PrivacyScout: Assessing Vulnerability to Shoulder Surfing on Mobile Devices
نویسندگان
چکیده
One approach to mitigate shoulder surfing attacks on mobile devices is detect the presence of a bystander using phone’s front-facing camera. However, person’s face in camera’s field view does not always indicate an attack. To overcome this limitation, novel data collection study (N=16), we analysed influence three viewing angles and four distances success attacks. In contrast prior works that mainly focused user authentication, investigated common types content susceptible surfing: text, photos, PIN authentications. We show vulnerability text photos depends observer’s location relative device, while authentications are vulnerable independent observation location. then present PrivacyScout – method predicts shoulder-surfing risk based visual features extracted from as captured by Finally, evaluations our demonstrate method’s feasibility assess attack more accurately.
منابع مشابه
GraphNeighbors: Hampering Shoulder-Surfing Attacks on Smartphones
Today, smartphones are widely used and they already have a growing market share of more than 70% according to recent studies. These devices often contain sensitive data like contacts, pictures, or even passwords that can easily be accessed by an attacker if the phone is not locked. Since they are mobile and used as everyday gadgets, they are susceptible to get lost or stolen. Hence, access cont...
متن کاملReview on Color Password to Resist Shoulder Surfing Attack
Since conventional password schemes are vulnerable to shoulder surfing, many shoulder surfing resistant graphical password schemes have been proposed. However, as most users are more familiar with textual passwords than pure graphical passwords, text-based graphical password schemes have been proposed. Unfortunately, both the text-based password schemes and graphical password schemes are not se...
متن کاملCipherCard: A Token-Based Approach Against Camera-Based Shoulder Surfing Attacks on Common Touchscreen Devices
We present CipherCard, a physical token that defends against shoulder-surfing attacks on user authentication on capacitive touchscreen devices. When CipherCard is placed over a touchscreen’s pin-pad, it remaps a user’s touch point on the physical token to a different location on the pin-pad. It hence translates a visible user password into a different system password received by a touchscreen, ...
متن کاملPitfalls of Shoulder Surfing Studies
We review empirical studies that evaluate the resilience of various PIN entry methods against human shoulder surfers. Conducting such studies is challenging because adversaries are not available for study and must be simulated in one way or another. We were interested to find out whether there is a common standard how these experiments are designed and reported. In the course of our research we...
متن کاملShoulder Surfing attack in graphical password authentication
Information and computer security is supported largely by passwords which are the principle part of the authentication process. The most common computer authentication method is to use alphanumerical username and password which has significant drawbacks. To overcome the vulnerabilities of traditional methods, visual or graphical password schemes have been developed as possible alternative solut...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings on Privacy Enhancing Technologies
سال: 2022
ISSN: ['2299-0984']
DOI: https://doi.org/10.56553/popets-2022-0090