Stochastic programming has emerged lately as an advanced mathematical method to develop a decision-making process under uncertainty. This work investigatesits use in enhancing Multi-Factor Authentication systems by establishing a probability-maximized framework fordynamic authentication processes in real time. Tra-ditional MFA methods, though effective in reducing the risks of compromised credentials, usually have problems with user friction, lack of adaptability, andare vulnerable against advanced threats, including phishing and social engineer-ing. We propose a dynamic approach where stochastic models are integrated into MFA to adjust the authentication requirements based on real-time risk eval-uations and user behavior for better security and user experience
Stochastic programming has emerged lately as an advanced mathematical method to develop a decision-making process under uncertainty. This work investigatesits use in enhancing Multi-Factor Authentication systems by establishing a probability-maximized framework fordynamic authentication processes in real time. Tra-ditional MFA methods, though effective in reducing the risks of compromised credentials, usually have problems with user friction, lack of adaptability, andare vulnerable against advanced threats, including phishing and social engineer-ing. We propose a dynamic approach where stochastic models are integrated into MFA to adjust the authentication requirements based on real-time risk eval-uations and user behavior for better security and user experience
| № | Author name | position | Name of organisation |
|---|---|---|---|
| 1 | Szucs V.. | ! | University of Pannonia |
| 2 | Sulaymonov Y.. | ! | University of Pannonia |
| № | Name of reference |
|---|---|
| 1 | 1.Acar, Y. et al. 2016. Phishing attacks: Analyzing the effectiveness of anti-phishing mechanisms in 2fa systems. Proceedings of the ACM SIGSAC Con-ference on Computer and Communications Security 2976749–2978342. https:2.//doi.org/10.1145/2976749.2978342.3.Awati, Rahul. ????Risk based authentication. https://www.techtarget.com/searchsecurity/definition/risk-based-authentication-RBA.4.Birge, John R & Francois V Louveaux. 2011. Introduction to stochastic programming.5.Springer Science & Business Media.6.Bonneau, J. et al. 2012a. The quest to replace passwords: A framework for com-parative evaluation of web authentication schemes. In Proceedings of the 33rd annual acm conference on human factors in computing systems, 2335356–2335360. https://dl.acm.org/doi/10.1145/2335356.2335360.7.Bonneau, Joseph, Cormac Herley, Paul C Van Oorschot & Frank Stajano. 2012b. The quest to replace passwords: A framework for comparative evaluation of web authentication schemes. Proceedings of the 2012 IEEE Symposium on Security and Privacy 553–567.8.Burt, Robert & et al. 2014. Man-in-the-middle attacks and secure sockets layer.9.In Ieee symposium on security and privacy, 42–56. IEEE.10.Chiasson, S. et al. 2007. Challenges and approaches for deploying two-factor authentication in enterprise environments. ACM Transactions on Information and System Security 10(3). 1–35. https://dl.acm.org/doi/10.1145/1294211.11.1294218.12.Chiou, S. et al. 2022. Location-based authentication mechanisms: Current trends and future directions. IEEE Transactions on Dependable and Secure Computing 3155470. https://doi.org/10.1109/TDSC.2022.3155470.13.Citrix. ????Adaptive authentication.https://www.citrix.com/14.glossary/what-is-adaptive-authentication.html#:~:text=Adaptive%20authentication%20is%20a%20method,how%20a%20user%20must%20authenticate.15.Das, S. et al. 2020. Two-factor authentication: A comprehensive review of the security and usability features of hardware tokens, software tokens, and sms-based solutions. Journal of Information Security and Applications 53. 102527. https://doi.org/10.1016/j.jisa.2020.102527.16.Gao, Rui & Anton J Kleywegt. 2016. Distributionally robust stochastic optimiza-tion with wasserstein distance. Mathematics of Operations Research 42. 591–620. Gupta, A. 2023. Stochastic optimization for dynamic authentication. IEEE Secure17.Systems .18.Johnson, T. et al. 2020. Multi-factor authentication in cloud computing environ-ments: Emerging trends and technologies. Journal of Information Security and Applications 54. 102547. https://doi.org/10.1016/j.jisa.2020.102547.19.Maqousi, A. et al. 2022. Integration of multi-factor authentication in legacy sys-tems: Frameworks and case studies. Journal of Information Security and Appli-cations 65. 103202. https://doi.org/10.1016/j.jisa.2022.103202.20.Prekopa, Andras. 1995. Stochastic programming International series of mono-graphs on physics. Kluwer Academic Publishers.21.Ratha, N. K. et al. 2001. Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal 40(3). 614–634. https://doi.org/10.1109/5254.983913.22.Tiwari, R. et al. 2021. Authentication challenges and issues in 2fa solutions for enterprise systems. Computers & Security 104. 102545. https://doi.org/10.1016/j.cose.2021.102545.23.Weir, C. et al. 2009. Usability challenges in two-factor authentication systems: A usability and security tradeoff. Computers & Security 28(7). 348–356. https:24.//doi.org/10.1016/j.cose.2009.04.004.25.Zhang, Wei & et al. 2021. Probabilistic access control: A dynamic model for cybersecurity. IEEE Transactions on Dependable and Secure Computing 18. 1138–1149. |