Identifying and validating the user is a major concern in a heterogeneous network domain. Conventional algorithms and mechanisms could authenticate the users/messages, but with certain vulnerabilities. This paper analyzes the vulnerabilities and downsides of some present-day authentication mechanisms that are being used and proposes an authentication mechanism that cannot be bypassed easily. The proposed mechanism incorporates multi-factor authentication and validates the user based on a username, a password, a security question which is sent to the user via Short-Message-Service (SMS), and a security pin (if necessary). List of security questions posed to the end-user makes the proposed mechanism stronger and protect the system from security breaches by an unknown user to guess the answer. © Springer Nature Switzerland AG 2020.

Jeyanthi N

Department of Software and Systems Engineering

School of Information Technology and Engineering

Vellore Campus

Bhalla R

Vellore Institute of Technology (VIT) is a private university located in&nbsp;Tamil Nadu, India. Founded in 1984, as Vellore Engineering College, the institution offers 20 undergraduate, 34 postgraduate, four integrated and four research programs. It has campuses in Vellore, Amravati, Bhopal and Chennai.

VIT is one of the top ranked private universities in India according to NIRF, THE and QS Rankings.&nbsp;Govt. of India has recognized&nbsp;VIT, Vellore as an&nbsp;Institution of Eminence. This has allowed VIT to take independent quality initiatives and move up in world ranking.

&nbsp;

&nbsp;

VIT University

M2U2: Multifactor Mobile Based Unique User Authentication Mechanism

Advances in Intelligent Systems and Computing Intelligent Systems Design and Applications

The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications'user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token. © Published under licence by IOP Publishing Ltd.

Fulltext

IOP Conference Series: Materials Science and Engineering

Backup key generation model for one-time password security protocol

Some of the common works like, upload and retrieval of data, buying and selling things, earning and donating or transaction of money etc., are the most common works performed in daily life through internet. For every user who is accessing the internet regularly, their highest priority is to make sure that there data is secured. Users are willing to pay huge amount of money to the service provider for maintaining the security. But the intention of malicious users is to access and misuse others data. For that they are using zombie bots. Always Bots are not the only malicious, legitimate authorized user can also impersonate to access the data illegally. This makes the job tougher to discriminate between the bots and boots. For providing security form that threats, here we are proposing a novel RSJ Approach by User Authentication. RSJ approach is a secure way for providing the security to the user form both bots and malicious users. © 2016 ACM.

Proceedings of the International Conference on Advances in Information Communication Technology & Computing - AICTC '16

RSJ Approach for User Authentication

Abstract Voice over Internet Protocol (VoIP) is a family of technologies for the transmission of voice over Internet. Voice is converted into digital signals and transmitted as data packets. The Session Initiation Protocol (SIP) is an IETF protocol for VoIP and other multimedia. SIP is an application layer protocol for creating, modifying and terminating sessions in VoIP communications. Since SIP is a more flexible and simple protocol, it is quite easy to add features to it. Distributed Denial of Service Attack (DDoS) floods the server with numerous requests from various hosts. Hence, the legitimate clients will not be able to get their intended services. A major concern in VoIP and almost in all network domains is availability rather than data consistency. Most of the surviving techniques could prevent VoIP network only after collision. This paper proposes a Recurrence Quantification based approach to detect and prevent VoIP from a DDoS attack. This model detects the attack at an earlier stage and also helps to prevent from further attacks. In addition, this techniques enables the efficient utilization of resources. QUALNET has been used to simulate the operation of the proposed technology.

Journal	Data powered by TypesetAdvances in Intelligent Systems and Computing Intelligent Systems Design and Applications
Publisher	Data powered by TypesetSpringer International Publishing
ISSN	2194-5357
Open Access	No