Advertisement

A Multi-factor Authentication Method for Security of Online Examinations

  • Abrar Ullah
  • Hannan Xiao
  • Trevor Barker
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 256)

Abstract

Security of online examinations is the key to success of remote online learning. However, it faces many conventional and non-conventional security threats. Impersonation and abetting are rising non-conventional security threats, when a student invites a third party to impersonate or abet in a remote exam. This work proposed dynamic profile questions authentication to identify that the person taking an online test is the same who completed the course work. This is combined with remote proctoring to prevent students from taking help from a third party during exam. This research simulated impersonation and abetting attacks in remote online course and laboratory based control simulation to analyse the impact of dynamic profile questions and proctoring. The study also evaluated effectiveness of the proposed method. The findings indicate that dynamic profile questions are highly effective. The security analysis shows that impersonation attack was not successful.

Keywords

Security Authentication Online examination 

References

  1. 1.
    Schechter, S.E.: Computer Security Strength & Risk: A Quantitative Approach. Harvard University Cambridge, Massachusetts, Massachusetts (2004)Google Scholar
  2. 2.
    Ullah, A.: Security and Usability of Authentication by Challenge Questions in Online Examination. University of Hertfordshire, Hatfield (2017)Google Scholar
  3. 3.
    Tajuddin, S., Olphert, W., Doherty, N.: Relationship between stakeholders’ information value perception and information security behaviour. In: International Conference on Integrated Information (IC-ININFO 2014): Proceedings of the 4th International Conference on Integrated Information 2015. AIP Publishing (2015)Google Scholar
  4. 4.
    Sahibudin, S., Sharifi, M., Ayat, M.: Combining ITIL, COBIT and ISO/IEC 27002 in order to design a comprehensive IT framework in organizations. In: Modeling & Simulation, 2008 AICMS 2008 Second Asia International Conference on 2008. IEEE (2008)Google Scholar
  5. 5.
    Buzzetto-More, N.: Student perceptions of various e-learning components Interdisciplinary. J. E-Learn. Learn. Objects 4(1), 113–135 (2008)Google Scholar
  6. 6.
    Ullah, A., Barker, T., Xiao, H.: A focus group study: usability and security of challenge question authentication in online examinations. In: International Conference on Information Technology and Applications (ICITA). Academic Alliance International, Sydney Australia (2017)Google Scholar
  7. 7.
    Ullah, A., Xiao, H., Barker, T.: A dynamic profile questions approach to mitigate impersonation in online examinations. J. Grid Comput. (Knowl. Discov.), 1–15 (2018) Google Scholar
  8. 8.
    Allen, I.E., Seaman, J.: Online Nation Five Years of Growth in Online learning Needham. Sloan Consortium, Mass (2007)Google Scholar
  9. 9.
    Koohang, A., Riley, L., Smith, T., Schreurs, J.: E-learning and constructivism: from theory to application Interdisciplinary. J. E-Learn. Learn. Objects 5(1), 91–109 (2009)Google Scholar
  10. 10.
    Watson, G., Sottile, J.: Cheating in the digital age: do students cheat more in online courses? Online J. Distance Learn. Adm. 13(1), n1 (2010)Google Scholar
  11. 11.
    Ullah, A., Xiao, H., Barker, T.: A dynamic profile questions approach to mitigate impersonation in online examinations. J. Grid Comput. 1–15 (2018)Google Scholar
  12. 12.
    Ullah, A., Xiao, H., Barker, T.: A study into the usability and security implications of text and image based challenge questions in the context of online examination. Educ. Inf. Technol. 1–27 (2018)Google Scholar
  13. 13.
    Ullah, A., Xiao, H., Lilley, M.: Profile based student authentication in online examination. In: International Conference on Information Society 2012. IEEE, London (2012)Google Scholar
  14. 14.
    Ullah, A., Xiao, H., Barker, T., Lilley, M.: Evaluating security and usability of profile based challenge questions authentication in online examinations. J. Internet Serv. Appl. 5(1), 2 (2014)CrossRefGoogle Scholar
  15. 15.
    Ullah, A., Xiao, H., Barker, T., Lilley, M.: Graphical and text based challenge questions for secure and usable authentication in online examinations. In: The 9th International Conference for Internet Technology and Secured Transactions (ICITST) 2014. IEEE, London (2014)Google Scholar
  16. 16.
    Mahmood, N.: Remote Proctoring Software Means Students Can Now Take Exams From Home. Technological News Portal; 2010 [cited 2011 13/07/2011]. http://thetechjournal.com/science/remote-proctoring-software-means-students-can-now-take-exams-from-home.xhtml
  17. 17.
    Iso9241-11. Ergonomic Requirements for Office Work with Visual Dispaly Terminals, Part 11: Guidance on Usability. ISO 9241-11. Geneva1998)Google Scholar
  18. 18.
    Corry, M.D., Frick, T.W., Hansen, L.: User-centered design and usability testing of a web site: an illustrative case study. Educ. Technol. Res. Dev. 45(4), 65–76 (1997)CrossRefGoogle Scholar
  19. 19.
    Bangor, A., Kortum, P., Miller, J.: Determining what individual SUS scores mean: adding an adjective rating scale. J. Usability Stud. 4(3), 114–123 (2009)Google Scholar
  20. 20.
    Ni, M., Mccalley, J.D., Vittal, V., Tayyib, T.: Online risk-based security assessment. IEEE Trans. Power Syst. 18(1), 258–265 (2003)Google Scholar
  21. 21.
    Mcgraw, G.: Software security & privacy. IEEE 2(2), 80–83 (2004)Google Scholar
  22. 22.
    Seffah, A., Kececi, N., Donyaee, M.: QUIM: a framework for quantifying usability metrics in software quality models. In: Quality Software, 2001 Proceedings Second Asia-Pacific Conference on 2001. IEEE (2001)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  1. 1.School of Computing and ManagementCardiff Metropolitan UniversityCardiffUK
  2. 2.School of Computer ScienceUniversity of HertfordshireHatfieldUK

Personalised recommendations