For the past 20 years, researchers have investigated the use of eye tracking in security applications. We present a holistic view on gaze-based security applications. In particular, we canvassed the literature and classify the utility of gaze in security applications into a) authentication, b) privacy protection, and c) gaze monitoring during security critical tasks. This allows us to chart several research directions, most importantly 1) conducting field studies of implicit and explicit gaze-based authentication due to recent advances in eye tracking, 2) research on gaze-based privacy protection and gaze monitoring in security critical tasks which are under-investigated yet very promising areas, and 3) understanding the privacy implications of pervasive eye tracking. We discuss the most promising opportunities and most pressing challenges of eye tracking for security that will shape research in gaze-based security applications for the next decade.
Visual attention, search, processing and comprehension are important cognitive tasks during a graphical password composition activity. Aiming to shed light on whether individual differences on visual behavior affect the strength of the created passwords, we conducted an eye-tracking study (N=36) and adopted an accredited cognitive style theory to interpret the results. The analysis revealed that users with different cognitive styles followed different patterns of visual behavior which affected the strength of the created passwords. Motivated, by the results of the first study, we introduced adaptive characteristics to the user authentication mechanism, aiming to assist specific cognitive style user groups to create more secure passwords, and conducted a second study with a new sample (N=40) to test the adaptive characteristics. Results strengthen our assumptions that adaptive mechanisms based on users' differences in cognitive and visual behavior uncover a new perspective for improving the password's strength within graphical user authentication realms.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.