Techinical Report Essay

Faculty of Computing and Information Technology

Diploma in Science (Internet Technology) Year 2

Academic Year 2018/2019

AACS3023 Web Application Programming

Assignment: Web Technology Research

Programme : DIT2

Tutorial Group : A3

Student Name : Michelle Yang Tzy Wen17JMD01953

Supervisor : Ms. Leong Pui Huang

Date Submitted to Tutor : Date/Time Received : [ ] On time / [ ] Late

Remarks

(If any) : Signature : Declaration

We confirm that we have read and shall comply with all the terms and conditions of TAR University College’s plagiarism policy.

We declare that this assignment is free from all forms of plagiarism and for all intents and purposes is my own properly derived work.

——————————————

(Name)

——————————————

(Signature)

——————————————

(Date)

Marking Rubrics

Programme: DIT2 Student Name: Michelle Yang Tzy Wen

Tutorial Class: A3 Student ID No.: 17JMD01953

CRITERIA TOTAL MARK POOR AVERAGE GOOD EXCELLENCE MARK

Quality of research topic 2 0 mark

The topic is not clearly defined. 1 mark

The topic is focused but lacks direction. 2 marks

The topic is focused narrowly enough for the scope of this assignment. Report Format

2 0 mark

No TOC, page number, header and sub header.

Inconsistent format. 1 mark

TOC, page number, header and sub header are given. Majority of the contents are formatted consistently. 2 marks

TOC, page number, header and sub header are given. Formally presented with consistent format and easy-to-follow structure. Spelling and Grammar

2

0 mark

Contains numerous grammatical and spelling errors.

1 mark

Contains few grammatical and spelling errors.

2 marks

Rules of grammar are followed. Spelling is correct. Diagrams and Figures 2

0 mark

No diagrams and figures used.

1 mark

Contains few diagrams and figures used. 2 marks

Appropriate diagrams and figures used. In-text citations and end references 2

0 mark

No cited works used. 1 mark

Some cited works are done in the correct format. In consistencies evident. 2 marks

All cited works are done in the correct format with no errors. Report Content 10

0 – 2 marks

Required details are not given. Contents are poorly elaborated. 3 – 5 marks

Required details are given. Contents are elaborated well. 6 – 7 marks

Required details are given. Contents are elaborated in detailed. 8 – 10 marks

Detailed descriptions are given. Good elaborations. All essential details are given. Total

20%

Turnitin Report (1st page only)

Web Technology Research Topic: Movie Ticket System (Security Module)

Existing Problems

Even though the movie ticket system has security, but it does not mean that your account will be safe. It is due to some of the hackers are able to manage to hack your account to steal your identities especially your bank account. It is a serious problem that we faced. In order to protect the customers’ accounts, our system do have a software called password encryption. Unfortunately, the hackers are able to decrypt the passwords. It is not an easy task to decrypt the passwords, unless they are a skilful hacker. It will lead some of the customers feel unsafe to enter their bank account numbers.

Figure 1: It shows the hacker hack the system

Another problem that we faced is the checkbox remember me. It is convenience and save time for users because they do not need to type their usernames and passwords whenever they log in. However it is insecure because if user’s laptop or any devices are stolen by the thief, they can just log in and know user’s identities.

Figure 2: It shows the remember me checkbox

Alternative Techniques

In order to overcome the existing problems that we faced, we used captcha to solve the problems. Captcha is the short form of Completely Automated Public Turing test to tell Computers and Human Apart. It is a software that provide a security for us. It helps us to determine whether we are a human or a bot when we do the registration and others. It shows users a series of disfigure words and users need to figure out and type it in a textbox below the disfigure words box.

The reason why we install this captcha is because we want to prevent bots or spammers to create any problems to customers. Especially when users create a new account. It also protect the users’ account from hacking. Most of the hackers are create a bot and hack the accounts or change the users’ passwords to let the users cannot log in to their accounts. Some of the hackers will keep on spamming the useless comments to users. Hence, captcha will block all of the comments and it only allow human can comment. It is easy to implement in the website because the software developer just need to type the coding in the program within few hours.

There are some few issues that we faced when we are using captcha. We cannot prevent all the spams all the time. Some of the hackers are still able to break the system and the bots are still able to spam. Present days, not all the bots are unable to read the disfigure words. The hackers may create a new bots which they can read the words and hack users’ accounts. Not all the users can read the disfigure words so they are difficult to figure out what are those words and it will lead to time-consuming. Some of the users may find it very annoying because whenever they change the info during registration, they need to type the captcha again and again.

Figure 3: Example of captcha

Proposed Technique

Due to the captcha cannot solve all the problems, now we implement re-captcha to replace the captcha. It has the same function as captcha is to protect the website from spammers or bots and prevent the hackers from hacking users’ accounts. It also distinguish whether you are a human or bots. The different between these captcha and re-captcha is that re-captcha ask the users to choose the pictures. For example, it show 9 different pictures but 3 of them are bicycle. It want the users to select the bicycle only. Therefore, users need to choose the pictures which are the bicycle. This method is secure compared to captcha. It is because the hackers create a bot which can read the words. Bots do not know how to figure out the pictures, it is because every users will get the different questions and pictures. Users are easy to know the pictures rather than disfigured words. It is hard for them to crack it. It will lead the customers feel safe to enter their details.

Figure 4: Example of re-captcha

Figure 5: Let the users to choose the pictures that must match with the tittle requirement.

Implementation

Step 1: Install “Install-Package reCAPTCHA.MVC”

Step 2: Add the public and private key in appSettings

Step 3: Modify the form

Step 4: Implement the Controller Action

Strengths and Weaknesses

Re-captcha is not easy to get spam compare to captcha because bots do not know which pictures to select and also do not know what kind of images are inside each box. Bots are created by human means that they are rigid. This will make the hackers hard to hack users’ account. The hackers are not easy to crack the re-captcha because it keep on evolve the functions. Now they evolve until version 3. If the hackers are able to crack it, which mean that they are a skilful and expert hackers. Up to now no one can crack it. By now, re-captcha is the safest security in website. Most of the users trust re-captcha rather than captcha. It easy to figure out whether you are a bot or not. If we still using captcha but still able to figure out the words and enter it by itself.

Someday, people will able to crack re-captcha because regardless how good you create a software, it will have a weakness. It is just that see when the hackers will figure it out. Sometime users may find it annoying because when they choose the correct pictures but it still want them to do the second times but it is not the same question and pictures.

Future Improvements

We can use biometric in the future. For example, when users want to log in their account through phone, they can use finger print to log in. It is due to every person has different finger print. Therefore they do not need to type their username and password. If they use laptop to log in, it can scan their face shape or eye to scan through the camera.

We can send code to the users and they need to enter within 1 minute. If 1 minute is over, the code will be expired and they need to resend it again. The code can either send it through their phone or their email. It is to make sure that it is the user who log in to their account. If unauthorized people want to log in your account, the users will know about it because the code will send it to users’ phone or email.

References

Jardine, J. (2018). Remember Me Features. [online] Developsec.com. Available at: [Accessed 23 Nov. 2018].

Help.justgiving.com. (2018). [online] Available at: [Accessed 23 Nov. 2018].

SearchSecurity. (2018). What is the purpose of CAPTCHA technology?. [online] Available at: [Accessed 23 Nov. 2018].

Humanity, P. (2018). The Pros and Cons of CAPTCHAs « Phil for Humanity. [online] Philforhumanity.com. Available at: [Accessed 23 Nov. 2018].

TechVoi. (2018). 4 Benefits of Captcha that Make it a Must-Have for Every Website. [online] Available at: [Accessed 23 Nov. 2018].

Lifewire.com. (2018). [online] Available at: [Accessed 23 Nov. 2018].

Sophosnews.files.wordpress.com. (2018). [online] Available at: [Accessed 23 Nov. 2018].

Bitbay.net. (2018). [online] Available at: [Accessed 23 Nov. 2018].

[closed], H. (2018). How to implement reCaptcha for ASP.NET MVC?. [online] Stack Overflow. Available at: [Accessed 23 Nov. 2018].

Still stressed from student homework?
Get quality assistance from academic writers!