Skip navigation
Please use this identifier to cite or link to this item: http://repository.iitr.ac.in/handle/123456789/15913
Title: Push notification based login using BLE devices
Authors: Varshney G.
Misra M.
Published in: Proceedings of 2017 2nd International Conferences on Information Technology, Information Systems and Electrical Engineering, ICITISEE 2017
Abstract: Due to the consistent number of phishing attacks there is a need to develop secure authentication schemes. These days phishing is mostly carried out using malicious browser extensions or other sophisticated credential stealing techniques such as CR/RT MITM phishing attack. Therefore, it is required to develop secure authentication schemes for handling these attacks. A set of popular authentication schemes has been analyzed in this paper and it is found that they are unsafe against credential stealing attacks such as CR/RT MITM phishing, malicious browser extensions, key loggers and malwares. A novel push notification based scheme that uses BTADDR as the user identification token and performs real time modification and verification of BLE device (Bluetooth 4.0+ Version) descriptor value for user authentication has been proposed in this paper. The scheme is better in terms of security provided by the existing two factor authentication schemes (OTP/PIN, QR Code/Barcode, Graphical password/ CAPTCHA) and the usual push notification based login authentication schemes that uses username as the user identification token. Scheme has been compared with other popular schemes using the Bonneau et al. assessment framework in terms of usability, deployability and security. The results obtained are promising which suggest Bluetooth based push notification schemes can be a good option for future web authentication. © 2017 IEEE.
Citation: Proceedings of 2017 2nd International Conferences on Information Technology, Information Systems and Electrical Engineering, ICITISEE 2017, (2018), 479- 484
URI: https://doi.org/10.1109/ICITISEE.2017.8285554
http://repository.iitr.ac.in/handle/123456789/15913
Issue Date: 2018
Publisher: Institute of Electrical and Electronics Engineers Inc.
Keywords: Bluetooth
Malicious Browser Extensions
Phishing
Push notification
RT/CR MITM
ISBN: 9781538606582
Author Scopus IDs: 57196839517
56223635000
Author Affiliations: Varshney, G., Department of CSE, Indian Institute of Technology, Roorkee, Uttarakhand, 247667, India
Misra, M., Department of CSE, Indian Institute of Technology, Roorkee, Uttarakhand, 247667, India
Appears in Collections:Conference Publications [CS]

Files in This Item:
There are no files associated with this item.
Show full item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.