Open Access  Subscription or Fee Access

A protected network partially depends on user authentication and regrettably authentication schemes used at present are not utterly secure. Some passwords are not computationally dominant, where brute force attacks on this unprecedented scale became potential. Here we have deliberated a schema of High Secure One-Time Password (OTP) algorithm developed by Grid-Clear-CAPTCHA (GCC) which makes uncomplicated to commit to memory and is computationally so powerful. Completely Automated Public Turing Test to Tell Computers and Human Apart (CAPTCHA) is a simple system which prevents direct system relations. GCC enriched by user transaction password which is known to authenticate user. This proposed slant can be fairly and rapidly provided to the system, while at the same time remaining impractical to break the brute force and other Malware based attacks. OTP powered with user‟s unique identifications; makes a finite alphanumeric token valid for a session and for a single use. Permutation of these two schemas gives ceiling security for authentications and almost impossible to break. We have also proposed a novel measure of security levels of many popular authentication schemas against the one we proposed.

Brute Force, CAPTCHA, OTP, Security, Token

Kong, A.W.K.; Zhang, D.; Kamel, M “Analysis of Brute-Force Break-Ins of a Palmprint Authentication System” IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics Volume: 36 Issue: 5, pp. 1201 – 1205.

Sung-Ming Yen “Security of a One-Time Password Signature” IEEE Transactions on Electronics Letters Volume: 33 Issue: 8, pp. 677 – 679.

Handavale, A.A. Sapkal, A.M. “Algorithm for Secured Online Authentication Using CAPTCHA” IEEE International conference in Emerging Trends in Engineering and Technology (ICETET), 2010, pp. 292 – 297.

O'Donnell, A.J “When Malware Attacks (Anything but Windows)” IEEE Transactions on Security and Privacy Volume: 6 Issue: 3 pp. 68 – 70.

Khouzani, M.H.R. Sarkar, S. Altman, E. Electr. & Syst. Eng. Dept., Univ. of Pennsylvania, Philadelphia, PA, USA “Maximum Damage Malware Attack in Mobile Wireless Networks” IEEE International conference on INFOCOM, 2010, pp. 1 – 9.

Zesheng Chen Chuanyi Ji , Dept. of Electr. & Comput. Eng., Florida Int. Univ., Miami, FL, USA “An Information-Theoretic View of Network-Aware Malware Attacks” IEEE Transactions on Information Forensics and Security Volume: 4, Issue:3, pp. 530 – 541.

Haichang Gao; Zhongjie Ren; Xiuling Chang; Xiyang Liu; Aickelin, U. “A New Graphical Password Scheme Resistant to Shoulder-Surfing” IEEE conference on Cyber worlds (CW), 2010, pp. 194 – 199.

Bin Zeng; Lu Yao; ZhiChen Chen “A network intrusion detection system with the snooping agents” IEEE International conference on Computer Application and System Modeling (ICCASM), 2010, pp. V3-232 - V3-236.

Gebre, M.T.; Kyung-Suk Lhee; ManPyo Hong “A robust defense against Content-Sniffing XSS attacks” IEEE International conference on Digital Content, Multimedia Technology and its Applications (IDC), 2010, pp. 315 – 320.

Devendra Chawhan, M.; Kapur, A.R“TCP Performance Enhancement Using ECN and Snoop Protocol for Wi-Fi Network” IEEE International conference on Computer and Network Technology (ICCNT), 2010, pp. 186 – 190.

Yi-Bing Lin Meng-Hsun Tsai Nat. Chiao Tung Univ., Hsinchu “Eavesdropping Through Mobile phone” IEEE Transactions on Vehicular Technology Volume:56 Issue:6, pp. 3596 – 3600.

Yu, J.; Fang, C.; Lu, L.; Li, Z “Mitigating application layer distributed denial of service attacks via effective trust management” IET Transactions on Communications, Volume: 4, Issue: 16, pp. 1952 – 1962, 2010.

Yu, Shui; Zhou, Wanlei; Doss, Robin; Jia, Weijia “ Traceback of DDoS Attacks Using Entropy Variations” IEEE Transactions on Parallel and Distributed Systems, Volume: 22, Issue: 3, pp. 412 – 425, 2011.

Trostle, J.; Van Besien, B.; Pujari, A. “Protecting against DNS cache poisoning attacks” IEEE International conference on Secure Network Protocols (NPSec), 2010, pp. 25 – 30.

Agrawal, D.; Kesdogan, D “Measuring anonymity: the disclosure attack” IEEE Transactions on Security & Privacy Volume: 1, Issue: 6, pp. 27 – 34, 2003.

Makridakis, A. Athanasopoulos, E. Antonatos, S. Antoniades, D. Ioannidis, S. Markatos, E.P. “Understanding the behavior of malicious applications in social networks” IEEE Transactions on Network Magazine Volume: 24, Issue:5, pp. 14 – 19.

Ezuidenhout, M.; Mouton, F.; Venter, H.S. “Social engineering attack detection model: SEADM” Information Security for South Africa (ISSA), 2010, pp. 1 – 8.

Nagaratna, M.; Prasad, V.K.; Kumar, “Detecting and Preventing IP-spoofed DDoS Attacks by Encrypted Marking Based Detection and Filtering (EMDAF)” IEEE International conference on Advances in Recent Technologies in Communication and Computing, 2009. ARTCom '09. pp. 753 – 755.

Callegati, F. Cerroni, W. Ramilli, M. Univ. of Bologna, Bologna “Man-in-the-Middle Attack to the HTTPS Protocol” IEEE Transactions on Security & Privacy Volume: 7 Issue: 1, pp. 78 – 81.

Coppersmith, D.; Johnson, D. B.; Matyas, S. M “A proposed mode for triple-DES encryption” IEEE Transactions on IBM Jounal of Research and Development Volume: 40 Issue: 2, pp. 253 – 262.

Rajendran, J.; Borad, H.; Mantravadi, S.; Karri, R.“ SLICED: Slide-based concurrent error detection technique for symmetric block ciphers” IEEE International symposium on Hardware-Oriented Security and Trust (HOST), 2010, pp. 70 – 75.

Michael Szydlo and Burton Kaliski “Proofs for Two-Server Password Authentication” RSA Laboratories, Bedford, MA 01730, USA.

Hiltgen, A.; Kramp, T.; Weigold, T “Secure Internet Banking Authentication” IEEE Transactions on Security & Privacy Volume: 4 Issue: 2, pp. 21 – 29.

Jinpeng Wei, Singaravelu, L.; Pu, C. “A Secure Information Flow Architecture for Web Service Platforms” IEEE Transactions on Service Computing Volume: 1 Issue: 2, pp. 75 – 87.

Lu Ma; Tsai, J.J.P. “Formal Modeling and Analysis of a Secure Mobile Agent System” IEEE Transactions on Systems, Man and Cybernetics Volume: 38 Issue: 1, pp. 180 – 196.

Maxion, R.A.; Townsend, T.N. “Masquerade Detection Augmented with Error Analysis” IEEE Transactions on Reliability Volume: 53 Issue: 1, pp. 124 – 147.