THP: A Novel Authentication Scheme to Prevent Multiple Attacks in SDN-Based IoT Network

被引：45

作者：

Fang, Liming ^{[1
]}

Li, Yang ^{[1
]}

Yun, Xinyu ^{[1
]}

Wen, Zhenyu ^{[2
]}

Ji, Shouling ^{[3
,4
,5
,6
]}

Meng, Weizhi ^{[7
]}

Cao, Zehong ^{[8
]}

Tanveer, M. ^{[9
]}

机构：

[1] Nanjing Univ Aeronaut & Astronaut, Coll Comp Sci & Technol, Nanjing 210016, Peoples R China

[2] Newcastle Univ, Sch Comp, Newcastle Upon Tyne NE4 5TG, Tyne & Wear, England

[3] Zhejiang Univ, Inst Cyberspace Res, Hangzhou 310027, Peoples R China

[4] Zhejiang Univ, Coll Comp Sci & Technol, Hangzhou 310027, Peoples R China

[5] Zhejiang Univ, Alibaba Zhejiang Univ Joint Inst Frontier Technol, Hangzhou 310027, Peoples R China

[6] Georgia Inst Technol, Sch Elect & Comp Engn, Atlanta, GA 30332 USA

[7] Tech Univ Denmark, DTU Compute, DK-2800 Lyngby, Denmark

[8] Univ Tasmania, Discipline ICT, Hobart, Tas 7001, Australia

[9] Indian Inst Technol Indore, Discipline Math, Indore 452020, India

来源：

IEEE INTERNET OF THINGS JOURNAL | 2020年 / 7卷 / 07期

关键词：

Authentication; Password; Cameras; Usability; Internet of Things; Mobile handsets; Internet of Things (IoT); password; security and privacy; shoulder-surfing; GRAPHICAL PASSWORD;

D O I：

10.1109/JIOT.2019.2944301

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

SDN has provided significant convenience for network providers and operators in cloud computing. Such a great advantage is extending to the Internet of Things network. However, it also increases the risk if the security of an SDN network is compromised. For example, if the network operator's permission is illegally obtained by a hacker, he/she can control the entry of the SDN network. Therefore, an effective authentication scheme is needed to fit various application scenarios with high-security requirements. In this article, we design, implement, and evaluate a new authentication scheme called the hidden pattern (THP), which combines graphics password and digital challenge value to prevent multiple types of authentication attacks at the same time. We examined THP in the perspectives of both security and usability, with a total number of 694 participants in 63 days. Our evaluation shows that THP can provide better performance than the existing schemes in terms of security and usability.

引用

页码：5745 / 5759

页数：15

共 44 条

[1] Revisiting Defenses against Large-Scale Online Password Guessing Attacks [J].

Alsaleh, Mansour ;

Mannan, Mohammad ;

van Oorschot, P. C. .

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2012, 9 (01) :128-141

[2]

[Anonymous], 2013, P ACM 8 ACM SIGSAC S

[3]

[Anonymous], 2010, 4 USENIX WORKSHOP OF

[4]

[Anonymous], 2018, YOUR PHONE IS BEING

[5]

[Anonymous], 2007, P USENIX SEC

[6]

[Anonymous], 2019, BIOMETRIC AUTHENTICA

[7]

[Anonymous], 2007, P 3 S US PRIV SEC, DOI DOI 10.1145/1280680.1280683

[8]

Brostoff S, 2000, BCS CONFERENCE S, P405

[9]

Castro C., 2017, 2017 European Conference on Optical Communication (ECOC), P1

[10] MobSecure: A Shoulder Surfing Safe Login Approach Implemented On Mobile Device [J].

Chakraborty, Nilesh ;

Randhawa, Gurpinder Singh ;

Das, Kuntal ;

Mondal, Samrat .

PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING AND COMMUNICATIONS, 2016, 93 :854-861

← 1 2 3 4 5 →