A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords

This systematic literature review delves into the dynamic realm of graphical passwords, focusing on the myriad security attacks they face and the diverse countermeasures devised to mitigate these threats. The core objective of this paper is to identify existing security threats to graphical password...

Full description

Saved in:
Bibliographic Details
Main Authors: Por, Lip Yee, Ng, Ian Ouii, Chen, Yen-Lin, Yang, Jing, Ku, Chin Soon
Format: Article
Published: Institute of Electrical and Electronics Engineers 2024
Subjects:
Online Access:http://eprints.um.edu.my/45886/
https://doi.org/10.1109/ACCESS.2024.3373662
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Malaya
id my.um.eprints.45886
record_format eprints
spelling my.um.eprints.458862024-11-13T09:03:29Z http://eprints.um.edu.my/45886/ A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords Por, Lip Yee Ng, Ian Ouii Chen, Yen-Lin Yang, Jing Ku, Chin Soon QA75 Electronic computers. Computer science This systematic literature review delves into the dynamic realm of graphical passwords, focusing on the myriad security attacks they face and the diverse countermeasures devised to mitigate these threats. The core objective of this paper is to identify existing security threats to graphical password schemes and the corresponding countermeasures developed to mitigate these attacks. The study process begins by identifying the usable databases and search engines to identify all the relevant resources. The inclusion and exclusion criteria were carefully selected to prioritize the study, focusing mostly on attacks and countermeasures related to graphical password schemes between 2009 and 2023. After thorough identification and selection progress, 59 studies met all the criteria. Among these studies, 47 mentioned shoulder surfing as a threat to graphical password schemes, while 20 discussed brute force attacks. Additionally, there were 21 papers on dictionary attacks, 13 on smudge attacks, spyware attacks, and social engineering, and 19 that discussed guessing attacks as threats to graphical password schemes. Furthermore, the papers identified several other attacks, including frequency of occurrence analysis attacks, video recording, eavesdropping, computer vision, sonar, and image gallery attacks, with the corresponding numbers of papers being 9, 17, 5, 2, 2, and 1, respectively. The results also highlight the countermeasures proposed in the study papers to mitigate the aforementioned attacks. Among the various countermeasures identified, most revolve around randomization, obfuscation, and password space complexity as the most commonly used techniques for enhancing the security of graphical password schemes. Institute of Electrical and Electronics Engineers 2024 Article PeerReviewed Por, Lip Yee and Ng, Ian Ouii and Chen, Yen-Lin and Yang, Jing and Ku, Chin Soon (2024) A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords. IEEE Access, 12. pp. 53408-53423. ISSN 2169-3536, DOI https://doi.org/10.1109/ACCESS.2024.3373662 <https://doi.org/10.1109/ACCESS.2024.3373662>. https://doi.org/10.1109/ACCESS.2024.3373662 10.1109/ACCESS.2024.3373662
institution Universiti Malaya
building UM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Malaya
content_source UM Research Repository
url_provider http://eprints.um.edu.my/
topic QA75 Electronic computers. Computer science
spellingShingle QA75 Electronic computers. Computer science
Por, Lip Yee
Ng, Ian Ouii
Chen, Yen-Lin
Yang, Jing
Ku, Chin Soon
A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
description This systematic literature review delves into the dynamic realm of graphical passwords, focusing on the myriad security attacks they face and the diverse countermeasures devised to mitigate these threats. The core objective of this paper is to identify existing security threats to graphical password schemes and the corresponding countermeasures developed to mitigate these attacks. The study process begins by identifying the usable databases and search engines to identify all the relevant resources. The inclusion and exclusion criteria were carefully selected to prioritize the study, focusing mostly on attacks and countermeasures related to graphical password schemes between 2009 and 2023. After thorough identification and selection progress, 59 studies met all the criteria. Among these studies, 47 mentioned shoulder surfing as a threat to graphical password schemes, while 20 discussed brute force attacks. Additionally, there were 21 papers on dictionary attacks, 13 on smudge attacks, spyware attacks, and social engineering, and 19 that discussed guessing attacks as threats to graphical password schemes. Furthermore, the papers identified several other attacks, including frequency of occurrence analysis attacks, video recording, eavesdropping, computer vision, sonar, and image gallery attacks, with the corresponding numbers of papers being 9, 17, 5, 2, 2, and 1, respectively. The results also highlight the countermeasures proposed in the study papers to mitigate the aforementioned attacks. Among the various countermeasures identified, most revolve around randomization, obfuscation, and password space complexity as the most commonly used techniques for enhancing the security of graphical password schemes.
format Article
author Por, Lip Yee
Ng, Ian Ouii
Chen, Yen-Lin
Yang, Jing
Ku, Chin Soon
author_facet Por, Lip Yee
Ng, Ian Ouii
Chen, Yen-Lin
Yang, Jing
Ku, Chin Soon
author_sort Por, Lip Yee
title A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
title_short A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
title_full A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
title_fullStr A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
title_full_unstemmed A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
title_sort systematic literature review on the security attacks and countermeasures used in graphical passwords
publisher Institute of Electrical and Electronics Engineers
publishDate 2024
url http://eprints.um.edu.my/45886/
https://doi.org/10.1109/ACCESS.2024.3373662
_version_ 1816130472458059776