Have a personal or library account? Click to login
A Scrutiny of Honeyword Generation Methods: Remarks on Strengths and Weaknesses Points Cover

A Scrutiny of Honeyword Generation Methods: Remarks on Strengths and Weaknesses Points

Cybernetics and Information Technologies
Volume 22 (2022): Issue 2 (June 2022)
By: Yasser A. Yasser,  Ahmed T. Sadiq and  Wasim AlHamdani  
Open Access
|Jun 2022

References

  1. 1. Mohammed, A. A., A. K. Abdul-Hassan, B. S. Mahdi. Authentication System Based on Hand Writing Recognition. – In: Proc. of 2nd Scientific Conference of Computer Sciences (SCCS’19), March 2019, pp. 138-142. DOI: 10.1109/SCCS.2019.8852594.
    Open DOISearch in Google ScholarBack to article
  2. 2. Mukthineni, V., R. Mukthineni, O. Sharma, S. J. Narayanan. Face Authenticated Hand Gesture Based Human Computer Interaction for Desktops. – Cybernetics and Information Technologies, Vol. 20, 2020, No 4, pp. 74-89.10.2478/cait-2020-0048
    Search in Google ScholarBack to article
  3. 3. Ahmed Tariq Sadiq, A. A. A., Sura Ali. Attacking Classical Cryptography Method Using Pso Based on Variable Neighborhood Search. – International Journal of Computer Engineering & Technology (IJCET), 2014. https://www.iaeme.com/ijcet.asp
    Search in Google ScholarBack to article
  4. 4. Qasaimeh, M., R. S. Al-qassas, S. Aljawarneh. Recent Development in Smart Grid Authentication Approaches : A Systematic Literature Review. – Cybernetics and Information Technologies, Vol. 19, 2019, No 1, pp. 27-52.10.2478/cait-2019-0002
    Search in Google ScholarBack to article
  5. 5. Alaa Kadhim, F., H. I. Mhaibes. A New Initial Authentication Scheme for Kerberos 5 Based on Biometric Data and Virtual Password. – In: Proc. of International Conference on Advanced Science and Engineering (ICOASE’18), 2018, pp. 280-285. DOI: 10.1109/ICOASE.2018.8548852.
    Open DOISearch in Google ScholarBack to article
  6. 6. Sadiq, A. T., L. Ali. Attacking Transposition Cipher Using Improved Cuckoo Search. – Journal of Advanced Computer Science and Technology Research, Vol. 4, 2014, No 1, pp. 22-32. http://www.sign-ific-ance.co.uk/index.php/JACSTR/article/view/385
    Search in Google ScholarBack to article
  7. 7. Chaudhari, S., R. Aparna, A. Rane. A Survey on Proxy Re-Signature Schemes for Translating One Type of Signature to Another. – Cybernetics and Information Technologies, Vol. 21, 2021, No 3, pp. 24-49.10.2478/cait-2021-0028
    Search in Google ScholarBack to article
  8. 8. Abed, T. M., H. B. Abdul-Wahab. Anti-Phishing System Using Intelligent Techniques. – In: Proc. of 2nd Scientific Conference of Computer Sciences (SCCS’19), March 2019, pp. 44-50. DOI: 10.1109/SCCS.2019.8852601.
    Open DOISearch in Google ScholarBack to article
  9. 9. Genç, Z. A., S. Kardaş, M. S. Kiraz. Examination of a New Defense Mechanism: Honeywords. –Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 10741. G. P. Hancke, E. Damiani, Eds. Cham, Springer International Publishing, 2018, pp. 130-139.10.1007/978-3-319-93524-9_8
    Search in Google ScholarBack to article
  10. 10. Kute, S., V. Thite, S. Chopade. Achieving Security using Honeyword. – Int. J. Comput. Appl., Vol. 180, Jun 2018, No 49, pp. 43-47. DOI: 10.5120/ijca2018917333.
    Open DOISearch in Google ScholarBack to article
  11. 11. Win, T., K. S. M. Moe. Protecting Private Data Using Improved Honey Encryption and Honeywords Generation Algorithm. – Adv. Sci. Technol. Eng. Syst., Vol. 3, 2018, No 5, pp. 311-320. DOI: 10.25046/aj030537.
    Open DOISearch in Google ScholarBack to article
  12. 12. Chakraborty, N., S. Mondal. Towards Improving Storage Cost and Security Features of Honeyword Based Approaches. – Procedia Comput. Sci., Vol. 93, 2016, No September, pp. 799-807. DOI: 10.1016/j.procs.2016.07.298.
    Open DOISearch in Google ScholarBack to article
  13. 13. Kusuma, A. B., Y. R. Pramadi. Implementation of Honeywords as a Codeigniter Library for a Solution to Password-Cracking Detection. – In: Proc. of IOP Conf. Ser. Mater. Sci. Eng., Vol. 508, May 2019, No 1, 012134. DOI: 10.1088/1757-899X/508/1/012134.
    Open DOISearch in Google ScholarBack to article
  14. 14. Juels, A., R. L. Rivest. Honeywords: Making Password-Cracking Detectable. – In: Proc. of 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS’13), 2013, No October 2015, pp. 145-160. DOI: 10.1145/2508859.2516671.
    Open DOISearch in Google ScholarBack to article
  15. 15. Erguler, I. Some Remarks on Honeyword Based Password-Cracking Detection. – IACR Cryptol. ePrint Arch., Vol. 2014, 2014, 323. https://eprint.iacr.org/2014/323.pdf
    Search in Google ScholarBack to article
  16. 16. Thakur, P. V. Honeywords: The New Approach for Password Security. – Int. J. Res. Appl. Sci. Eng. Technol., Vol. 7, April 2019, No 4, pp. 2449-2450. DOI: 10.22214/ijraset.2019.4446.
    Open DOISearch in Google ScholarBack to article
  17. 17. Ghare, H. Securing System Using Honeyword and MAC Address. – Int. J. Res. Appl. Sci. Eng. Technol., Vol. 7, May 2019, No 5, pp. 2685-2689. DOI: 10.22214/ijraset.2019.5446.
    Open DOISearch in Google ScholarBack to article
  18. 18. Wang, R., H. Chen, J. Sun. Phoney: Protecting Password Hashes with Threshold Cryptology and Honeywords. – Int. J. Embed. Syst., Vol. 8, 2016, No 2-3, pp. 146-154. DOI: 10.1504/IJES.2016.076108.
    Open DOISearch in Google ScholarBack to article
  19. 19. Palaniappan, S., V. Parthipan, S. Stewart Kirubakaran, R. Johnson. Secure User Authentication Using Honeywords. – Lecture Notes on Data Engineering and Communications Technologies, Vol. 31, 2020, pp. 896-903.10.1007/978-3-030-24643-3_105
    Search in Google ScholarBack to article
  20. 20. Suryawanshi, B. D., P. B. Tayade, A. V. Patil, J. B. Patil, D. V. Rajput. Enhancing the Security Using Honeywords. – IJIRCT1601039 Int. J. Innov. Res. Creat. Technol., Vol. 208, 2017, No 6, pp. 208-211. www.ijirct.org
    Search in Google ScholarBack to article
  21. 21. Guo, Y., Z. Zhang, Y. Guo. Superword: A Honeyword System for Achieving Higher Security Goals. – Comput. Secur., Vol. 103, April 2021, 101689. DOI: 10.1016/j.cose.2019.101689.
    Open DOISearch in Google ScholarBack to article
  22. 22. Lanjulkar Pritee, I. V., I. Rupali, L. Arti. Honeywords : A New Approach for Enhancing Security. – Int. Res. J. Eng. Technol., Vol. 06, 2019, No 03, pp. 1360-1363. https://www.irjet.net/archives/V6/i3/IRJET-V6I3256.pdf
    Search in Google ScholarBack to article
  23. 23. Sivaji, N., K. S. Yuvaraj. Improving Usability of Password Management with Storage Optimized Honeyword Generation. – Int. J. Sci. Res. Sci. Technol., Vol. 4, 2018, No 5, pp. 55-60. DOI: 10.32628/IJSRST184531.
    Open DOISearch in Google ScholarBack to article
  24. 24. Pagar, V. R., R. G. Pise. Strengthening Password Security through Honeyword and Honeyencryption Technique. – In: Proc. of Int. Conf. Trends Electron. Informatics, ICEI 2017, Vol. 2018-January, 2018, pp. 827-831. DOI: 10.1109/ICOEI.2017.8300819.
    Open DOISearch in Google ScholarBack to article
  25. 25. H. R. B. B. S. J. Web Application: (with) HoneyWords and HoneyEncryption. – Int. J. Sci. Res., Vol. 4, 2015, No 2, pp. 2313-2316. https://www.ijsr.net/archive/v4i2/SUB151773.pdf
    Search in Google ScholarBack to article
  26. 26. Genç, Z. A., G. Lenzini, P. Y. A. Ryan, I. Vazquez Sandoval. A Critical Security Analysis of the Password-Based Authentication Honeywords System Under Code-Corruption Attack. –Communications in Computer and Information Science, Vol. 977, 2019, pp. 125-151.10.1007/978-3-030-25109-3_7
    Search in Google ScholarBack to article
  27. 27. Brindtha, J., K. R. Hithaeishini, R. Komala, G. Abirami, U. Arul. Identification and Detecting of Attacker in a Purchase Portal Using Honeywords. – In: Proc. of 3rd IEEE Int. Conf. Sci. Technol. Eng. Manag. (ICONSTEM’17), Vol. 2018-January, 2017, pp. 389-393. DOI: 10.1109/ICONSTEM.2017.8261414.
    Open DOISearch in Google ScholarBack to article
  28. 28. Bamane, S. Achieving Flatness Using Honeywords Generation Algorithm. – Int. J. Res. Appl. Sci. Eng. Technol., Vol. 7, May 2019, No 5, pp. 3491-3496. DOI: 10.22214/ijraset.2019.5572.
    Open DOISearch in Google ScholarBack to article
  29. 29. Catuogno, L., A. Castiglione, F. Palmieri. A Honeypot System with Honeyword-Driven Fake Interactive Sessions. – In: Proc. of Int. Conf. High Perform. Comput. Simulation (HPCS’15), 2015, pp. 187-194. DOI: 10.1109/HPCSim.2015.7237039.
    Open DOISearch in Google ScholarBack to article
  30. 30. Fauzi, M. A., B. Yang, E. Martiri. Password Guessing-Based Legacy-UI Honeywords Generation Strategies for Achieving Flatness. – In: Proc. of 44th IEEE Annu. Comput. Software, Appl. Conf. (COMPSAC’20), 2020, pp. 1610-1615. DOI: 10.1109/COMPSAC48688.2020.00-25.
    Open DOISearch in Google ScholarBack to article
  31. 31. Gadgil, M. A. A. Enhancing Security in User Authentication through Honeyword. – Int. J. Sci. Res. Manag., Vol. 4, Jun 2016, No 6, pp. 4347-4350. DOI: 10.18535/ijsrm/v4i6.17.
    Open DOISearch in Google ScholarBack to article
  32. 32. Nathezhtha, T., V. Vaidehi. Honeyword with Salt-Chlorine Generator to Enhance Security of Cloud User Credentials. – Commun. Comput. Inf. Sci., Vol. 746, 2017, pp. 159-169. DOI: 10.1007/978-981-10-6898-0_13.
    Open DOISearch in Google ScholarBack to article
  33. 33. Moe, K. S. M., T. Win. Improved Hashing and Honey-Based Stronger Password Prevention against Brute Force Attack. – In: Proc. of International Symposium on Electronics and Smart Devices (ISESD’17), Vol. 2018-January, October 2017, pp. 1-5. DOI: 10.1109/ISESD.2017.8253295.
    Open DOISearch in Google ScholarBack to article
  34. 34. Shamini, P. B., E. Dhivya, S. Jayasree, M. P. Lakshmi. Detection and Avoidance of Attacker Using Honey Words in Purchase Portal. – In: Proc. of 3rd International Conference on Science Technology Engineering & Management (ICONSTEM’17), Vol. 2018-January, March 2017, pp. 260-263. DOI: 10.1109/ICONSTEM.2017.8261290.
    Open DOISearch in Google ScholarBack to article
  35. 35. Wang, D., H. Cheng, P. Wang, J. Yan, X. Huang. A Security Analysis of Honeywords. – In: Proc. of NDSS-Symposium, 2018, No February. DOI: 10.14722/ndss.2018.12345. https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_02B-2_Wang_paper.pdf
    Open DOISearch in Google ScholarBack to article
  36. 36. Karthik, A., M. D. Kamalesh. Rat Trap: Inviting, Detection & Identification of Attacker Using Honey Words in Purchase Portal. – In: Proc. of 3rd International Conference on Science Technology Engineering & Management (ICONSTEM’17), Vol. 2018-January, March 2017, pp. 130-132. DOI: 10.1109/ICONSTEM.2017.8261268.
    Open DOISearch in Google ScholarBack to article
  37. 37. Juels, A. A Bodyguard of Lies. – In: Proc. of 19th ACM Symposium on Access Control Models and Technologies (SACMAT’14), 2014, pp. 1-4. DOI: 10.1145/2613087.2613088.
    Open DOISearch in Google ScholarBack to article
  38. 38. Shinde, P. D., S. H. Patil. Secured Password Using Honeyword Encryption. – Iioab J., Vol. 9, 2018, No 2, SI, pp. 78-82. https://www.iioab.org/IIOABJ_9.2_78-82.pdf
    Search in Google ScholarBack to article
  39. 39. Genç, Z. A., G. Lenzini, P. Y. A. Ryan, I. V. Sandoval. A Security Analysis, and a Fix, of a Code-Corrupted Honeywords System. – In: Proc. of 4th International Conference on Information Systems Security and Privacy, Vol. 2018-January, 2018, No Icissp, pp. 83-95. DOI: 10.5220/0006609100830095.
    Open DOISearch in Google ScholarBack to article
  40. 40. Zhang, Y., F. Monrose, M. K. Reiter. The Security of Modern Password Expiration. – In: Proc. of 17th ACM Conference on Computer and Communications Security (CCS’10), 2010, 176. DOI: 10.1145/1866307.1866328.
    Open DOISearch in Google ScholarBack to article
  41. 41. Weir, M., S. Aggarwal, B. De Medeiros, B. Glodek. Password Cracking Using Probabilistic Context-Free Grammars. – In: Proc. of IEEE Symposium on Security and Privacy, May 2009, pp. 391-405. DOI: 10.1109/SP.2009.8.
    Open DOISearch in Google ScholarBack to article
  42. 42. Bojinov, H., E. Bursztein, X. Boyen, D. Boneh. Kamouflage: Loss-Resistant Password Management,” – Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 6345 LNCS, 2010, pp. 286-302.10.1007/978-3-642-15497-3_18
    Search in Google ScholarBack to article
  43. 43. Erguler, I. Achieving Flatness: Selecting the Honeywords from Existing User Passwords. – IEEE Trans. Dependable Secur. Comput., Vol. 13, March 2015, No 2, pp. 284-295. DOI: 10.1109/TDSC.2015.2406707.
    Open DOISearch in Google ScholarBack to article
  44. 44. Chakraborty, N., S. Mondal. Few Notes towards Making Honeyword System More Secure and Usable. – In: Proc. of Int. ACM Conf. Ser., Vol. 08-10-September, 2015, No September 2015. DOI: 10.1145/2799979.2799992.
    Open DOISearch in Google ScholarBack to article
  45. 45. Akshaya, K., S. Dhanabal. Achieving Flatness from Non-Realistic Honeywords. – In: Proc. of International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS’17), March 2017, pp. 1-3. DOI: 10.1109/ICIIECS.2017.8276120.
    Open DOISearch in Google ScholarBack to article
  46. 46. Chakraborty, N., S. Mondal. On Designing a Modified-UI Based Honeyword Generation Approach for Overcoming the Existing Limitations. – Comput. Secur., Vol. 66, 2017, pp. 155-168. DOI: 10.1016/j.cose.2017.01.011.
    Open DOISearch in Google ScholarBack to article
  47. 47. Chor, A., A. Gawali, A. Mohite, M. Tanpure, P. S. P. B., P. T. P. B. Improving Security Using Honeyword for Online Banking Authentication System. – IJARCCE, Vol. 6, March 2017, No 3, pp. 976-978. DOI: 10.17148/IJARCCE.2017.63226.
    Open DOISearch in Google ScholarBack to article
  48. 48. Akshima, A., D. Chang, A. Goel, S. Mishra, S. K. Sanadhya. Generation of Secure and Reliable Honeywords, Preventing False Detection. – In: IEEE Trans. Dependable Secur. Comput. Vol. 5971. No c. 2018, pp. 1-13. DOI: 10.1109/TDSC.2018.2824323.
    Open DOISearch in Google ScholarBack to article
  49. 49. Chakraborty, N., S. Singh, S. Mondal. On Designing a Questionnaire Based Honeyword Generation Approach for Achieving Flatness. – In: Proc. of 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE’18), August 2018, pp. 444-455. DOI: 10.1109/TrustCom/BigDataSE.2018.00071.
    Open DOISearch in Google ScholarBack to article
  50. 50. Akif, O. Z., A. F. Sabeeh, G. J. Rodgers, H. S. Al-Raweshidy. Achieving Flatness: Honeywords Generation Method for Passwords Based on User Behaviours. – Int. J. Adv. Comput. Sci. Appl., Vol. 10, 2019, No 3, pp. 28-37. DOI: 10.14569/IJACSA.2019.0100305.
    Open DOISearch in Google ScholarBack to article
  51. 51. Fauzi, M. A., B. Yang, E. Martiri. PassGAN Based Honeywords System for Machine-Generated Passwords Database. – In: Proc. of 6th IEEE Intl. Conf. Big Data Secur. Cloud, BigDataSecurity 2020, 2020 IEEE Intl. Conf. High Perform. Smart Comput. HPSC 2020 2020 IEEE Intl Conf. Intell. Data Secur. IDS 2020, pp. 214-220, 2020. DOI: 10.1109/BigDataSecurity-HPSC-IDS49724.2020.00046.
    Open DOISearch in Google ScholarBack to article
  52. 52. Hitaj, B., P. Gasti, G. Ateniese, F. Perez-Cruz. PassGAN: A Deep Learning Approach for Password Guessing. – Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 11464 LNCS, 2019, pp. 217-237. DOI: 10.1007/978-3-030-21568-2_11.
    Open DOISearch in Google ScholarBack to article
  53. 53. Goodfellow, I. et al. Generative Adversarial Networks. – Communications of the ACM, Vol. 63, 2020, No 11. pp. 139-144. DOI: 10.1145/3422622.
    Open DOISearch in Google ScholarBack to article
  54. 54. Gulrajani, I., F. Ahmed, M. Arjovsky, V. Dumoulin, A. Courville. Improved Training of Wasserstein GANs. – Advances in Neural Information Processing Systems, Vol. 2017-December, 2017, pp. 5768-5778.
    Search in Google ScholarBack to article
  55. 55. Qi, P., W. Zhou, J. Han. A Method for Stochastic L-BFGS Optimization. – In: Proc. of 2nd IEEE International Conference on Cloud Computing and Big Data Analysis (ICCCBDA’17), 2017, pp. 156-160. DOI: 10.1109/ICCCBDA.2017.7951902.
    Open DOISearch in Google ScholarBack to article
DOI: https://doi.org/10.2478/cait-2022-0013 | Journal eISSN: 1314-4081 | Journal ISSN: 1311-9702
Journal RSS Feed
Language: English
Page range: 3 - 25
Submitted on: Jan 25, 2022
|
Accepted on: Feb 25, 2022
|
Published on: Jun 23, 2022
Published by: Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
In partnership with: Paradigm Publishing Services
Publication frequency: 4 issues per year
Keywords:
Flatness,
honeychecker,
honeywords,
password,
sweetwords
Related subjects:
Computer sciences,
Information technology

© 2022 Yasser A. Yasser, Ahmed T. Sadiq, Wasim AlHamdani, published by Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.

Volume 22 (2022): Issue 2 (June 2022)Next article