{"title":"Graphical Password Security Evaluation by Fuzzy AHP","authors":"Arash Habibi Lashkari, Azizah Abdul Manaf, Maslin Masrom","volume":66,"journal":"International Journal of Computer and Information Engineering","pagesStart":788,"pagesEnd":794,"ISSN":"1307-6892","URL":"https:\/\/publications.waset.org\/pdf\/2662","abstract":"In today's day and age, one of the important topics in\ninformation security is authentication. There are several alternatives\nto text-based authentication of which includes Graphical Password\n(GP) or Graphical User Authentication (GUA). These methods stems\nfrom the fact that humans recognized and remembers images better\nthan alphanumerical text characters. This paper will focus on the\nsecurity aspect of GP algorithms and what most researchers have\nbeen working on trying to define these security features and\nattributes. The goal of this study is to develop a fuzzy decision model\nthat allows automatic selection of available GP algorithms by taking\ninto considerations the subjective judgments of the decision makers\nwho are more than 50 postgraduate students of computer science. The\napproach that is being proposed is based on the Fuzzy Analytic\nHierarchy Process (FAHP) which determines the criteria weight as a\nlinear formula.","references":"[1] Lashkari, A.H. and F. Towhidi, Graphical User Authentication (GUA).\n2010: Lambert Academic Publisher.\n[2] Lashkari, A.H., et al., Shoulder Surfing attack in graphical password\nauthentication. 2009, International Journal of Computer Science and\nInformation Security (IJCSIS).\n[3] Lashkari, A.H., et al., Security Evaluation for Graphical Password, in\nThe International Conference on Digital Information and\nCommunication Technology and its Applications (DICTAP2011). 2011,\nCommunications in Computer and Information Science (CCIS) Series of\nSpringer LNCS: Universit\u00e9 de Bourgogne, France.\n[4] Saaty, T.L., How to make a decision: The Analytic Hierarchy Process.\nEuropean Journal of Operational Research 1990. 48 p. 9-26.\n[5] Nguyen, H.T. and E.A. Walker, A First Course in Fuzzy Logic. 1997:\nCRC Press.\n[6] Klir, G.J. and B. Yuan, Fuzzy Sets and Fuzzy Logic Theory and\nApplications. 1995, New Jersey: Prentice Hall.\n[7] Zimmermann, H.-J., Fuzzy Set Theory and its Applications. Third\nEdition ed. 1996: Kluwer Academic Publishers.\n[8] Ball\u2500\u2592, S. and S. Koruko\u2500\u0192lu, Operating System Selection using Fuzzy\nAHP and Topsis Methods. Mathematical and Computational\nApplications, 2009. 14(2): p. 119-130.\n[9] Wang, Y.-M. and T.M.S. Elhag, Fuzzy TOPSIS method based on alpha\nlevel sets with an application to bridge risk assessment. Expert Systems\nwith Applications, 2006. 31.\n[10] Kreng, V.B. and C.Y. Wu, Evaluation of knowledge portal development\ntools using a fuzzy AHP approach: The case of Taiwanese stone\nindustry. European Journal of Operational Research, 2005.\n[11] Erensala, Y.C., T. \u251c\u00fbncanb, and M.L. Demircan, Determining key\ncapabilities in technology management using fuzzy analytic hierarchy\nprocess: A case study of Turkey. Information Sciences, 2006. 176(18):\np. 2755-2770\n[12] Kahraman, C., U. Cebeci, and D. Ruan, Multi-attribute comparison of\ncatering service companies using fuzzy AHP: The case of Turkey.\nInternational Journal of Production Economics, 2004. 87.\n[13] Leung, L.C. and D. Cao, On consistency and ranking of alternatives in\nfuzzy AHP. European Journal of Operational Research, 2000. 124: p.\n102-113.","publisher":"World Academy of Science, Engineering and Technology","index":"Open Science Index 66, 2012"}