Design and Evaluation of Accelerometer Based User Authentication Methods

Haitham, Seror

January 2017

Smartphone's are extremely popular and in high demand nowadays. They are easy to handle and very intuitive compared with old phones for end users. Approximately two billion people use Smartphones all over the world, so it is clear that these phones are very popular. One of the major issues of these smart phones is theft. What happens if someone steals your phone? Why should we try to secure our phones? The reason is that, even if the phone is stolen, the thief should not be able to open and use it through unlocking easily. People are generally careless while typing their password/pin code or drawing a pattern while others are watching. Maybe someone can see it just by standing next to or behind the person who is typing the pin or drawing the pattern. This scenario of getting the information is called shoulder surfing. Another scenario is to use a hidden camera, so-called Record monitoring. Shoulder surfing can be used by an attacker/observer to get passwords or PINs. Shoulder surfing is very easy to perform by just looking over the shoulder when a user is typing the PIN or drawing the unlock pattern. Record monitoring needs more preparation, but is not much more complicated to perform. Sometimes it also happens that the phone gets stolen and by seeing fingerprints or smudge patterns on the phone, the attacker can unlock it. These above two are general security threats for smart phone users. This thesis introduces some different approaches to overcome the above mentioned security threats in Smartphones. The basic aim is to make it more difficult to perform shoulder surfing or record monitoring, and these will not be easy to perform by the observer after switching to the new techniques introduced in the thesis. In this thesis, the usability of each method developed will be described and also future use of these approaches. There are a number of techniques by which a user can protect the phone from observation attacks. Some of these will be considered, and a user interface evaluation will be performed in the later phase of development. I will also consider some important aspects while developing the methods such as -user friendliness, Good UI concepts etc. I will also evaluate the actual security added by the methods, and the overall user impression. Two separate user studies have been performed, first one with students from the Computer Science department, and then one with students from other departments. The results indicate that students from Computer Science are more attracted to the new security solution than students from other departments.

Authentication

Smartphone security

Shoulder surfing

Accelerometer

Natural Sciences

Naturvetenskap

User strategies for mobile device-based interactions to prevent shoulder surfing

Kühn, Romina, Korzetz, Mandy, Schlegel, Thomas

17 June 2020

Shoulder surfing, also known as visual hacking, is the activity of obtaining information from or about others by observing visual content of displays that actually should be kept secret, such as PINs, passwords, or private text messages. Approaches that address shoulder surfing on mobile devices mainly focus on ways to recognize observers or to complicate visual presentations for them from the system's perspective. However, users also have developed their own strategies to keep their input secret. With this work, we contribute an investigation of strategies to prevent shoulder surfing from the users' perspective. We performed a user study and observed 32 participants while interacting with smartphones using different kinds of eyes-free device-based interaction techniques. We identified several strategies that users had to prevent shoulder surfing. These strategies help us to develop effective ways to design useful interactions that overcome shoulder surfing issues.

info:eu-repo/classification/ddc/004

ddc:004

Improving the Security of Mobile Devices Through Multi-Dimensional and Analog Authentication

Gurary, Jonathan, Gurary

28 March 2018

No description available.

Computer Engineering

Computer Science

authentication

mobile authentication

graphical password

analog authentication

multi-dimensional authentication

shoulder-surfing

challenge-response

keystroke dynamics

virtual reality

A shoulder-surfing resistant graphical password system

Alesand, Elias, Sterneling, Hanna

January 2017

The focus of this report is to discuss graphical password systems and how they can contribute to handle security problems that threaten authentication processes. One such threat is shoulder-surfing attacks, which are also reviewed in this report. Three already existing systems that are claimed to be shoulder-surfing resilient are described and a new proposed system is presented and evaluated through a user study. Moreover, the system is compared to the mentioned existing systems to further evaluate the usability, memorability and the time it takes to authenticate. The user study shows that test subjects are able to remember their chosen password one week after having registered and signed in once. It is also shown that the average time to sign in to the system after five minutes of practice is within a range of 3.30 to 5.70 seconds. The participants in the experiments gave the system an average score above 68 on the System Usability Scale, which is the score of an average system.

shoulder-surfing

resistant

graphical password system

guessing attacks

graphical passwords

recognition-based

recall-based

pure recall-based

password

security

password space

pictorial superiority effect

brute-force attack

dictionary attack

hot-spots

memorability

graphical components

authentication

Computer Sciences

Datavetenskap (datalogi)