An Investigation of Social Engineering Techniques towards Graphical Password Authentication
Social engineering has been considered as one of the main processes to break through the information security. Social engineering technique is the way to get unauthorized information and penetrating accouns through the use of non-technical methods relying on the skills of the hacker in the ability t...
Saved in:
id |
my-usim-ddms-12558 |
---|---|
record_format |
uketd_dc |
institution |
Universiti Sains Islam Malaysia |
collection |
USIM Institutional Repository |
language |
English |
topic |
Computers -- Access control -- Passwords Data protection |
spellingShingle |
Computers -- Access control -- Passwords Data protection Naser Marwan Oshrok Laban An Investigation of Social Engineering Techniques towards Graphical Password Authentication |
description |
Social engineering has been considered as one of the main processes to break through the information security. Social engineering technique is the way to get unauthorized information and penetrating accouns through the use of non-technical methods relying on the skills of the hacker in the ability to deceive others and persuade them to get as much information. Social engineering techniques are considered the most ways that are used to attack and steal the information all over the world, for that it is becoming necessary to study this kind of attacks and find methods that protect the information from the attacks such as graphical password. A graphical password. A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI); for this reason the graphical password approach is sometimes called graphical user authentication (GUA).There are three graphical password types; choice-based graphical password, click-based graphical password and draw-based graphical password. On the other hand tradisional password is a secret word or characters used for the user’s authentication and identity to gain access to resources. The objectives of this study are to thoroughly explain social engineering attacks methods, classified the social engineering attack methods based on the weaknesses and compare the impact of the social engineering attacks methods on both of the graphical password and traditional password by referring to the existing literature reviews. In addition, the thesis will also present a study conducted to compare the graphical password types (click-based and choice-based graphical password) towards passwords guessing, a branch of social engineering methods. To achieve the research goals an extensive literature search was conducted to achieve the first and second objectives. For the third objective a survey was conducted by distributing a questionnaire to 50 participants. The collected data were analysed via SPSS. Result show that tradisional passwords are easy to attack by all kinds of attacks, while, the graphical passwords are difficult to penetrate in comparative to tradisional passwords. Moreover, choice-based graphical passwords can resist the attacks better than click-based graphical passwords as number of participants correctly guessed chaoice-based password is less than the click-based graphical password. |
format |
Thesis |
author |
Naser Marwan Oshrok Laban |
author_facet |
Naser Marwan Oshrok Laban |
author_sort |
Naser Marwan Oshrok Laban |
title |
An Investigation of Social Engineering Techniques towards Graphical Password Authentication |
title_short |
An Investigation of Social Engineering Techniques towards Graphical Password Authentication |
title_full |
An Investigation of Social Engineering Techniques towards Graphical Password Authentication |
title_fullStr |
An Investigation of Social Engineering Techniques towards Graphical Password Authentication |
title_full_unstemmed |
An Investigation of Social Engineering Techniques towards Graphical Password Authentication |
title_sort |
investigation of social engineering techniques towards graphical password authentication |
granting_institution |
Universiti Sains Islam Malaysia |
url |
https://oarep.usim.edu.my/bitstreams/3097e761-92aa-4250-8d8e-28324c3f1b4c/download https://oarep.usim.edu.my/bitstreams/0c16b0ce-6ac6-4ae6-9e66-dc0d82c61308/download https://oarep.usim.edu.my/bitstreams/e638fb84-a8da-429b-92ac-55615c3e3abe/download https://oarep.usim.edu.my/bitstreams/27d05668-5782-43b2-b8ef-ec6354820029/download https://oarep.usim.edu.my/bitstreams/e79f9eab-d172-4bbb-97a2-01fa18a7f0fb/download https://oarep.usim.edu.my/bitstreams/52107b13-1099-4724-9db3-17073f05b665/download https://oarep.usim.edu.my/bitstreams/fa15b446-6efc-4cd1-b37f-aa022d85bafb/download https://oarep.usim.edu.my/bitstreams/1797a79f-20ba-47de-8cb2-5cd0a2274f77/download |
_version_ |
1812444840386887680 |
spelling |
my-usim-ddms-125582024-05-29T19:43:32Z An Investigation of Social Engineering Techniques towards Graphical Password Authentication Naser Marwan Oshrok Laban Social engineering has been considered as one of the main processes to break through the information security. Social engineering technique is the way to get unauthorized information and penetrating accouns through the use of non-technical methods relying on the skills of the hacker in the ability to deceive others and persuade them to get as much information. Social engineering techniques are considered the most ways that are used to attack and steal the information all over the world, for that it is becoming necessary to study this kind of attacks and find methods that protect the information from the attacks such as graphical password. A graphical password. A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI); for this reason the graphical password approach is sometimes called graphical user authentication (GUA).There are three graphical password types; choice-based graphical password, click-based graphical password and draw-based graphical password. On the other hand tradisional password is a secret word or characters used for the user’s authentication and identity to gain access to resources. The objectives of this study are to thoroughly explain social engineering attacks methods, classified the social engineering attack methods based on the weaknesses and compare the impact of the social engineering attacks methods on both of the graphical password and traditional password by referring to the existing literature reviews. In addition, the thesis will also present a study conducted to compare the graphical password types (click-based and choice-based graphical password) towards passwords guessing, a branch of social engineering methods. To achieve the research goals an extensive literature search was conducted to achieve the first and second objectives. For the third objective a survey was conducted by distributing a questionnaire to 50 participants. The collected data were analysed via SPSS. Result show that tradisional passwords are easy to attack by all kinds of attacks, while, the graphical passwords are difficult to penetrate in comparative to tradisional passwords. Moreover, choice-based graphical passwords can resist the attacks better than click-based graphical passwords as number of participants correctly guessed chaoice-based password is less than the click-based graphical password. Universiti Sains Islam Malaysia 2014-07 Thesis en https://oarep.usim.edu.my/handle/123456789/12558 https://oarep.usim.edu.my/bitstreams/dda30bdb-e5c9-409f-9991-175e1c234ff8/download 8a4605be74aa9ea9d79846c1fba20a33 https://oarep.usim.edu.my/bitstreams/3097e761-92aa-4250-8d8e-28324c3f1b4c/download 434416c5b3af2d63dfda24945a58896a https://oarep.usim.edu.my/bitstreams/0c16b0ce-6ac6-4ae6-9e66-dc0d82c61308/download 5e5d932c5f07f3a52577a409251865ea https://oarep.usim.edu.my/bitstreams/e638fb84-a8da-429b-92ac-55615c3e3abe/download 0143bf3e36f7dba23b2b65298c178412 https://oarep.usim.edu.my/bitstreams/27d05668-5782-43b2-b8ef-ec6354820029/download 888321b3006b7860b6f7d4efa773a733 https://oarep.usim.edu.my/bitstreams/e79f9eab-d172-4bbb-97a2-01fa18a7f0fb/download 672741345af8fa04e515d50e5cd7abda https://oarep.usim.edu.my/bitstreams/52107b13-1099-4724-9db3-17073f05b665/download 018aeb2c15d2beb0e54cfbc33ff0cddd https://oarep.usim.edu.my/bitstreams/fa15b446-6efc-4cd1-b37f-aa022d85bafb/download 3b9d7a5f8b284ac1c3564c430e1e6bb1 https://oarep.usim.edu.my/bitstreams/1797a79f-20ba-47de-8cb2-5cd0a2274f77/download 91589981b6df3f15bdd1d185fe2215a9 https://oarep.usim.edu.my/bitstreams/e0691b9f-deb4-4ba6-86a2-793c838701be/download 68b329da9893e34099c7d8ad5cb9c940 https://oarep.usim.edu.my/bitstreams/d7a85e68-1e2d-4ad2-8ce5-7f315e9be2af/download 68e0e3c8d4c973b16cf35811a4a82739 https://oarep.usim.edu.my/bitstreams/837682f5-5f9b-4be4-866b-2b972b16a056/download 5e620534dfeacaa32c4cea8bd43935d7 https://oarep.usim.edu.my/bitstreams/70aa9363-32e7-4cb2-91c5-a57c14691621/download beebde7a29ef3ce38cc72a5c83cf93b6 https://oarep.usim.edu.my/bitstreams/bed4e939-1b6b-400b-a077-00b4d39ab312/download f4a7294a4c27e3912a8d5ecc758592f8 https://oarep.usim.edu.my/bitstreams/ee66751e-8715-4986-95ae-3d84359caec1/download b8e74437790f2536e812a0d203bf917a https://oarep.usim.edu.my/bitstreams/1b682348-4171-4101-baf0-c5d52cb4e7f0/download 079e2e04f58fed4d7c9f5d30ca33f902 https://oarep.usim.edu.my/bitstreams/7c419970-489f-44fd-b01d-bae983647c59/download 1acd5c9b2820feb98ce4788d8da9aaa2 Computers -- Access control -- Passwords Data protection |