44,818 research outputs found
GazeTouchPass: Multimodal Authentication Using Gaze and Touch on Mobile Devices
We propose a multimodal scheme, GazeTouchPass, that combines gaze and touch for shoulder-surfing resistant user authentication on mobile devices. GazeTouchPass allows passwords with multiple switches between input modalities during authentication. This requires attackers to simultaneously observe the device screen and the user's eyes to find the password. We evaluate the security and usability of GazeTouchPass in two user studies. Our findings show that GazeTouchPass is usable and significantly more secure than single-modal authentication against basic and even advanced shoulder-surfing attacks
Towards Baselines for Shoulder Surfing on Mobile Authentication
Given the nature of mobile devices and unlock procedures, unlock
authentication is a prime target for credential leaking via shoulder surfing, a
form of an observation attack. While the research community has investigated
solutions to minimize or prevent the threat of shoulder surfing, our
understanding of how the attack performs on current systems is less well
studied. In this paper, we describe a large online experiment (n=1173) that
works towards establishing a baseline of shoulder surfing vulnerability for
current unlock authentication systems. Using controlled video recordings of a
victim entering in a set of 4- and 6-length PINs and Android unlock patterns on
different phones from different angles, we asked participants to act as
attackers, trying to determine the authentication input based on the
observation. We find that 6-digit PINs are the most elusive attacking surface
where a single observation leads to just 10.8% successful attacks, improving to
26.5\% with multiple observations. As a comparison, 6-length Android patterns,
with one observation, suffered 64.2% attack rate and 79.9% with multiple
observations. Removing feedback lines for patterns improves security from
35.3\% and 52.1\% for single and multiple observations, respectively. This
evidence, as well as other results related to hand position, phone size, and
observation angle, suggests the best and worst case scenarios related to
shoulder surfing vulnerability which can both help inform users to improve
their security choices, as well as establish baselines for researchers.Comment: Will appear in Annual Computer Security Applications Conference
(ACSAC
Rethinking 'multi-user': an in-the-wild study of how groups approach a walk-up-and-use tabletop interface
Multi-touch tabletops have been much heralded as an innovative technology that can facilitate new ways of group working. However, there is little evidence of these materialising outside of research lab settings. We present the findings of a 5-week in-the-wild study examining how a shared planning application â designed to run on a walk-up- and-use tabletop â was used when placed in a tourist information centre. We describe how groups approached, congregated and interacted with it and the social interactions that took place â noting how they were quite different from research findings describing the ways groups work around a tabletop in lab settings. We discuss the implications of such situated group work for designing collaborative tabletop applications for use in public settings
Assessing the effectiveness of direct gesture interaction for a safety critical maritime application
Multi-touch interaction, in particular multi-touch gesture interaction, is widely believed to give a more natural interaction style. We investigated the utility of multi-touch interaction in the safety critical domain of maritime dynamic positioning (DP) vessels. We conducted initial paper prototyping with domain experts to gain an insight into natural gestures; we then conducted observational studies aboard a DP vessel during operational duties and two rounds of formal evaluation of prototypes - the second on a motion platform ship simulator. Despite following a careful user-centred design process, the final results show that traditional touch-screen button and menu interaction was quicker and less erroneous than gestures. Furthermore, the moving environment accentuated this difference and we observed initial use problems and handedness asymmetries on some multi-touch gestures. On the positive side, our results showed that users were able to suspend gestural interaction more naturally, thus improving situational awareness
- âŚ