Loading

A Framework for Experience Based User Authentication Technique for Minimizing Risk of Brute-Force Attacks
Amirul I Mohamad1, Mohamad A Mohamed2, Mokhairi Makhtar3, Mustafa Mamat4, Norziana Jamil5, Marina Md Din6

1Amirul I Mohamad, Faculty of Informatics and Computing, Universiti Sultan Zainal Abidin, Besut Campus, Malaysia.
2Mohamad A Mohamed, Faculty of Informatics and Computing, Universiti Sultan Zainal Abidin, Besut Campus, Malaysia.
3Mokhairi Makhtar, Faculty of Informatics and Computing, Universiti Sultan Zainal Abidin, Besut Campus, Malaysia.
4Mustafa Mamat, Faculty of Informatics and Computing, Universiti Sultan Zainal Abidin, Besut Campus, Malaysia.
5Norziana Jamil, Institute of Informatics and Computing Energy, Universiti Tenaga Nasional, Malaysia.
6Marina Md Din, Institute of Informatics and Computing Energy, Universiti Tenaga Nasional, Malaysia.
Manuscript received on 16 February 2019 | Revised Manuscript received on 07 March 2019 | Manuscript Published on 08 June 2019 | PP: 660-664 | Volume-7 Issue-5S4, February 2019 | Retrieval Number: E11370275S419/19©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Authentication is the process of verifying somebody or something about who he claim he is. The current methods have some drawbacks, which is high cost for special tools, high maintenances, low reliability, lost or broken by user’s poor handling and needs for special expertise in operating the system. In addition, brute force attack has been used against the authentication system by using special software readily available. To address this issue, we proposed an experience-based authentication system, which makes use of user experience as a password during the verification process. In this study, we choose a list of mountains climbed by a user in combination with the year of visit as a password. The system consists of two parts, sign up and sign in. User registration is done during the sign up, whereas user authentication is carried out during the sign in process. Given the number of mountains around the world that is nearly a million in total, and by allowing user to have any combination of mountain, the risk of brute force attack can be minimize significantly. The ability of this system that can withstand such an attack from the outside could increase the current standard security level.
Keywords: User Authentication, Experience based, Knowledge based, Brute-Force Attack.
Scope of the Article: Patterns and Frameworks