Security and Usability of Authentication by Challenge Questions in Online Examination
Online examinations are an integral component of many online learning environments and a high-stake process for students, teachers and educational institutions. They are the target of many security threats, including intrusion by hackers and collusion. Collu-sion happens when a student invites a third party to impersonate him/her in an online test, or to abet with the exam questions. This research proposed a profile-based chal-lenge question approach to create and consolidate a student’s profile during the learning process, to be used for authentication in the examination process. The pro-posed method was investigated in six research studies using a usability test method and a risk-based security assessment method, in order to investigate usability attributes and security threats. The findings of the studies revealed that text-based questions are prone to usability issues such as ambiguity, syntactic variation, and spelling mistakes. The results of a usability analysis suggested that image-based questions are more usable than text-based questions (p < 0.01). The findings identified that dynamic profile questions are more efficient and effective than text-based and image-based questions (p < 0.01). Since text-based questions are associated with an individual’s personal information, they are prone to being shared with impersonators. An increase in the numbers of chal-lenge questions being shared showed a significant linear trend (p < 0.01) and increased the success of an impersonation attack. An increase in the database size decreased the success of an impersonation attack with a significant linear trend (p < 0.01). The security analysis of dynamic profile questions revealed that an impersonation attack was not successful when a student shared credentials using email asynchronously. However, a similar attack was successful when a student and impersonator shared information in real time using mobile phones. The response time in this attack was significantly different when a genuine student responded to his challenge questions (p < 0.01). The security analysis revealed that the use of dynamic profile questions in a proctored exam can influence impersonation and abetting. This view was supported by online programme tutors in a focus group study.
MetadataShow full item record
Showing items related by title, author, creator and subject.
Webber, Megan (2016-11-21)In recent decades historians have ‘discovered’ agency in a wide range of geographical and temporal contexts, amongst many different types of actor. This dissertation employs the concept of agency to dissect the dynamics ...
Questioning the Importance of Being Earnest: A Conversation Analysis of the Use and Function of Humour in the Serious Business of Therapy Jeffrey, Sarah Kathering (2010-05-27)This thesis explores the long-standing debate in the field of psychotherapy around the use of humour in psychotherapy and the shift from outcome to process research in psychotherapy research. In line with the social ...
Dalcher, Darren (2016-03)Is it time to revisit our definitions of projects and programmes? Definitions and assumptions play a key part in delimiting both knowledge and practice. Language is closely entwined with human life: Words and constructions ...