A Novel Multi-Factor Authentication Algorithm Based on Image Recognition and User Established Relations-Reference-Cited by-同舟云学术

A Novel Multi-Factor Authentication Algorithm Based on Image Recognition and User Established Relations

Published:2023-01-20 Issue:3 Volume:13 Page:1374
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Carrillo-Torres Diego,Pérez-Díaz Jesús Arturo^ORCID,Cantoral-Ceballos Jose Antonio^ORCID,Vargas-Rosales Cesar^ORCID

Abstract

Conventional authentication methods, like simple text-based passwords, have shown vulnerabilities to different types of security attacks. Indeed, 61% of all breaches involve credentials, whether stolen via social engineering or hacked using brute force. Therefore, a robust user authentication mechanism is crucial to have secure systems. Combining textual passwords with graphical passwords in a multi-factor approach can be an effective strategy. Advanced authentication systems, such as biometrics, are secure, but require additional infrastructure for efficient implementation. This paper proposes a Multi-Factor Authentication (MFA) based on a non-biometric mechanism that does not require additional hardware. The novelty of the proposed mechanism lies in a two-factor authentication algorithm which requires a user to identify specific images out of a set of randomly selected images, then the user is required to establish a self-pre-configured relation between two given images to complete authentication. A functional prototype of the proposed system was developed and deployed. The proposed system was tested by users of different backgrounds achieving 100% accuracy in identifying and authenticating users, if authentication elements and credentials were not forgotten. It was also found to be accepted by the users as being easy to use and preferable over common MFA mechanisms.

Funder

Tecnologico de Monterrey Challenge-Based Research Funding Program

CYTED

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/3/1374/pdf

Reference33 articles.

1. Cook, S. (2022, August 01). Identity Theft Facts & Statistics: 2019–2022. Comparitech. Available online: https://www.comparitech.com/identity-theft-protection/identity-theft-statistics/.

2. Statista (2022, November 11). Global Number of Breached Data Sets 2020–2022. Available online: https://www.statista.com/statistics/1307426/number-of-data-breaches-worldwide/.

3. Statista (2022, October 27). Likelihood of Suffering a Hacker Attack 2021, by Country. Available online: https://www.statista.com/statistics/1228062/opinion-online-security-worldwide/.

4. Abhishek, K., Roshan, S., Kumar, P., and Ranjan, R. (2013). Advances in Computing and Information Technology, Springer.

5. Konoth, R.K., van der Veen, V., and Bos, H. (2016, January 22–26). How anywhere computing just killed your phone-based two-factor authentication. Proceedings of the International Conference on Financial Cryptography and Data Security, Christ Church, Barbados.

Cited by 11 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Graphical User Authentication Algorithms Based on Recognition;ARO-THE SCIENTIFIC JOURNAL OF KOYA UNIVERSITY;2024-08-23

2. Identity Authentication Based on Network Topology;Proceedings of the 2024 3rd International Conference on Cyber Security, Artificial Intelligence and Digital Economy;2024-03

3. Securing the Supply Chain;Advances in Information Security, Privacy, and Ethics;2024-02-02

4. Secure Internet Financial Transactions: A Framework Integrating Multi-Factor Authentication and Machine Learning;AI;2024-01-10

5. Securing Digital Identity in the Zero Trust Architecture: A Blockchain Approach to Privacy-Focused Multi-Factor Authentication;IEEE Open Journal of the Communications Society;2024