Using Combined One-Time Password for Prevention of Phishing Attacks

S. Nasiri, M. Tahghighi Sharabian, M. Aajami

Abstract


Αs technologies and communications develop, more sabotaging attacks occur including phishing attacks which jeopardize users' security and critical information like their passwords and credentials. Several solutions have been proposed for existing dangers. One of which is the use of one-time passwords. This issue has remained as a main challenge and requires more extensive research. In this research, we have focused on one-time password combinations and we also have proposed solutions based on behavioral patterns which lead to significant optimizations while tending the simplicity for users. Efficiency of the proposed method has been measured through defining scenarios, modeling and simulations based on a prevention rate index. In addition, complexity coefficient of the proposed method showing the probability of unpredictability of passwords for attackers has been calculated. Ultimately, a descriptive comparison has shown that the proposed method is superior to some of the existing methods.


Keywords


phishing; one-time password; cyber attacks

Full Text:

PDF

References


C. Huang, S. Ma, K. Chen, “Using one-time passwords to prevent password phishing attacks”, Journal of Network and Computer Applications, Vol. 34, No. 4, pp. 1292-1301, 2011

M. Mishra, A. J. Gaurav, A. Jain, “Preventive Anti-Phishing Technique using Code word”, International Journal of Computer Science and Information Technologies, Vol. 3, No. 3, pp. 4248-4250, 2012

Y. Huang, Z. Huang, H. Zhao, X. Lai, “A new one-time password method”, IERI Procedia,Vol. 4, pp. 32-37, 2013

K. Marimuthu, D. Ganesh Gopal, H. Mehta, A. R. P. Boominathan, “A Novel Way of Integrating Voice Recognition and One Time Passwords to Prevent Password Phishing Attacks”, International Journal of Distributed and Parallel Systems, Vol. 5, No. 4, pp. 11-20, 2014

A. Onashoga, A. Sodiya, A. Afolorunso, “One-Time Server-Specific Password Authentication Scheme”, Journal of Computing and Information Technology, Vol. 20, No. 2, pp. 85-93, 2012

P. P. N. G. Phani Kumar, R. John Mathew, “An Advanced Anti Phishing Approach Based On Two-Tier Validation”, International Journal of Research in Computer and Communication Technology, Vol. 3, No. 9, pp. 1015-1017, 2014

B. K. Kushwaha, “An approach for user authentication One Time Password (Numeric and Graphical) Scheme”, Journal of Global Research in Computer Science, Vol. 3, No. 11, pp. 54-57, 2012

J. Hwang, Y. Hsu, G. Liao, “An SMS-Based One-Time-Password Scheme with Client-Side Validation”, Journal of Digital Information Management, Vol. 13, No. 2, pp. 69-75, 2015

H. Sun, K. Sun, Y. Wang, J. Jing, “Trust OTP: Transforming Smartphones into Secure One-Time Password Tokens”, 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 976-988, 2015

D. Mahto, D. K. Yadav, “Security Improvement of One-Time Password Using Crypto-Biometric Model”, 3rd International Conference on Advanced Computing, Networking and Informatics, Vol. 2, pp. 347-353, India, 2015




eISSN: 1792-8036     pISSN: 2241-4487