Frequency of occurrence analysis attack and its countermeasure

الملخص EN

This paper addresses a newly discovered security threat named Frequency of Occurrence Analysis (FOA) attack in searchmetics password authentication scheme.

A countermeasure technique that utilises Metaheuristic Randomisation Algorithm (MRA) is proposed to address the FOA attack.

The proposed Algorithm is presented and an offline FOA attack simulation tool is developed to verify the effectiveness of the proposed method.

In addition, a shoulder surfing testing is conducted to evaluate the effectiveness of the proposed method in terms of mitigating shoulder surfing attack.

The experiment results show that MRA is able to prevent FOA and mitigate shoulder surfing attacks.

Moreover, the proposed method is able to provide larger password space compare to the benchmarking scheme.