DEFENSES AGAINST LARGE SCALE ONLINE

PASSWORD GUESSING ATTACKS BY USING

PERSUASIVE CLICK POINTS
ABSTRACTThis paper presents an integrated evaluation of the Persuasive
Cued Click-Points graphical password scheme, including usability and security
evaluations, and implementation considerations. An important usability goal for
knowledge-based authentication systems is to support users in selecting passwords
of higher security, in the sense of being from an epanded effective security space.
!e use persuasion to influence user choice in click-based graphical passwords,
encouraging users to select more random, and hence more difficult to guess, click-
points.
SYSTEM ANALYSIS
EXISTING SYSTEM:
T"# problems of knowledge-based authentication, typically tet-based
passwords, are well known. $sers often create memorable passwords that are easy
for attackers to guess, but strong system-assigned passwords are difficult for users
to remember . A password authentication system should encourage strong
passwords while maintaining memorability.
%esults show that PCCP is effective at reducing hotspots &areas of the image where
users are more likely to select click-points' and avoiding patterns formed by click-
points within a password, while still maintaining usability.
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
GLOBALSOFT TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
IEEE FINAL YEAR PROJECTS|IEEE ENGINEERING PROJECTS|IEEE STUDENTS PROJECTS|IEEE
BULK PROJECTS|BE/BTECH/ME/MTECH/MS/MCA PROJECTS|CSE/IT/ECE/EEE PROJECTS
CELL: +91 9!9" #9$"% +91 99&&' #"(% +91 9!9" "(9$% +91 9($1! !$!$1
V)*)+: ,,,-.)/012304546738+*-649 M0)1 +6:)333.)/01*3:546738+*;9:0)1-86:
DISADVANTAGES
"ave security and usability problems.
#asy for attackers to guess the password.
(trong system-assigned passwords are difficult for users to
remember.
PROPOSED SYSTEM:
!e propose that authentication schemes allow user choice while influencing
users towards stronger passwords. )n our system, the task of selecting weak
passwords &which are easy for attackers to predict' is more tedious, discouraging
users from making such choices. )n effect, this approach makes choosing a more
secure password the path-of-least-resistance. %ather than increasing the burden on
users, it is easier to follow the system*s suggestions for a secure password a
feature lacking in most schemes.
Click-based ga!"ical !ass#$ds: +raphical password systems are a type of
knowledge-based authentication that attempt to leverage the human memory for
visual information . A comprehensive review of graphical passwords is available
elsewhere . ,f interest herein are cued-recall click-based graphical passwords &also
known as locimetric. )n such systems, users identify and target previously selected
locations within one or more images. The images act as memory cues to aid recall.
#ample systems include PassPoints and Cued Click-Points
ADVANTAGES
PCCP is effective at reducing hotspots and avoiding patterns
formed by click-points within a password, while still
maintaining usability.
This approach makes choosing a more secure password the
path-of-least-resistance.
Provides new evaluation of password distributions, etends
security analysis including relevant attacks.
%ARD&ARE ' SO(T&ARE RE)*IREMENTS:
%ARD&ARE RE)*IREMENTS:
(ystem - )ntel&%' Core&T.'/ CP$ /.00+"1.
"ard 2isk - 30 +4.
5loppy 2rive - 6.33 .b.
.onitor - 67 8+A Colour.
.ouse - 9ogitech.
%am - /.00 +4.
SO(T&ARE RE)*IREMENTS:
,perating system - !indows : Professional.
Coding 9anguage - ;ava, (wing
5ront #nd )2# - <etbeans :.0 )2#
2atabase - (=l (erver /007.
MOD*LES
$ser 2etails 2eclaration
(erver Creation
(erver .onitoring
Persuasive Cued click-Points &PCCP'
Captcha +eneration
MOD*LES DESCRIPTION
*se De+ails Declaa+i$,
)n node details declaration, the node is register to network topology. That is
specified the node )P address, Port <umber and status. <ode login to the network
topology while it check the user authentication Then only server system, allows the
node in to the transmission .<ode can send the packets to the destination or
otherwise can send to server system. <ode can add and relive is very easy in the
network. (tatus also monitor by server system.
SERVER CREATION
)n server creation, the centrali1ed server system design for whole network. )t
has one centrali1ed database and collects the details of each node. And store in to
the centrali1ed database. (erver maintains these details, it very useful for node
calculation and node details identification. (erver can receive the re=uest from all
clients and the provide the corresponding response.
SERVER MONITORING
)n (erver .onitoring, describe the (erver monitoring, )n (erver monitoring
if have any problem in network it will be take the action. The action is particular
packet is discard and also the particular node details collect from database then that
particular node remove from the network .(erver system can identify the node by
using the captcha. .onitoring process also detect the attacker node in the whole
network. .onitoring result also store in the server side.
PERS*ASIVE C*ED CLIC--POINTS .PCCP/
The security of click-based graphical passwords, as attackers can use skewed
password distributions to predict and prioriti1e higher probability passwords for
more successful guessing attacks. 8isual attention research shows that different
people are attracted to the same predictable areas on an image. This suggests that if
users select their own click-based graphical passwords without guidance, hotspots
will remain an issue. (uggest that user choice in all types of graphical passwords is
inadvisable due to predictability. !e investigated whether the system could
influence users to select more random click-points while maintaining usability. The
goal was to encourage more secure behaviour by making less secure choices &i.e.,
choosing poor or weak passwords' more time consuming and awkward. )n effect,
behaving securely became the safe path-of-least-resistance.
CAPTC%A GENERATION
)n Captcha generation , each re=uest notified by using this uni=ue captcha.
This captcha uni=ue for all system. Captcha has two parts one is node id and
another one is process id. #ach node has the node id as node name and port
number combination. And each Process id started from the process name and
combine with process count. )t used for identify the node and type of process from