Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.4.545

A Study of Secure Password Input Method Based on Eye Tracking with Resistance to Shoulder-Surfing Attacks  

Kim, Seul-gi (Information Security Lab, GSI, Yonsei University)
Yoo, Sang-bong (Department of Computer Engineering Sejong University)
Jang, Yun (Department of Computer Engineering Sejong University)
Kwon, Tae-kyoung (Information Security Lab, GSI, Yonsei University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.4, 2020 , pp. 545-558 More about this Journal
Abstract
The gaze-based input provides feedback to confirm that the typing is correct when the user types the text. Many studies have already demonstrated that feedback can increase the usability of gaze-based inputs. However, because the information of the typed text is revealed through feedback, it can be a target for shoulder-surfing attacks. Appropriate feedback needs to be used to improve security without compromising the usability of the gaze-based input using the original feedback. In this paper, we propose a new gaze-based input method, FFI(Fake Flickering Interface), to resist shoulder-surfing attacks. Through experiments and questionnaires, we evaluated the usability and security of the FFI compared to the gaze-based input using the original feedback.
Keywords
Gaze-based Input; Shoulder-Surfing Attacks; Usability; Security; Feedback;
Citations & Related Records
연도 인용수 순위
  • Reference
1 MAJARANTA, Paivi, et al. "Haptic feedback in eye typing." 2016.
2 DE LUCA, Alexander; DENZEL, Martin; HUSSMANN, Heinrich. "Look into my eyes!: Can you guess my password?." In: Proceedings of the 5th Symposium on Usable Privacy and Security. ACM, p. 1-12, July, 2009.
3 WEISS, Roman; DE LUCA, Alexander. "PassShapes: utilizing stroke based authentication to increase password memorability." In: Proceedings of the 5th Nordic conference on Human-computer interaction: building bridges. ACM, p. 383-392, Oct, 2008.
4 KHAMIS, Mohamed, et al. "Gazetouchpass: Multimodal authentication using gaze and touch on mobile devices." In: Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems. ACM, p. 2156-2164, May, 2016.
5 KHAMIS, Mohamed, et al. "GTmoPass: two-factor authentication on public displays using gaze-touch passwords and personal mobile devices." In: Proceedings of the 6th ACM International Symposium on Pervasive Displays. ACM, p. 1-9, June, 2017.
6 KHAMIS, Mohamed, et al. "GazeTouchPIN: protecting sensitive data on mobile devices using secure multimodal authentication." In: Proceedings of the 19th ACM International Conference on Multimodal Interaction. ACM. p. 446-450, Nov, 2017.
7 ABDRABOU, Yasmeen, et al. "Just Gaze and Wave: Exploring the Use of Gaze and Gestures for Shoulder-surfing Resilient Authentication." In:Proceedings of 11th ACM Symposium on Eye Tracking Research & Application, p. 1-10, June, 2019.
8 MAJARANTA, Paivi; AHOLA, Ulla-Kaija; SPAKOV, Oleg. "Fast gaze typing with an adjustable dwell time." In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, p. 357-360, Apr, 2009.
9 BROOKE, John, et al. "SUS-A quick and dirty usability scale." Usability evaluation in industry, p. 189-194, 1996.
10 MAUCHLY, John W. "Significance test for sphericity of a normal n-variate distribution." The Annals of Mathematical Statistics, 11(2). p. 204-209, 1940.   DOI
11 ARMSTRONG, Richard A. "When to use the B onferroni correction." Ophthalmic and Physiological Optics, 34(5), p. 502-508, 2014.   DOI
12 GREENHOUSE, Samuel W.; GEISSER, Seymour. "On methods in the analysis of profile data." Psychometrika, 24(2), p. 95-112, 1959.   DOI
13 SAURO, Jeff. "A practical guide to the system usability scale: Background, benchmarks & best practices." Denver, CO: Measuring Usability LLC, 2011.
14 LEVENSHTEIN, Vladimir I. "Binary codes capable of correcting deletions, insertions, and reversals." In: Soviet physics doklady, 10(8), p. 707-710, 1966.
15 LONG, Johnny. "No tech hacking: A guide to social engineering, dumpster diving, and shoulder surfing." Syngress, 2011.
16 MAJARANTA, Paivi; RAIHA, Kari-Jouko. "Twenty years of eye typing: systems and design issues." In: ETRA. p. 15-22, Mar, 2002
17 JACOB, Robert JK; KARN, Keith S. "Eye tracking in human-computer interaction and usability research: Ready to deliver the promises." In: The mind's eye. North-Holland. p. 573-605, 2003.
18 POOLE, Alex; BALL, Linden J. "Eye tracking in HCI and usability research." In: Encyclopedia of human computer interaction. IGI Global, p. 211-219, 2006.
19 WARD, David J.; MACKAY, David JC. "Fast hands-free writing by gaze direction." Nature, 418(6900), p 838-838, 2002   DOI
20 JACOB, Robert JK. "Eye tracking in advanced interface design." Virtual environments and advanced interface design, 258-288, 1995.
21 MAJARANTA, Paivi, et al. "Effects of feedback and dwell time on eye typing speed and accuracy." Universal Access in the Information Society, 5(2), p. 199-208, 2006.   DOI
22 KUMAR, Manu, et al. "Reducing shoulder-surfing by using gaze-based password entry." In: Proceedings of the 3rd symposium on Usable privacy and security. ACM, p. 13-19, July, 2007.
23 DE LUCA, Alexander; WEISS, Roman; DREWES, Heiko. "Evaluation of eye-gaze interaction methods for security enhanced PIN-entry." In: Proceedings of the 19th australasian conference on computer-human interaction: Entertaining user interfaces. ACM, p. 199-202, Nov, 2007.
24 ABDRABOU, Yasmeen, et al. "eNGAGE: Resisting Shoulder Surfing Using Novel Gaze Gestures Authentication." In: Proceedings of the 17th International Conference on Mobile and Ubiquitous Multimedia. ACM, p. 469-473, Nov, 2018.
25 MAJARANTA, Päivi, et al. "Auditory and visual feedback during eye typing." In: Conference on Human Factors in Computing Systems: CHI'03 extended abstracts on Human factors in computing systems. p. 766-767, Apr, 2003.
26 MAJARANTA, Paivi; AULA, Anne; RAIHA, Kari-Jouko. "Effects of feedback on eye typing with a short dwell time." In: Proceedings of the 2004 symposium on Eye tracking research & applications. ACM, p. 139-146, Mar, 2004.
27 DREWES, Heiko; SCHMIDT, Albrecht. "Interacting with the computer using gaze gestures." In: IFIP Conference on Human-Computer Interaction. Springer, Berlin, Heidelberg, p. 475-488, Sept, 2007.
28 KUMAR, Manu, et al. "EyePoint: practical pointing and selection using gaze and keyboard." In: Proceedings of the SIGCHI conference on Human factors in computing systems. ACM, p. 421-430, Apr, 2007.
29 HANSEN, John Paulin, et al. "Gaze typing compared with input by head and hand." In: Proceedings of the 2004 symposium on Eye tracking research & applications. ACM, p. 131-138, Mar, 2004
30 KANGAS, Jari, et al. "Gaze gestures and haptic feedback in mobile devices." In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, p. 435-438, Apr, 2014.