O slideshow foi denunciado.

Online paymentusingsteganographt&Visualcryptography

9

Compartilhar

2 de 38
2 de 38

Mais Conteúdo rRelacionado

Online paymentusingsteganographt&Visualcryptography

  1. 1. Online Payment System using Steganography and Visual Cryptography Under the esteemed guidance of Mr.K. SAI BHARATH , M.tech Asst.Proffessor CSE DEPT. YOGANANDA INSTITUTE OF TECHNOLOGY AND SCIENCE DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING (Approved by AICTE, New Delhi & Affiliated to JNTUA, Anantapur) 2011-2015
  2. 2. Abstract  This paper presents a new approach for providing limited information only that is necessary for fund transfer during online shopping thereby safeguarding customer data and increasing customer confidence and preventing identity theft. A cryptographic technique based on visual secret sharing used for image encryption. Using k out of n (k, n) visual secret sharing scheme a secret image is encrypted in shares which are meaningless images that can be transmitted or distributed over an un trusted communication channel. Only combining the k shares or more give the original secret image. Phishing is an attempt by an individual or a group to thieve personal confidential information such as passwords, credit card information etc from unsuspecting victims for identity theft, financial gain and other fraudulent activities The use of images is explored to preserve the privacy of image captcha by decomposing the original image captcha into two shares that are stored in separate database servers such that the original image captcha can be revealed only when both are simultaneously available; the individual sheet images do not reveal the identity of the original image captcha. Once the original image captcha is revealed to the user it can be used as the password. Several solutions have been proposed to tackle phishing.
  3. 3. INTRODUCTION  In Online shopping the issue of purchase order through electronic purchase request, filling of credit or debit card information.  Identity theft or phishing are the common threats to online shopping.  Identity theft is the stealing of someone’s identity in the form of personal information and misuse.
  4. 4.  A new method is proposed, that uses text based steganography and visual cryptography, which minimizes information sharing between consumer and online merchant but enable successful fund transfer , thereby safeguarding consumer information and preventing misuse.  Steganography is the art of hiding of a message within the image, called the cover
  5. 5. Existing system  A customer authentication system using visual cryptography is presented , but it is specifically designed for physical banking.  A signature based authentication system for core banking is proposed in but it also requires physical presence of the customer presenting the share.  A biometrics in conjunction with visual cryptography is used as authentication system
  6. 6. Disadvantages of Existing System  Does not provide a friendly environment to encrypt or decrypt the data (images).  Not suitable for online payments  It is expansive of Using biometrics
  7. 7. Proposed System  Proposed System, Visual Cryptography (VC), technique based on visual secret sharing used for image encryption.  A new method is proposed, that uses text based steganography and visual cryptography, which minimizes information sharing between consumer and online merchant.
  8. 8.  For phishing detection and prevention, we are proposing a new methodology to detect the phishing website.  Our methodology is based on the Anti-Phishing Image Captcha validation scheme using visual cryptography. It prevents password and other confidential information from the phishing websites.  Cryptographic technique:(2, 2)- Threshold VCS scheme,(n, n) -Threshold VCS scheme, (k, n) Threshold VCS scheme are used in this proposed system.
  9. 9. Advantages Of Proposed System  Our methodology is based on the Anti-Phishing Image Captcha validation scheme using visual cryptography.  It prevents password and other confidential information from the phishing websites.  For phishing detection and prevention, we are proposing a new methodology to detect the phishing website.
  10. 10. System Architecture Proposed payment method
  11. 11. Algorithms  Encoding  First letter in each word of cover message is taken  􀂃 Representation of each letter in secret message by its  equivalent ASCII code.  􀂃 Conversion of ASCII code to equivalent 8 bit binary  number.  Division of 8 bit bin Choosing of suitable letters from table 1 corresponding  to the 4 bit parts.  Meaningful sentence construction by using letters  obtained as the first letters of suitable words.  􀂃 Omission of articles, pronoun, preposition, adverb,  was/were, is/am/are, has/have/had, will/shall, and  would/should in coding process to give flexibility in  sentence construction.ary number into two 4 bit parts.
  12. 12. Modules 1.Embedding text on the image 2. Encoding 3. Decoding Steps 5. Customer Authentication 6. Certification Authority Access 7. Final Authenticated Information Results:
  13. 13. 1.Embedding text on the image  In this module, Steganography uses characteristics of English language such as inflexion, fixed word order and use of periphrases for hiding data rather than using properties of a sentence.  This gives flexibility and freedom from the point view of sentence construction but it increases computational complexity.
  14. 14. 2. Encoding  Representation of each letter in secret message by its equivalent ASCII code.  Conversion of ASCII code to equivalent 8 bit binary number.  Division of 8 bit binary number into two 4 bit parts.  Choosing of suitable letters from table 1 corresponding to the 4 bit parts.  Meaningful sentence construction by using letters obtained as the first letters of suitable words.  Encoding is not case sensitive.
  15. 15. 3. Decoding Steps  First letter in each word of cover message is taken and represented by corresponding 4 bit number.  4 bit binary numbers of combined to obtain 8 bit number.  ASCII codes are obtained from 8 bit numbers.  Finally secret message is recovered from ASCII codes.
  16. 16. 5. Customer Authentication  Customer unique authentication password in connection to the bank is hidden inside a cover text using the text based Steganography method.  Customer authentication information (account no) in connection with merchant is placed above the cover text in its original form.  Now a snapshot of two texts is taken. From the snapshot image, two shares are generated using visual cryptography.  Now one share is kept by the customer and the other share is kept in the database of the certified authority.
  17. 17. 6. Certification Authority Access  During shopping online, after selection of desired item and adding it to the cart, preferred payment system of the merchant directs the customer to the Certified authority portal.  In the portal, shopper submits its own share and merchant submits its own account details. Now the CA combines its own share with shopper’s share and obtains the original image.  From CA now, merchant account details, cover text are sent to the bank where customer authentication password is recovered from the cover text.
  18. 18. 7. Final Authenticated Information Results:  Customer authentication information is sent to the merchant by CA.  Upon receiving customer authentication password, bank matches it with its own database and after verifying legitimate customer, transfers fund from the customer account to the submitted merchant account.  After receiving the fund, merchant’s payment system validates receipt of payment using customer authentication information.
  19. 19. Hardware & software requirements Hardware requirements  Processor - Intel I3  Speed - 1.80 ghz  RAM - 4gb  Storage Disk - 500gb
  20. 20. Software requirements  Platform : Windows 7  Programming Environment: JAVA 6  HttpServer : Tomcat 6  Design : HTML,Jsp,JavaScript.  Server side Script : Java Server Pages.  BackEnd : Oracle 10
  21. 21. UML Diagrams
  22. 22. Class diagram User +uid: integer +uname: String +address: String +e_id: String +signIn() Registration +accountno: integer +password: integer +uid: integer +uname: String +register() Authenticate +uid: integer +uname: String +password: integer +authenticate() TBSteg +password: integer +text-c: String +sentence: String +encode() +decode() Encode +ascii: integer +binary: integer +accountno: integer +toBinary() +toASCII() +to8bits() +to4bits() +numberAssignment() Decode +ascii: integer +binary: integer +accountno: integer +toASCII() +toBinary() +to4bits() +to8bits() +numberAssignment() Steg +text: String +image: String +extract() Shares +image: String +share1: integer +share2: integer +split() +merge()
  23. 23. Object DiagramKim, Hyunsoo +uid: 101 +uname: "kala" +address: "tpt" +e-id: kala@gmail.com Kim, Jeongil +accountno: 12345666 +uid: 101 +uname: "kala" Kim, Keehyun +uid: 101 +uname: "kala" +password: ***** User Kum, Deukkyu +password: ****** Lee, Jangwoo +ascii: 7 +binary: 0111 +accountno: 12345666 Lee, Minkyu +ascii: 7 +binary: 0111 +accountno: 12345666 Lim, Heejin +text: 010110100 Bae, Rankyoung +share1: 12345666 +share2: ******* Registration Authenticate TBSteg Encode Decode Steg Shares
  24. 24. Component Diagram User <<component>> Registration <<component>> Authenticate <<component>> TBSeg <<component>> Encode <<component>> Decode <<component>> Steg <<component>> Shares <<component>>
  25. 25. Deployment Diagram Registration User Authenticate TBSteg Encode Decode steg Shares
  26. 26. Usecase Diagram User authenticate register tbsteg CA accountno Merchant user given some details to merchant split bank result merge
  27. 27. Interaction Diagram 1.Sequence Diagram User Registration Authenticate TBSeg Encode Decode Steg Shares 1 : signIn() 2 : register() 3 : authenticate() 4 : encode() 5 : toBinary() 6 : to8bit() 7 : to4bit() 8 : decode() 9 : to4bit() 10 : to8bit() 11 : extract() 12 : merge() 13 : result()
  28. 28. 2.Collaboration Diagram UserRegistration Authentication TBSteg Encode Decode Steg Shares 1 : register() 2 : authenticate() 3 : convert() 4 : to8Bit() 5 : toASCII() 6 : to4Bit() 7 : to8Bit() 8 : toASCCI() 9 : to4Bit() 10 : extract() 11 : extract() 12 : split() 13 : merge()
  29. 29. Statechart Diagram User authenticate TBSeg image accountno & user authentication password here user given authentication password changed to text binary format CA CA contain accountno & password Merchant user give accountno & some details to the merchant where mechant give accountno to the CA CA checks accountno and transfer to bank result Bank
  30. 30. Activity Diagram User CAMerchant Bank User Authenticate Enter accountno and password TBSteg merchant user submitted only minimum information to the merchant i.e.accountno,uid ,uname not password CA image user authentication password accountno merchant submitted accountno to the CA CA contain image formate image contains accountno and covetext no CA checks accountno matched or not result yes
  31. 31. CONCLUSION In this paper, a payment system for online shopping is proposed by combining text based Steganography and visual cryptography that provides customer data privacy and prevents misuse of data at merchant’s side. The method is concerned only with prevention of identify theft and customer data security. In comparison to other banking application which uses Steganography and visual cryptography , are basically applied for physical banking, the proposed method can be applied for E-Commerce with focus area on payment during online shopping as well as physical banking.
  32. 32. Thank You
  33. 33. “ ”

×