Research Articles in Computer Science

Permanent URI for this collectionhttps://repository.nileuniversity.edu.ng/handle/123456789/50

Browse

Author: search.filters.author.Akande Oluwatobi NoahStart date: 2020

Search Results

Now showing 1 - 4 of 4
  • No Thumbnail Available
    Item
    A Dynamic and Incremental Graphical Grid Authentication Technique for Mobile and Web Applications
    (2024-08-08) Gong Jiaming; Akande Oluwatobi Noah; Chia-Chen Lin; Agarwal Saurabh
    Knowledge-based authentication techniques remain one of the proven ways of maintaining confidentiality, ensuring integrity, and guaranteeing the availability of an information system. They employ what a user knows (Passwords or PINs) to authorize or grant access to an information system. While passwords employ a fixed combination of characters, Personal Identification Numbers (PINs) are majorly numbers. Existing implementations of these authentication techniques involve the repetitive use of static passwords and PINs at every login instance. These have been exposed to various attacks, such as keyloggers, shoulder surfing, brute force, and dictionary attacks. To overcome these attacks, this study presents an authentication technique where users’ PINs are incremented during successive login attempts. Users are expected to choose a preferred incremental factor, which can be any number they can remember, that will be added to the default 6-digit PIN to produce a dynamic PIN that can be used in subsequent login sessions. Furthermore, an additional layer of security that involves the use of a dynamic 4 by 4 graphical grid was integrated into the proposed incremented PIN technique. At every login session, users are presented with a set of 16 possible PINs to choose from. The security analysis of the proposed authentication technique revealed that the proposed technique could resist existing password attacks, thereby enhancing security. A performance testing and usability analysis was also carried out among 1145 individuals who interacted with the web application that uses the incremental authentication technique. The questionnaire items were structured based on the constructs of the Unified Theory of Acceptance and Use of Technology (UTAUT) Model. Statistical analysis of the responses received showed an appreciable level of acceptance in terms of performance expectancy, effort expectancy, social influence, and facilitating conditions. The positive user acceptance results provide reassurance about the practicality and effectiveness of the proposed technique. It is believed that the proposed incremental graphical grid authentication technique will further enhance the security of our growing mobile and web applications
  • No Thumbnail Available
    Item
    A Dynamic Round Triple Data Encryption Standard Cryptographic Technique for Data Security
    (Springer Nature Switzerland AG, 2020-08-08) Akande Oluwatobi Noah; Abikoye Oluwakemi Christiana; Kayode Aderonke Anthonia; Aro Oladele Taye; Ogundokun Oluwaseun Roseline
    Cryptographic techniques have been widely employed to protect sensitive data from unauthorized access and manipulation. Among these cryptographic techniques, Data Encryption Standard (DES) has been widely employed, however, it suffers from key and differential attacks. To overcome these attacks, several DES modifications have been proposed in literatures. Most modifications have focused on enhancing DES encryption key; however, the strength of a cryptographic technique is determined by the encryption key used and the number of encryption rounds. It is a known fact that Advanced Encryption Standard (AES) cryptographic technique with 14 encryption rounds is stronger than AES with 12 rounds while AES with 12 rounds is stronger than AES with 10 rounds. Therefore, this study proposed a DES cryptographic technique whose number of rounds is dynamic. Users are expected to specify the number of encryption and decryption rounds to be employed at run time. Moreover, a predefined number of shifting operations which is left circular shift 2 was chosen for each encryption round. As, a trade-off in complexity, the number of Substitution box (S-box) was also reduced to 4, so that the input to the S-boxes would be arranged in four 12-bit blocks for the X-OR operation and not six 8-bit blocks as in the traditional DES. Finally, three keys were used to encrypt, decrypt and encrypt the plaintext ciphertext as in triple DES. The modified DES yielded a better avalanche effect for rounds greater than 16 though its encryption and decryption time were greater than that of the traditional DES.
  • No Thumbnail Available
    Item
    A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm
    (Springer Open, 2020-08-08) Abikoye Oluwakemi Christiana; Abubakar Abdullahi; Dokoro Ahmed Haruna; Akande Oluwatobi Noah; Kayode Aderonke Anthonia
    Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user’s input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks
  • No Thumbnail Available
    Item
    Ethnicity and Biometric Uniqueness
    (2023-08-08) John Daugman; Cathryn Downing; Akande Oluwatobi Noah; Abikoye Oluwakemi Christiana
    We conducted more than 1.3 million comparisons of iris patterns encoded from images collected at two Nigerian universities, which constitute the newly available African Human Iris (AFHIRIS) database. The purpose was to discover whether ethnic differences in iris structure and appearance such as the textural feature size, as contrasted with an all-Chinese image database or an American database in which only 1.53% were of African-American heritage, made a material difference for iris discrimination. We measured a reduction in entropy for the AFHIRIS database due to the coarser iris features created by the thick anterior layer of melanocytes, and we found stochastic parameters that accurately model the relevant empirical distributions. Quantile-Quantile analysis revealed that a very small change in operational decision thresholds for the African database would compensate for the reduced entropy and generate the same performance in terms of resistance to False Matches. We conclude that despite demographic difference, individuality can be robustly discerned by comparison of iris patterns in this West African population