DEFENSES AGAINST LARGE SCALE ONLINEPASSWORD GUESSING ATTACKS BY USING
PERSUASIVE CLICK POINTS
ABSTRACT—This paper presents an integrated evaluation of the Persuasive Cued Click-Points graphical password scheme, including usability and security evaluations, and implementation considerations. An important usability goal for knowledge-based authentication systems is to support users in selecting passwords of higher security, in the sense of being from an expanded effective security space. We use persuasion to influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more difficult to guess, click-points.
SYSTEM ANALYSIS
EXISTING SYSTEM:
THE problems of knowledge-based authentication, typically text-based
passwords, are well known. Users often create memorable passwords that are easy
for attackers to guess, but strong system-assigned passwords are difficult for users
to remember . A password authentication system should encourage strong
passwords while maintaining memorability.
Results show that PCCP is effective at reducing hotspots (areas of the image where
users are more likely to select click-points) and avoiding patterns formed by click-
points within a password, while still maintaining usability.
GLOBALSOFT TECHNOLOGIESIEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 98495 39085, +91 99662 35788, +91 98495 57908, +91 97014 40401
Visit: www.finalyearprojects.org Mail to:[email protected]
GLOBALSOFT TECHNOLOGIESIEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 98495 39085, +91 99662 35788, +91 98495 57908, +91 97014 40401
Visit: www.finalyearprojects.org Mail to:[email protected]
DISADVANTAGES
Have security and usability problems.
Easy for attackers to guess the password.
Strong system-assigned passwords are difficult for users to remember.
PROPOSED SYSTEM:
We propose that authentication schemes allow user choice while influencing
users towards stronger passwords. In our system, the task of selecting weak
passwords (which are easy for attackers to predict) is more tedious, discouraging
users from making such choices. In effect, this approach makes choosing a more
secure password the path-of-least-resistance. Rather than increasing the burden on
users, it is easier to follow the system’s suggestions for a secure password — a
feature lacking in most schemes.
Click-based graphical passwords: Graphical password systems are a type of
knowledge-based authentication that attempt to leverage the human memory for
visual information . A comprehensive review of graphical passwords is available
elsewhere . Of interest herein are cued-recall click-based graphical passwords (also
known as locimetric. In such systems, users identify and target previously selected
locations within one or more images. The images act as memory cues to aid recall.
Example systems include PassPoints and Cued Click-Points
ADVANTAGES
PCCP is effective at reducing hotspots and avoiding patterns formed by click-points within a password, while still maintaining usability.
This approach makes choosing a more secure password the
path-of-least-resistance.
Provides new evaluation of password distributions, extends
security analysis including relevant attacks.
HARDWARE & SOFTWARE REQUIREMENTS:
HARDWARE REQUIREMENTS:
• System : Intel(R) Core(TM)2 CPU 2.00GHz.
• Hard Disk : 40 GB.
• Floppy Drive : 1.44 Mb.
• Monitor : 15 VGA Colour.
• Mouse : Logitech.
• Ram : 2.00 GB.
SOFTWARE REQUIREMENTS:
• Operating system : Windows 7 Professional.
• Coding Language : Java, Swing
• Front End IDE : Netbeans 7.0 IDE
• Database : Sql Server 2005.
MODULES
User Details Declaration
Server Creation
Server Monitoring
Persuasive Cued click-Points (PCCP)
Captcha Generation
MODULES DESCRIPTION
User Details Declaration
In node details declaration, the node is register to network topology. That is
specified the node IP address, Port Number and status. Node login to the network
topology while it check the user authentication Then only server system, allows the
node in to the transmission .Node can send the packets to the destination or
otherwise can send to server system. Node can add and relive is very easy in the
network. Status also monitor by server system.
SERVER CREATION
In server creation, the centralized server system design for whole network. It
has one centralized database and collects the details of each node. And store in to
the centralized database. Server maintains these details, it very useful for node
calculation and node details identification. Server can receive the request from all
clients and the provide the corresponding response.
SERVER MONITORING
In Server Monitoring, describe the Server monitoring, In Server monitoring
if have any problem in network it will be take the action. The action is particular
packet is discard and also the particular node details collect from database then that
particular node remove from the network .Server system can identify the node by
using the captcha. Monitoring process also detect the attacker node in the whole
network. Monitoring result also store in the server side.
PERSUASIVE CUED CLICK-POINTS (PCCP)
The security of click-based graphical passwords, as attackers can use skewed
password distributions to predict and prioritize higher probability passwords for
more successful guessing attacks. Visual attention research shows that different
people are attracted to the same predictable areas on an image. This suggests that if
users select their own click-based graphical passwords without guidance, hotspots
will remain an issue. Suggest that user choice in all types of graphical passwords is
inadvisable due to predictability. We investigated whether the system could
influence users to select more random click-points while maintaining usability. The
goal was to encourage more secure behaviour by making less secure choices (i.e.,
choosing poor or weak passwords) more time consuming and awkward. In effect,
behaving securely became the safe path-of-least-resistance.
CAPTCHA GENERATION
In Captcha generation , each request notified by using this unique captcha.
This captcha unique for all system. Captcha has two parts one is node id and
another one is process id. Each node has the node id as node name and port
number combination. And each Process id started from the process name and
combine with process count. It used for identify the node and type of process from
The security of click-based graphical passwords, as attackers can use skewed
password distributions to predict and prioritize higher probability passwords for
more successful guessing attacks. Visual attention research shows that different
people are attracted to the same predictable areas on an image. This suggests that if
users select their own click-based graphical passwords without guidance, hotspots
will remain an issue. Suggest that user choice in all types of graphical passwords is
inadvisable due to predictability. We investigated whether the system could
influence users to select more random click-points while maintaining usability. The
goal was to encourage more secure behaviour by making less secure choices (i.e.,
choosing poor or weak passwords) more time consuming and awkward. In effect,
behaving securely became the safe path-of-least-resistance.
CAPTCHA GENERATION
In Captcha generation , each request notified by using this unique captcha.
This captcha unique for all system. Captcha has two parts one is node id and
another one is process id. Each node has the node id as node name and port
number combination. And each Process id started from the process name and
combine with process count. It used for identify the node and type of process from