A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords
This systematic literature review delves into the dynamic realm of graphical passwords, focusing on the myriad security attacks they face and the diverse countermeasures devised to mitigate these threats. The core objective of this paper is to identify existing security threats to graphical password...
Saved in:
Main Authors: | , , , , |
---|---|
Format: | Article |
Published: |
Institute of Electrical and Electronics Engineers
2024
|
Subjects: | |
Online Access: | http://eprints.um.edu.my/45886/ https://doi.org/10.1109/ACCESS.2024.3373662 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Malaya |
id |
my.um.eprints.45886 |
---|---|
record_format |
eprints |
spelling |
my.um.eprints.458862024-11-13T09:03:29Z http://eprints.um.edu.my/45886/ A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords Por, Lip Yee Ng, Ian Ouii Chen, Yen-Lin Yang, Jing Ku, Chin Soon QA75 Electronic computers. Computer science This systematic literature review delves into the dynamic realm of graphical passwords, focusing on the myriad security attacks they face and the diverse countermeasures devised to mitigate these threats. The core objective of this paper is to identify existing security threats to graphical password schemes and the corresponding countermeasures developed to mitigate these attacks. The study process begins by identifying the usable databases and search engines to identify all the relevant resources. The inclusion and exclusion criteria were carefully selected to prioritize the study, focusing mostly on attacks and countermeasures related to graphical password schemes between 2009 and 2023. After thorough identification and selection progress, 59 studies met all the criteria. Among these studies, 47 mentioned shoulder surfing as a threat to graphical password schemes, while 20 discussed brute force attacks. Additionally, there were 21 papers on dictionary attacks, 13 on smudge attacks, spyware attacks, and social engineering, and 19 that discussed guessing attacks as threats to graphical password schemes. Furthermore, the papers identified several other attacks, including frequency of occurrence analysis attacks, video recording, eavesdropping, computer vision, sonar, and image gallery attacks, with the corresponding numbers of papers being 9, 17, 5, 2, 2, and 1, respectively. The results also highlight the countermeasures proposed in the study papers to mitigate the aforementioned attacks. Among the various countermeasures identified, most revolve around randomization, obfuscation, and password space complexity as the most commonly used techniques for enhancing the security of graphical password schemes. Institute of Electrical and Electronics Engineers 2024 Article PeerReviewed Por, Lip Yee and Ng, Ian Ouii and Chen, Yen-Lin and Yang, Jing and Ku, Chin Soon (2024) A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords. IEEE Access, 12. pp. 53408-53423. ISSN 2169-3536, DOI https://doi.org/10.1109/ACCESS.2024.3373662 <https://doi.org/10.1109/ACCESS.2024.3373662>. https://doi.org/10.1109/ACCESS.2024.3373662 10.1109/ACCESS.2024.3373662 |
institution |
Universiti Malaya |
building |
UM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Malaya |
content_source |
UM Research Repository |
url_provider |
http://eprints.um.edu.my/ |
topic |
QA75 Electronic computers. Computer science |
spellingShingle |
QA75 Electronic computers. Computer science Por, Lip Yee Ng, Ian Ouii Chen, Yen-Lin Yang, Jing Ku, Chin Soon A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords |
description |
This systematic literature review delves into the dynamic realm of graphical passwords, focusing on the myriad security attacks they face and the diverse countermeasures devised to mitigate these threats. The core objective of this paper is to identify existing security threats to graphical password schemes and the corresponding countermeasures developed to mitigate these attacks. The study process begins by identifying the usable databases and search engines to identify all the relevant resources. The inclusion and exclusion criteria were carefully selected to prioritize the study, focusing mostly on attacks and countermeasures related to graphical password schemes between 2009 and 2023. After thorough identification and selection progress, 59 studies met all the criteria. Among these studies, 47 mentioned shoulder surfing as a threat to graphical password schemes, while 20 discussed brute force attacks. Additionally, there were 21 papers on dictionary attacks, 13 on smudge attacks, spyware attacks, and social engineering, and 19 that discussed guessing attacks as threats to graphical password schemes. Furthermore, the papers identified several other attacks, including frequency of occurrence analysis attacks, video recording, eavesdropping, computer vision, sonar, and image gallery attacks, with the corresponding numbers of papers being 9, 17, 5, 2, 2, and 1, respectively. The results also highlight the countermeasures proposed in the study papers to mitigate the aforementioned attacks. Among the various countermeasures identified, most revolve around randomization, obfuscation, and password space complexity as the most commonly used techniques for enhancing the security of graphical password schemes. |
format |
Article |
author |
Por, Lip Yee Ng, Ian Ouii Chen, Yen-Lin Yang, Jing Ku, Chin Soon |
author_facet |
Por, Lip Yee Ng, Ian Ouii Chen, Yen-Lin Yang, Jing Ku, Chin Soon |
author_sort |
Por, Lip Yee |
title |
A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords |
title_short |
A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords |
title_full |
A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords |
title_fullStr |
A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords |
title_full_unstemmed |
A Systematic Literature Review on the Security Attacks and Countermeasures Used in Graphical Passwords |
title_sort |
systematic literature review on the security attacks and countermeasures used in graphical passwords |
publisher |
Institute of Electrical and Electronics Engineers |
publishDate |
2024 |
url |
http://eprints.um.edu.my/45886/ https://doi.org/10.1109/ACCESS.2024.3373662 |
_version_ |
1816130472458059776 |