A Dynamic Profile Questions Approach to Mitigate Impersonation in Online Examinations

Online examinations are an integral component of many online learning environments, which face many security challenges. Collusion is seen as a major security threat to such examinations, when a student invites a third party to impersonate or abet in a test. This work aims to strengthen the authenti...

Full description

Saved in:
Bibliographic Details
Published in:Journal of grid computing 2019-06, Vol.17 (2), p.209-223
Main Authors: Ullah, Abrar, Xiao, Hannan, Barker, Trevor
Format: Article
Language:English
Subjects:
Computer Science
Management of Computing and Information Systems
Processor Architectures
Questions
Real time
Response time
Students
User Interfaces and Human Computer Interaction
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Online examinations are an integral component of many online learning environments, which face many security challenges. Collusion is seen as a major security threat to such examinations, when a student invites a third party to impersonate or abet in a test. This work aims to strengthen the authentication of students via the use of dynamic profile questions. The study reported in this paper involved 31 online participants from five countries over a five-week period. The results of usability and security analysis are reported. The dynamic profile questions were more usable than both the text-based and image-based questions (p < 0.01). An impersonation abuse scenario was simulated using email and mobile phone. The impersonation attack via email was not successful, however, students were able to share answers to dynamic profile questions with a third party impersonator in real time, which resulted in 93% correct answers. The sharing of information via phone took place in real time during an online test and the response time of an impersonator was significantly different (p < 0.01) than a student. The study also revealed that a response time factor may be implemented to identify and report impersonation attacks.
ISSN:1570-7873
1572-9184
DOI:10.1007/s10723-018-9442-6