![]() Gesture-based systems are based on identifying the eye movement tracking, hence, there is no need to estimate the precise point of the user’s vision. In the accurate point-of-regard gaze measurements, a key subject with gaze-based authentication schemes is needed. Human-centered computing → Human computer interaction (HCI) Īuthentication systems in which eye is used for entering the password are categorized into two gaze-based and gesture-based groups.Our work further underlines the significance of replicating previous eye tracking studies using today's sensors as we show significant improvement over similar previously introduced gaze-based authentication systems. We found that the gaze-based approach outperforms the other schemes in terms of input time, error rate, perceived workload, and resistance to observation attacks, and that randomizing the layout does not improve observation resistance enough to warrant the reduced usability. To this end, we report on our implementation of three schemes and results from usability and security evaluations where we also experimented with fixed and randomized layouts. We investigate multiple authentication mechanisms that leverage gestures, eye gaze, and a multimodal combination of them and study their resilience to shoulder surfing. However, to date, a comparison of the different authentication modalities is missing. We discuss how the choice of pointing and selection methods impacts the usability and security of 3D passwords in IVR.Įye-gaze and mid-air gestures are promising for resisting various types of side-channel attacks during authentication. A comparison of a) usability in terms of entry time, error rate, and memorability, and b) resistance to real world and offline observations, reveals that: multimodal authentication in IVR by pointing at targets using gaze, and selecting them using a handheld controller significantly improves usability and security compared to the other methods and to prior work. Namely, we compare eye gaze and head pose for pointing, and dwell time and tactile input for selection. This work evaluates four multimodal techniques for entering 3D passwords in IVR that consist of multiple virtual objects selected in succession. Recent work showed that compared to traditional graphical and alphanumeric passwords, a more promising form of passwords for IVR is 3D passwords. Through exhaustive analysis, we strive to streamline and standardize experimental decisions by showcasing their impact on the outcome of the study, and generate guidelines for a more objective design of shoulder surfing experiments.Īuthentication has become an important component of Immersive Virtual Reality (IVR) applications, such as virtual shopping stores, social networks, and games. In the follow-up analysis, we assess the proposed methods’ design features, and the quality of their SSA experiments, using Schaub et al.’s design aspect and our SSA evaluation frameworks, respectively. ![]() Based on the design features extracted from the experiments, we develop an evaluation framework for the assessment of the shoulder surfing experimental setup. To provide the researchers with comprehensive literature on SSA evaluation, we identify empirical shoulder surfing studies conforming to a predefined set of quality criteria. We formulate two research questions to help us determine how the design of the method should affect the SSA experimental design process, and how different design decisions affect the validity and interpretability of the results under various assumptions and threat models. ![]() In this systematic review, we focus on the evaluation of the shoulder surfing attack (SSA) vulnerability. ![]() To improve the quality of security and usability evaluations, experimental design decisions should be reviewed and standardized. The emphasis on the quantity of studies as opposed to the quality of evaluation has made it difficult to compare the methods, as well as to validate and generalize the results. In search of the silver bullet to solve the password problem, the field of knowledge-based authentication has become bloated with novel proposals aiming to replace textual passwords.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |