Keylogging-resistant Visual

Authentication
Protocols
ABSTRACT
The design of secure authentication protocols is quite challenging,
considering that various kinds of root kits reside in PCs (Personal Computers) to
observe users behavior and to make PCs un-trusted devices. nvolving human in
authentication protocols, !hile promising, is not eas" because of their limited
capabilit" of computation and memori#ation. Therefore, rel"ing on users to
enhance securit" necessaril"
degrades the usabilit". $n the other hand, rela%ing assumptions and rigorous
securit" design to improve the user e%perience can lead to securit" breaches that
can harm the users trust. n this pro&ect, !e demonstrate ho! careful visuali#ation
design can enhance not onl" the securit" but also the usabilit" of authentication. To
that end, !e propose t!o visual authentication protocols' one is a one-time-
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
pass!ord protocol, and the other is a pass!ord-based authentication protocol.
Through rigorous anal"sis, !e verif" that our protocols are immune to man" of the
challenging authentication attacks applicable in the literature. (urthermore, using
an e%tensive case stud" on a protot"pe of our protocols, !e highlight the potential
of our approach for real-!orld deplo"ment' !e !ere able to achieve a high level of
usabilit" !hile satisf"ing stringent securit" requirements.

Existing System
The design of secure authentication protocols is quite
challenging, considering that various kinds of root kits reside in PCs (Personal
Computers) to observe users behavior and to make PCs untrusted devices.
nvolving human in authentication protocols, !hile promising, is not eas" because
of their limited capabilit" of computation and memori#ation. Therefore, rel"ing on
users to enhance securit" necessaril" degrades the usabilit". $n the other hand,
rela%ing assumptions and rigorous securit" design to improve the user e%perience
can lead to securit" breaches that can harm the users trust.
Disadvantage:
).t is non *ecurit" for *tored data.
Proposed System
In this Project, we demonstrate how careful visualization design can enhance
not only the security but also the usability of authentication. o that end, we
!ro!ose two visual authentication !rotocols" one is a one-time-!assword !rotocol,
and the other is a !assword-based authentication !rotocol. hrough rigorous
analysis, we verify that our !rotocols are immune to many of the challenging
authentication attac#s a!!licable in the literature. $urthermore, using an e%tensive
case study on a !rototy!e of our !rotocols, we highlight the !otential of our
a!!roach for real-world de!loyment" we were able to achieve a high level of
usability while satisfying stringent security re&uirements.
Advantages:
'. It (u!!ort reasonable Image security and usability and
a!!ears to )t well with some !ractical a!!lications for
im!roving online security.
+P,-+-.T/T$.
mplementation is the stage of the pro&ect !hen the theoretical design is
turned out into a !orking s"stem. Thus it can be considered to be the most
critical stage in achieving a successful ne! s"stem and in giving the user,
confidence that the ne! s"stem !ill !ork and be effective.
The implementation stage involves careful planning, investigation of the
e%isting s"stem and its constraints on implementation, designing of methods to
achieve changeover and evaluation of changeover methods.
Main Modules:-
'. Graphical Password :
n this module, 0sers are having authentication and securit" to access the
detail !hich is presented in the mage s"stem. 1efore accessing or searching the
details user should have the account in that other!ise the" should register first.
2. eyloggers:
2e"loggers are popular and !idel" reported in man" conte%ts. n our
protocols, input is e%pected b" the user, and in ever" protocol one or another t"pe
of input is required. $ur protocols3!hile designed !ith the limitations and
shortcoming of users in mind, and aim at easing the authentication process b"
means of visuali#ation are aimed e%plicitl" at defending against the ke"logger
attacks. 4ere, !e further elaborate on the potential of using ke"loggers as an
attack, and the !a" the" impact each of the t!o protocols.
!. Shoulder-Sur"ng Attac#s :
*houlder-surfing resistance is not !ithin our scope. 4o!ever, in this section,
!e investigate the possibilit" and the effectiveness of shouldersurfing attacks.The
shoulder surfing is a po!erful attack in the conte%t of pass!ord-based
authentication and human identification, . n this attack, the attacker tries to kno!
credentials, such as pass!ords or P.s (personal identification numbers) b"
stealthil" looking over the shoulder of a user inputting these credentials into the
s"stems.
$. Security %& 'ile:
There has been a large bod" of !ork on the problem of user authentication
in general and in the conte%t of e-banking. $f special interest are authentication
protocols that use graphical pass!ords like those reported in and attacks on them
reported in . To the best of our kno!ledge, our protocols are the first of their t"pe
to use visuali#ation for improving securit" and usabilit" of authentication protocols
as per the !a" reported in this Pro&ect.
(ystem *on)guration"-
H/W System Configuration:-
Processor - Pentium III
Speed - (.( Gh)
*AM - 2+, M-.min/
0ard 1is# - 22 G-
'loppy 1rive - (.$$ M-
ey -oard - Standard 3indows ey4oard
Mouse - 5wo or 5hree -utton Mouse
Monitor - S6GA
S/W System Configuration:-
$perating *"stem '5indo!s678698:;;;8<P
/pplication *erver ' Tomcat7.;8=.<
(ront -nd ' 4T+,, >ava, >sp
*cripts ' >ava*cript.
*erver side *cript ' >ava *erver Pages.
?atabase ' +"sql 7.;
?atabase Connectivit" ' >?1C.