Using Combined One-Time Password for Prevention of Phishing Attacks
Αs technologies and communications develop, more sabotaging attacks occur including phishing attacks which jeopardize users' security and critical information like their passwords and credentials. Several solutions have been proposed for existing dangers. One of which is the use of one-time passwords. This issue has remained as a main challenge and requires more extensive research. In this research, we have focused on one-time password combinations and we also have proposed solutions based on behavioral patterns which lead to significant optimizations while tending the simplicity for users. Efficiency of the proposed method has been measured through defining scenarios, modeling and simulations based on a prevention rate index. In addition, complexity coefficient of the proposed method showing the probability of unpredictability of passwords for attackers has been calculated. Ultimately, a descriptive comparison has shown that the proposed method is superior to some of the existing methods.
Keywords:phishing, one-time password, cyber attacks
C. Huang, S. Ma, K. Chen, “Using one-time passwords to prevent password phishing attacks”, Journal of Network and Computer Applications, Vol. 34, No. 4, pp. 1292-1301, 2011 DOI: https://doi.org/10.1016/j.jnca.2011.02.004
M. Mishra, A. J. Gaurav, A. Jain, “Preventive Anti-Phishing Technique using Code word”, International Journal of Computer Science and Information Technologies, Vol. 3, No. 3, pp. 4248-4250, 2012
Y. Huang, Z. Huang, H. Zhao, X. Lai, “A new one-time password method”, IERI Procedia,Vol. 4, pp. 32-37, 2013 DOI: https://doi.org/10.1016/j.ieri.2013.11.006
K. Marimuthu, D. Ganesh Gopal, H. Mehta, A. R. P. Boominathan, “A Novel Way of Integrating Voice Recognition and One Time Passwords to Prevent Password Phishing Attacks”, International Journal of Distributed and Parallel Systems, Vol. 5, No. 4, pp. 11-20, 2014 DOI: https://doi.org/10.5121/ijdps.2014.5402
A. Onashoga, A. Sodiya, A. Afolorunso, “One-Time Server-Specific Password Authentication Scheme”, Journal of Computing and Information Technology, Vol. 20, No. 2, pp. 85-93, 2012 DOI: https://doi.org/10.2498/cit.1001983
P. P. N. G. Phani Kumar, R. John Mathew, “An Advanced Anti Phishing Approach Based On Two-Tier Validation”, International Journal of Research in Computer and Communication Technology, Vol. 3, No. 9, pp. 1015-1017, 2014
B. K. Kushwaha, “An approach for user authentication One Time Password (Numeric and Graphical) Scheme”, Journal of Global Research in Computer Science, Vol. 3, No. 11, pp. 54-57, 2012
J. Hwang, Y. Hsu, G. Liao, “An SMS-Based One-Time-Password Scheme with Client-Side Validation”, Journal of Digital Information Management, Vol. 13, No. 2, pp. 69-75, 2015
H. Sun, K. Sun, Y. Wang, J. Jing, “Trust OTP: Transforming Smartphones into Secure One-Time Password Tokens”, 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 976-988, 2015 DOI: https://doi.org/10.1145/2810103.2813692
D. Mahto, D. K. Yadav, “Security Improvement of One-Time Password Using Crypto-Biometric Model”, 3rd International Conference on Advanced Computing, Networking and Informatics, Vol. 2, pp. 347-353, India, 2015 DOI: https://doi.org/10.1007/978-81-322-2529-4_36
How to Cite
MetricsAbstract Views: 10574
PDF Downloads: 287
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.