Visible to the public Biblio

Found 439 results

Filters: First Letter Of Last Name is Y  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X [Y] Z   [Show ALL]
Y
Y. Cao, J. Yang.  2015.  "Towards Making Systems Forget with Machine Unlearning". 2015 IEEE Symposium on Security and Privacy. :463-480.

Today's systems produce a rapidly exploding amount of data, and the data further derives more data, forming a complex data propagation network that we call the data's lineage. There are many reasons that users want systems to forget certain data including its lineage. From a privacy perspective, users who become concerned with new privacy risks of a system often want the system to forget their data and lineage. From a security perspective, if an attacker pollutes an anomaly detector by injecting manually crafted data into the training data set, the detector must forget the injected data to regain security. From a usability perspective, a user can remove noise and incorrect entries so that a recommendation engine gives useful recommendations. Therefore, we envision forgetting systems, capable of forgetting certain data and their lineages, completely and quickly. This paper focuses on making learning systems forget, the process of which we call machine unlearning, or simply unlearning. We present a general, efficient unlearning approach by transforming learning algorithms used by a system into a summation form. To forget a training data sample, our approach simply updates a small number of summations – asymptotically faster than retraining from scratch. Our approach is general, because the summation form is from the statistical query learning in which many machine learning algorithms can be implemented. Our approach also applies to all stages of machine learning, including feature selection and modeling. Our evaluation, on four diverse learning systems and real-world workloads, shows that our approach is general, effective, fast, and easy to use.

Y. Seifi, S. Suriadi, E. Foo, C. Boyd.  2014.  Security properties analysis in a TPM-based protocol. Int. J. of Security and Networks, 2014 Vol.9, No.2, pp.85 - 103.

Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient.

Y. Y. Won, D. S. Seo, S. M. Yoon.  2015.  "Improvement of transmission capacity of visible light access link using Bayesian compressive sensing". 2015 21st Asia-Pacific Conference on Communications (APCC). :449-453.

A technical method regarding to the improvement of transmission capacity of an optical wireless orthogonal frequency division multiplexing (OFDM) link based on a visible light emitting diode (LED) is proposed in this paper. An original OFDM signal, which is encoded by various multilevel digital modulations such as quadrature phase shift keying (QPSK), and quadrature amplitude modulation (QAM), is converted into a sparse one and then compressed using an adaptive sampling with inverse discrete cosine transform, while its error-free reconstruction is implemented using a L1-minimization based on a Bayesian compressive sensing (CS). In case of QPSK symbols, the transmission capacity of the optical wireless OFDM link was increased from 31.12 Mb/s to 51.87 Mb/s at the compression ratio of 40 %, while It was improved from 62.5 Mb/s to 78.13 Mb/s at the compression ratio of 20 % under the 16-QAM symbols in the error free wireless transmission (forward error correction limit: bit error rate of 10-3).

Ya Zhang, Yi Wei, Jianbiao Ren.  2014.  Multi-touch Attribution in Online Advertising with Survival Theory. Data Mining (ICDM), 2014 IEEE International Conference on. :687-696.

Multi-touch attribution, which allows distributing the credit to all related advertisements based on their corresponding contributions, has recently become an important research topic in digital advertising. Traditionally, rule-based attribution models have been used in practice. The drawback of such rule-based models lies in the fact that the rules are not derived form the data but only based on simple intuition. With the ever enhanced capability to tracking advertisement and users' interaction with the advertisement, data-driven multi-touch attribution models, which attempt to infer the contribution from user interaction data, become an important research direction. We here propose a new data-driven attribution model based on survival theory. By adopting a probabilistic framework, one key advantage of the proposed model is that it is able to remove the presentation biases inherit to most of the other attribution models. In addition to model the attribution, the proposed model is also able to predict user's 'conversion' probability. We validate the proposed method with a real-world data set obtained from a operational commercial advertising monitoring company. Experiment results have shown that the proposed method is quite promising in both conversion prediction and attribution.

Ya'u, B. I., Nordin, A., Salleh, N., Aliyu, I..  2018.  Requirements Patterns Structure for Specifying and Reusing Software Product Line Requirements. 2018 International Conference on Information and Communication Technology for the Muslim World (ICT4M). :185–190.
A well-defined structure is essential in all software development, thus providing an avenue for smooth execution of the processes involved during various software development phases. One of the potential benefits provided by a well-defined structure is systematic reuse of software artifacts. Requirements pattern approach provides guidelines and modality that enables a systematic way of specifying and documenting requirements, which in turn supports a systematic reuse. Although there is a great deal of research concerning requirements pattern in the literature, the research focuses are not on requirement engineering (RE) activities of SPLE. In this paper, we proposed a software requirement pattern (SRP) structure based on RePa Requirements Pattern Template, which was adapted to best suit RE activities in SPLE. With this requirement pattern structure, RE activities such as elicitation and identification of common and variable requirements as well as the specification, documentation, and reuse in SPLE could be substantially improved.
Yadav, Ashok Kumar.  2021.  Significance of Elliptic Curve Cryptography in Blockchain IoT with Comparative Analysis of RSA Algorithm. 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS). :256—262.
In the past few years, the blockchain emerged as peer-to-peer distributed ledger technology for recording transactions, maintained by many peers without any central trusted regulatory authority through distributed public-key cryptography and consensus mechanism. It has not only given the birth of cryptocurrencies, but it also resolved various security, privacy and transparency issues of decentralized systems. This article discussed the blockchain basics overview, architecture, and blockchain security components such as hash function, Merkle tree, digital signature, and Elliptic curve cryptography (ECC). In addition to the core idea of blockchain, we focus on ECC's significance in the blockchain. We also discussed why RSA and other key generation mechanisms are not suitable for blockchain-based IoT applications. We also analyze many possible blockchain-based applications where ECC algorithm is better than other algorithms concerning security and privacy assurance. At the end of the article, we will explain the comparative analysis of ECC and RSA.
Yadav, D., Salmani, S..  2019.  Deepfake: A Survey on Facial Forgery Technique Using Generative Adversarial Network. 2019 International Conference on Intelligent Computing and Control Systems (ICCS). :852—857.
"Deepfake" it is an incipiently emerging face video forgery technique predicated on AI technology which is used for creating the fake video. It takes images and video as source and it coalesces these to make a new video using the generative adversarial network and the output is very convincing. This technique is utilized for generating the unauthentic spurious video and it is capable of making it possible to generate an unauthentic spurious video of authentic people verbally expressing and doing things that they never did by swapping the face of the person in the video. Deepfake can create disputes in countries by influencing their election process by defaming the character of the politician. This technique is now being used for character defamation of celebrities and high-profile politician just by swapping the face with someone else. If it is utilized in unethical ways, this could lead to a serious problem. Someone can use this technique for taking revenge from the person by swapping face in video and then posting it to a social media platform. In this paper, working of Deepfake technique along with how it can swap faces with maximum precision in the video has been presented. Further explained are the different ways through which we can identify if the video is generated by Deepfake and its advantages and drawback have been listed.
Yadav, Geeta, Paul, Kolin.  2019.  Assessment of SCADA System Vulnerabilities. 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1737–1744.
SCADA system is an essential component for automated control and monitoring in many of the Critical Infrastructures (CI). Cyber-attacks like Stuxnet, Aurora, Maroochy on SCADA systems give us clear insight about the damage a determined adversary can cause to any country's security, economy, and health-care systems. An in-depth analysis of these attacks can help in developing techniques to detect and prevent attacks. In this paper, we focus on the assessment of SCADA vulnerabilities from the widely used National Vulnerability Database (NVD) until May 2019. We analyzed the vulnerabilities based on severity, frequency, availability, integrity and confidentiality impact, and Common Weaknesses. The number of reported vulnerabilities are increasing yearly. Approximately 89% of the attacks are the network exploits severely impacting availability of these systems. About 19% of the weaknesses are due to buffer errors due to the use of insecure and legacy operating systems. We focus on finding the answer to four key questions that are required for developing new technologies for securing SCADA systems. We believe this is the first study of its kind which looks at correlating SCADA attacks with publicly available vulnerabilities. Our analysis can provide security researchers with useful insights into SCADA critical vulnerabilities and vulnerable components, which need attention. We also propose a domain-specific vulnerability scoring system for SCADA systems considering the interdependency of the various components.
Yadav, Kuldeep, Roy, Sanjay Dhar, Kundu, Sumit.  2018.  Total Error Reduction in Presence of Malicious User in a Cognitive Radio Network. 2018 2nd International Conference on Electronics, Materials Engineering Nano-Technology (IEMENTech). :1-4.

Primary user emulation (PUE) attack causes security issues in a cognitive radio network (CRN) while sensing the unused spectrum. In PUE attack, malicious users transmit an emulated primary signal in spectrum sensing interval to secondary users (SUs) to forestall them from accessing the primary user (PU) spectrum bands. In the present paper, the defense against such attack by Neyman-Pearson criterion is shown in terms of total error probability. Impact of several parameters such as attacker strength, attacker's presence probability, and signal-to-noise ratio on SU is shown. Result shows proposed method protect the harmful effects of PUE attack in spectrum sensing.

Yadav, M. K., Gugal, D., Matkar, S., Waghmare, S..  2019.  Encrypted Keyword Search in Cloud Computing using Fuzzy Logic. 2019 1st International Conference on Innovations in Information and Communication Technology (ICIICT). :1–4.
Research and Development, and information management professionals routinely employ simple keyword searches or more complex Boolean queries when using databases such as PubMed and Ovid and search engines like Google to find the information they need. While satisfying the basic needs of the researcher, basic search is limited which can adversely affect both precision and recall, decreasing productivity and damaging the researchers' ability to discover new insights. The cloud service providers who store user's data may access sensitive information without any proper authority. A basic approach to save the data confidentiality is to encrypt the data. Data encryption also demands the protection of keyword privacy since those usually contain very vital information related to the files. Encryption of keywords protects keyword safety. Fuzzy keyword search enhances system usability by matching the files perfectly or to the nearest possible files against the keywords entered by the user based on similar semantics. Encrypted keyword search in cloud using this logic provides the user, on entering keywords, to receive best possible files in a more secured manner, by protecting the user's documents.
Yadav, Mohini, Shankar, Deepak, Jose, Tom.  2020.  Functional Safety for Braking System through ISO 26262, Operating System Security and DO 254. 2020 AIAA/IEEE 39th Digital Avionics Systems Conference (DASC). :1–8.
This paper presents an introduction to functional safety through ISO 26262 focusing on system, software and hardware possible failures that bring security threats and discussion on DO 254. It discusses the approach to bridge the gap between different other hazard level and system ability to identify the particular fault and resolve it minimum time span possible. Results are analyzed by designing models to check and avoid all the failures, loophole prior development.
Yadav, Parul, Gaur, Manish.  2018.  A Behavioural Theory for Intrusion Detection System in Mobile Ad-Hoc Networks. Proceedings of the 2Nd International Conference on High Performance Compilation, Computing and Communications. :51-60.

We propose a Calculi in process algebraic framework to formally model Intrusion Detection System (IDS) for secure routing in Mobile Ad-hoc Networks. The proposed calculi, named as dRi, is basically an extension of Distributed pi calculus (Dpi). The calculi models unicast, multicast & broadcast communication, node mobility, energy conservation at node and detection of malicious node(s) in Mobile Ad-hoc Networks. The Calculi has two syntactic categories: one for describing nodes and another for processes which reside in nodes. We also present two views of semantic reductions; one as reduction on configurations whereas another as LTSs (Labelled Transition Systems), behavioural semantics, where reduction on configurations are described on various actions. We present an example described using LTSs to show the capability of the proposed calculi. We define a bisimulation based equivalence between configurations. Further we define a touch-stone equivalence on its reduction semantics & also present prove outline for bisimulation based equivalence that can be recovered from its touch-stone equivalence and vice-versa.

Yadav, S., Howells, G..  2017.  Analysis of ICMetrics Features/Technology for Wearable Devices IOT Sensors. 2017 Seventh International Conference on Emerging Security Technologies (EST). :175–178.

This paper investigates the suitability of employing various measurable features derived from multiple wearable devices (Apple Watch), for the generation of unique authentication and encryption keys related to the user. This technique is termed as ICMetrics. The ICMetrics technology requires identifying the suitable features in an environment for key generation most useful for online services. This paper presents an evaluation of the feasibility of identifying a unique user based on desirable feature set and activity data collected over short and long term and explores how the number of samples being factored into the ICMetrics system affects uniqueness of the key.

Yadav, S., Trivedi, M. C., Singh, V. K., Kolhe, M. L..  2017.  Securing AODV routing protocol against black hole attack in MANET using outlier detection scheme. 2017 4th IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics (UPCON). :1–4.

Imposing security in MANET is very challenging and hot topic of research science last two decades because of its wide applicability in applications like defense. Number of efforts has been made in this direction. But available security algorithms, methods, models and framework may not completely solve this problem. Motivated from various existing security methods and outlier detection, in this paper novel simple but efficient outlier detection scheme based security algorithm is proposed to protect the Ad hoc on demand distance vector (AODV) reactive routing protocol from Black hole attack in mobile ad hoc environment. Simulation results obtained from network simulator tool evident the simplicity, robustness and effectiveness of the proposed algorithm over the original AODV protocol and existing methods.

Yadav, Sanjay Kumar, Suguna, P, Velusamy, R. Leela.  2019.  Entropy based mitigation of Distributed-Denial-of-Service (DDoS) attack on Control Plane in Software-Defined-Network (SDN). 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–7.
SDN is new networking concept which has revolutionized the network architecture in recent years. It decouples control plane from data plane. Architectural change provides re-programmability and centralized control management of the network. At the same time it also increases the complexity of underlying physical infrastructure of the network. Unfortunately, the centralized control of the network introduces new vulnerabilities and attacks. Attackers can exploit the limitation of centralized control by DDoS attack on control plane. The entire network can be compromised by DDoS attack. Based on packet entropy, a solution for mitigation of DDoS attack provided in the proposed scheme.
Yadegari, Babak, Stephens, Jon, Debray, Saumya.  2017.  Analysis of Exception-Based Control Transfers. Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy. :205–216.
Dynamic taint analysis and symbolic execution find many important applications in security-related program analyses. However, current techniques for such analyses do not take proper account of control transfers due to exceptions. As a result, they can fail to account for implicit flows arising from exception-based control transfers, leading to loss of precision and potential false negatives in analysis results. While the idea of using exceptions for obfuscating (unconditional) control transfers is well known, we are not aware of any prior work discussing the use of exceptions to implement conditional control transfers and implicit information flows. This paper demonstrates the problems that can arise in existing dynamic taint analysis and symbolic execution systems due to exception-based implicit information flows and proposes a generic architecture-agnostic solution for reasoning about the behavior of code using user-defined exception handlers. Experimental results from a prototype implementation indicate that the ideas described produce better results than current state-of-the-art systems.
Yadollahi, Mohammad Mehdi, Shoeleh, Farzaneh, Serkani, Elham, Madani, Afsaneh, Gharaee, Hossein.  2019.  An Adaptive Machine Learning Based Approach for Phishing Detection Using Hybrid Features. 2019 5th International Conference on Web Research (ICWR). :281—286.

Nowadays, phishing is one of the most usual web threats with regards to the significant growth of the World Wide Web in volume over time. Phishing attackers always use new (zero-day) and sophisticated techniques to deceive online customers. Hence, it is necessary that the anti-phishing system be real-time and fast and also leverages from an intelligent phishing detection solution. Here, we develop a reliable detection system which can adaptively match the changing environment and phishing websites. Our method is an online and feature-rich machine learning technique to discriminate the phishing and legitimate websites. Since the proposed approach extracts different types of discriminative features from URLs and webpages source code, it is an entirely client-side solution and does not require any service from the third-party. The experimental results highlight the robustness and competitiveness of our anti-phishing system to distinguish the phishing and legitimate websites.

Yaegashi, Ryo, Hisano, Daisuke, Nakayama, Yu.  2021.  Light-Weight DDoS Mitigation at Network Edge with Limited Resources. 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). :1—6.

The Internet of Things (IoT) has been growing rapidly in recent years. With the appearance of 5G, it is expected to become even more indispensable to people's lives. In accordance with the increase of Distributed Denial-of-Service (DDoS) attacks from IoT devices, DDoS defense has become a hot research topic. DDoS detection mechanisms executed on routers and SDN environments have been intensely studied. However, these methods have the disadvantage of requiring the cost and performance of the devices. In addition, there is no existing DDoS mitigation algorithm on the network edge that can be performed with the low-cost and low-performance equipment. Therefore, this paper proposes a light-weight DDoS mitigation scheme at the network edge using limited resources of inexpensive devices such as home gateways. The goal of the proposed scheme is to detect and mitigate flooding attacks. It utilizes unused queue resources to detect malicious flows by random shuffling of queue allocation and discard the packets of the detected flows. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. The simulation results match the theoretical results and the proposed algorithm can efficiently detect malicious flows using limited resources.

Yaegashi, Ryo, Hisano, Daisuke, Nakayama, Yu.  2021.  Queue Allocation-Based DDoS Mitigation at Edge Switch. 2021 IEEE International Conference on Communications Workshops (ICC Workshops). :1—6.

It has been a hot research topic to detect and mitigate Distributed Denial-of-Service (DDoS) attacks due to the significant increase of serious threat of such attacks. The rapid growth of Internet of Things (IoT) has intensified this trend, e.g. the Mirai botnet and variants. To address this issue, a light-weight DDoS mitigation mechanism was presented. In the proposed scheme, flooding attacks are detected by stochastic queue allocation which can be executed with widespread and inexpensive commercial products at a network edge. However, the detection process is delayed when the number of incoming flows is large because of the randomness of queue allocation. Thus, in this paper we propose an efficient queue allocation algorithm for rapid DDoS mitigation using limited resources. The idea behind the proposed scheme is to avoid duplicate allocation by decreasing the randomness of the existing scheme. The performance of the proposed scheme was confirmed via theoretical analysis and computer simulation. As a result, it was confirmed that malicious flows are efficiently detected and discarded with the proposed algorithm.

Yagan, Osman, Makowski, Armand M..  2016.  Wireless Sensor Networks Under the Random Pairwise Key Predistribution Scheme: Can Resiliency Be Achieved With Small Key Rings? IEEE/ACM Trans. Netw.. 24:3383–3396.

We investigate the resiliency of wireless sensor networks against sensor capture attacks when the network uses the random pairwise key distribution scheme of Chan et al. We present conditions on the model parameters so that the network is: 1 unassailable and 2 unsplittable, both with high probability, as the number \$n\$ of sensor nodes becomes large. Both notions are defined against an adversary who has unlimited computing resources and full knowledge of the network topology, but can only capture a negligible fraction \$on\$ of sensors. We also show that the number of cryptographic keys needed to ensure unassailability and unsplittability under the pairwise key predistribution scheme is an order of magnitude smaller than it is under the key predistribution scheme of Eschenauer and Gligor.

Yagoub, Mohammed Amine, Laouid, Abdelkader, Kazar, Okba, Bounceur, Ahcène, Euler, Reinhardt, AlShaikh, Muath.  2018.  An Adaptive and Efficient Fully Homomorphic Encryption Technique. Proceedings of the 2Nd International Conference on Future Networks and Distributed Systems. :35:1–35:6.

The huge amount of generated data offers special advantages mainly in dynamic and scalable systems. In fact, the data generator entities need to share the generated data with each other which leads to the use of cloud services. A cloud server is considered as an untrusted entity that offers many advantages such as large storing space, computation speed... etc. Hence, there is a need to cope with how to protect the stored data in the cloud server by proposing adaptive solutions. The main objective is how to provide an encryption scheme allowing the user to maintains some functions such as addition, multiplication and to preserve the order on the encrypted cloud data. Many algorithms and techniques are designed to manipulate the stored encrypted cloud data. This paper presents an adaptive and efficient fully homomorphic encryption technique to protect the user's data stored in the cloud, where the cloud server executes simple operations.

Yajin Zhou, Xuxian Jiang.  2012.  Dissecting Android Malware: Characterization and Evolution. Security and Privacy (SP), 2012 IEEE Symposium on. :95-109.

The popularity and adoption of smart phones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light of their rapid growth, there is a pressing need to develop effective solutions. However, our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples. In this paper, we focus on the Android platform and aim to systematize or characterize existing Android malware. Particularly, with more than one year effort, we have managed to collect more than 1,200 malware samples that cover the majority of existing Android malware families, ranging from their debut in August 2010 to recent ones in October 2011. In addition, we systematically characterize them from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads. The characterization and a subsequent evolution-based study of representative families reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software. Based on the evaluation with four representative mobile security software, our experiments show that the best case detects 79.6% of them while the worst case detects only 20.2% in our dataset. These results clearly call for the need to better develop next-generation anti-mobile-malware solutions.

Yakura, Hiromu, Shinozaki, Shinnosuke, Nishimura, Reon, Oyama, Yoshihiro, Sakuma, Jun.  2018.  Malware Analysis of Imaged Binary Samples by Convolutional Neural Network with Attention Mechanism. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. :127–134.
This paper presents a proposal of a method to extract important byte sequences in malware samples to reduce the workload of human analysts who investigate the functionalities of the samples. This method, by applying convolutional neural network (CNN) with a technique called attention mechanism to an image converted from binary data, enables calculation of an "attention map," which shows regions having higher importance for classification in the image. This distinction of regions enables extraction of characteristic byte sequences peculiar to the malware family from the binary data and can provide useful information for the human analysts without a priori knowledge. Furthermore, the proposed method calculates the attention map for all binary data including the data section. Thus, it can process packed malware that might contain obfuscated code in the data section. Results of our evaluation experiment using malware datasets show that the proposed method provides higher classification accuracy than conventional methods. Furthermore, analysis of malware samples based on the calculated attention maps confirmed that the extracted sequences provide useful information for manual analysis, even when samples are packed.
Yakura, Hiromu, Shinozaki, Shinnosuke, Nishimura, Reon, Oyama, Yoshihiro, Sakuma, Jun.  2017.  Malware Analysis of Imaged Binary Samples by Convolutional Neural Network with Attention Mechanism. Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security. :55–56.

This paper presents a method to extract important byte sequences in malware samples by application of convolutional neural network (CNN) to images converted from binary data. This method, by combining a technique called the attention mechanism into CNN, enables calculation of an "attention map," which shows regions having higher importance for classification in the image. The extracted region with higher importance can provide useful information for human analysts who investigate the functionalities of unknown malware samples. Results of our evaluation experiment using malware dataset show that the proposed method provides higher classification accuracy than a conventional method. Furthermore, analysis of malware samples based on the calculated attention map confirmed that the extracted sequences provide useful information for manual analysis.

Yakut, S., Ozer, A.B..  2014.  HMAC based one t #x0131;me password generator. Signal Processing and Communications Applications Conference (SIU), 2014 22nd. :1563-1566.

One Time Password which is fixed length strings to perform authentication in electronic media is used as a one-time. In this paper, One Time Password production methods which based on hash functions were investigated. Keccak digest algorithm was used for the production of One Time Password. This algorithm has been selected as the latest standards for hash algorithm in October 2012 by National Instute of Standards and Technology. This algorithm is preferred because it is faster and safer than the others. One Time Password production methods based on hash functions is called Hashing-Based Message Authentication Code structure. In these structures, the key value is using with the hash function to generate the Hashing-Based Message Authentication Code value. Produced One Time Password value is based on the This value. In this application, the length of the value One Time Password was the eight characters to be useful in practice.