISC Journal 19(3), 119–131 (2009)
Seung, J., Lee, S.-M., Noh, B.-N., Ahn, S.-H.: Extensional End-to-End Encryption Technologies to Enhance User’s Financial Information Security and Considerable Security Issues. KIISC Journal 8(4), 145–154 (2011)
KISA, SecurePass (April 2010), http://news.donga.com/3/all/20100415/27578455/1
Maeng, Y.J., Nyang, D.H., Lee, K.H.: Password Authentication and Transaction Confirmation Method Using Secret Puzzle on Mobile Banking. KIISC Journal 21(1), 187–199 (2011)
Carnegie Mellon University. The Official CAPTCHA Site, http://www.captcha.net/
Kim, S.H., Nyang, D.H., Lee, K.H.: Breaking character-based CAPTCHA using color information. KIISC Journal 19(6) (December 2009)
Mori, G., Malik, J.: Recognizing Objects in Adversarial Clutter: Breaking a Visual CAPTCHA. In: Proc. of the Computer Vision and Pattern Recognition (CVPR) Conference, pp. 134–141. IEEE Computer Society, Los Alamitos (2003)
Prasad, S.: Microsoft Live Hotmail Under Attack by Streamlined Anti-CAPTCHA and Mass-mailing Operations (2008), http://securitylabs.websense.com/content/Blogs/3063.asp
Yan, J., El Ahmad, A.S.: A Low-costAttack on a Microsoft CAPTCHA. In: Proceedings of the 15th ACM Conference of Computer and Communications Security, pp. 543–554 (October 2008)
Prasad, S.: Google’s CAPTCHA busted in recent spammer tactics (2008), http://securitylabs.websense.com/content/Blogs/2919.aspx
Bunbury-Blanchette, E.: An image-based CAPTCHA that Exploits the difficulties in Computer Vision (April 2010)
Bongo CAPTCHA, http://www.captcha.net/captchas/bongo/
PIX CAPTCHA, http://www.captcha.net/captchas/pix/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Park, BS., Choudhury, A.J., Lee, YS., Kim, TY., Lee, HJ. (2011). An Efficient Password Authentication Method Using CAPTCHA. In: Lee, G., Howard, D., Ślęzak, D. (eds) Convergence and Hybrid Information Technology. ICHIT 2011. Lecture Notes in Computer Science, vol 6935. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24082-9_56
Download citation
DOI: https://doi.org/10.1007/978-3-642-24082-9_56
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24081-2
Online ISBN: 978-3-642-24082-9
eBook Packages: Computer ScienceComputer Science (R0)