A Shoulder Surfing Resistant Graphical Authentication System

Sun, Hung–Min; Chen, Shiuan-Tung; Yeh, Jyh-haw; Cheng, Chia-Yun

doi:10.1109/tdsc.2016.2539942

Cited by 75 publications

(44 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To this day, it is relatively common to find papers advertising a novel method as shoulder surfing resistant, though most of them do not explore that aspect beyond theoretical rationale [28][52] [42]. Some of them identify the investigation of the method's resistance as a plausible direction for future research [29], or even presume the method is safe against the attack by the virtue of its design [24][37] [43]. This section focuses on the papers that examined shoulder surfing attacks from an empirical perspective.…”

Section: Literature Reviewmentioning

confidence: 99%

Shoulder surfing: From an experimental study to a comparative framework

Bošnjak

Brumen

2019

International Journal of Human-Computer Studies

View full text Add to dashboard Cite

Shoulder surfing is an attack vector widely recognized as a real threatenough to warrant researchers dedicating a considerable effort toward designing novel authentication methods to be shoulder surfing resistant. Despite a multitude of proposed solutions over the years, few have employed empirical evaluations and comparisons between different methods, and our understanding of the shoulder surfing phenomenon remains limited. Barring the challenges in experimental design, the reason for that can be primarily attributed to the lack of objective and comparable vulnerability measures. In this paper, we develop an ensemble of vulnerability metrics, a first endeavour toward a comprehensive assessment of a given method's susceptibility to observational attacks. In the largest on-site shoulder surfing experiment (n = 274) to date, we verify the model on four conceptually different authentication methods in two observation scenarios. On the example of a novel hybrid authentication method based on associations, we explore the effect of input type on the adversary's effectiveness. We provide first empirical evidence that graphical passwords are easier to observe; however, that does not necessarily mean that the observed information will allow the attacker to guess the victim's password easier. An in-depth analysis of individual metrics within the clusters offers insight into many additional aspects of the shoulder surfing attack not explored before. Our comparative framework makes an advancement in evaluation of shoulder surfing and furthers our understanding of observational attacks. The results have important implications for future shoulder surfing studies and the field of Password Security as a whole.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Shoulder surfing: From an experimental study to a comparative framework

Bošnjak

Brumen

2019

International Journal of Human-Computer Studies

View full text Add to dashboard Cite

show abstract

“…In [4], the authors proposed a novel confirmation framework as Pass Matrix dependent on graphical passwords. It has one-time login and circulates a kind of vertical and horizontal bars which makes the pass-images invisible.…”

Section: Existing Workmentioning

confidence: 99%

Shuffled Illusion PIN Framework to Prevent Shoulder – Surfing

Kavitha*,

Haran,

Meenan

et al. 2019

IJRTE

View full text Add to dashboard Cite

Shoulder surfing is a kind of technique applied to sneak the personal data like passwords and some confidential data of the user. For this type of attacks there is no need of any kind of technical knowledge but just a keen observation towards the user performance is necessary. However, secret gadgets made these shoulder surfing easy for the attackers like cc cams. To overcome these attacks some authentication schemes are proposed- Illusion pin that works on digital display. It applies the method of hybrid pictures with 2 keypads blended one keypad with another, it is designed by using the human visibility and quotes the least distance at which an attacker is incapable to understand the buttons. We developed an innovative shuffling algorithm for shuffling the keys for every single pin entry. Using this Shuffling algorithm, we create a new pattern of the keypad for every exclusive entry of the pin. Through this technique the attacker is unable to track the pin even if he remembers the spatial arrangement of the digits in a keypad. To provide more security we are adding one-time password generating (OTP) technique.

show abstract

“…Hung-Minet al in [1] proposes an authentication system that is based on the pass matrix and the pass images. Through the one time login indicator the user will be able to point out the location of pass-square.…”

Section: Related Workmentioning

confidence: 99%

Study and Development of Graphical Authentication System for Secure File Transmission

L.P.Ramyasri¹,

Malathi²,

Jayaseeli³

et al. 2018

IJET

View full text Add to dashboard Cite

The text-based password has been the most common practice from ancient days till present. Text based pass-words are also known for various threats, and it is prone to attacks like guessing attacks, dictionary attacks, social engineering attacks, brute force attacks, etc. The next immediate concept following the text based password is the graphical password schemes to improve password security and usability. In present days graphical passwords are being implemented more commonly. This approach is different from the traditional alpha numeric as it deals with images. In this paper a survey study is done to analyse various techniques used for authentication and also some of the methods for graphical authentication techniques like Pass Matrix, Cued Clicked points(CPP), CAPTCHA, Image distortion with text association, Doodle scheme, Standard recognition-based scheme, Stegno pin authentication method. Based on the existing methods, the future research can be done in order to improve security for graphical authentication.

show abstract

A Shoulder Surfing Resistant Graphical Authentication System

Cited by 75 publications

References 28 publications

Shoulder surfing: From an experimental study to a comparative framework

Shoulder surfing: From an experimental study to a comparative framework

Shuffled Illusion PIN Framework to Prevent Shoulder – Surfing

Study and Development of Graphical Authentication System for Secure File Transmission

Contact Info

Product

Resources

About