Your search keyword '"shoulder-surfing attack"' showing total 5 results

1. Shoulder-surfing resistant PIN-entry method

Author

Shudi CHEN and Youwen ZHU

Subjects

shoulder-surfing attack, PIN-entry, identity authentication, information security, Electronic computers. Computer science, QA75.5-76.95

Abstract

Aiming at the problem that the traditional PIN entry method is vulnerable to shoulder-surfing attack,a secure PIN entry method against shoulder-surfing attack was proposed.The method changes the traditional input interface on the mobile device and uses the vibration channel of the device as the auxiliary channel to transmit the hidden information to the user.The user simply selects items to input PIN.The analysis shows that the proposed method can effectively resist shoulder-surfing attack.

Published

2019

2. Shoulder-surfing resistant PIN-entry method

Author

CHEN Shudi, ZHU Youwen

Subjects

shoulder-surfing attack, pin-entry, identity authentication, information security, Electronic computers. Computer science, QA75.5-76.95

Abstract

Aiming at the problem that the traditional PIN entry method is vulnerable to shoulder-surfing attack, a secure PIN entry method against shoulder-surfing attack was proposed. The method changes the traditional input interface on the mobile device and uses the vibration channel of the device as the auxiliary channel to transmit the hidden information to the user. The user simply selects items to input PIN. The analysis shows that the proposed method can effectively resist shoulder-surfing attack.

Published

2019

3. A Multimodal Password System based on Graphics and Text.

Author

Gi-Chul Yang

Subjects

*COMPUTER passwords, *COMPUTER password security, *MULTIMODAL user interfaces, *PROBLEM solving

Abstract

Password systems should be secure and easy to use. However, text-based systems require passwords that can be difficult to remember, while graphical systems require passwords with lengthy input times. In addition, shoulder-surfing attacks are a difficulty common to both. This paper discusses a multi-modal password system called GTPass. GTPass uses both graphics and text to capitalize on the advantages and eliminate the drawbacks of both systems. GTPass introduces a new password input scheme called TIS (Transformed Input Scheme) to solve existing problems in graphical password systems and text-based password systems. GTPass users can memorize the password easily and the passwords require very little time to enter. TIS can potentially be used to generate large password spaces. Accordingly, GTPass will be easy to use and highly resistant to a variety of attacks. [ABSTRACT FROM AUTHOR]

Published

2020

4. An Efficient Login Authentication System against Multiple Attacks in Mobile Devices

Author

Yang Li, Xinyu Yun, Liming Fang, and Chunpeng Ge

Subjects

login authentication, shoulder-surfing attack, privacy security, Mathematics, QA1-939

Abstract

Access management of IoT devices is extremely important, and a secure login authentication scheme can effectively protect users’ privacy. However, traditional authentication schemes are threatened by shoulder-surfing attacks, and biometric-based schemes, such as fingerprint recognition and face recognition, that are commonly used today can also be cracked. Researchers have proposed some schemes for current attacks, but they are limited by usability. For example, the login authentication process requires additional device support. This method solves the problem of attacks, but it is unusable, which limits its application. At present, most authentication schemes for the Internet of Things and mobile platforms either focus on security, thus ignoring availability, or have excellent convenience but insufficient security. This is a symmetry problem worth exploring. Therefore, users need a new type of login authentication scheme that can balance security and usability to protect users’ private data or maintain device security. In this paper, we propose a login authentication scheme named PinWheel, which combines a textual password, a graphical password, and biometrics to prevent both shoulder-surfing attacks and smudge attacks and solves the current schemes’ lack of usability. We implemented PinWheel and evaluated it from the perspective of security and usability. The experiments required 262 days, and 573 subjects participated in our investigation. The evaluation results show that PinWheel can at least effectively resist both mainstream attacks and is superior to most existing schemes in terms of usability.

Published

2021

5. An Efficient Login Authentication System against Multiple Attacks in Mobile Devices.

Author

Li, Yang, Yun, Xinyu, Fang, Liming, and Ge, Chunpeng

Subjects

*PROBLEM solving, *HUMAN facial recognition software, *MOBILE operating systems, *INTERNET of things

Abstract

Access management of IoT devices is extremely important, and a secure login authentication scheme can effectively protect users' privacy. However, traditional authentication schemes are threatened by shoulder-surfing attacks, and biometric-based schemes, such as fingerprint recognition and face recognition, that are commonly used today can also be cracked. Researchers have proposed some schemes for current attacks, but they are limited by usability. For example, the login authentication process requires additional device support. This method solves the problem of attacks, but it is unusable, which limits its application. At present, most authentication schemes for the Internet of Things and mobile platforms either focus on security, thus ignoring availability, or have excellent convenience but insufficient security. This is a symmetry problem worth exploring. Therefore, users need a new type of login authentication scheme that can balance security and usability to protect users' private data or maintain device security. In this paper, we propose a login authentication scheme named PinWheel, which combines a textual password, a graphical password, and biometrics to prevent both shoulder-surfing attacks and smudge attacks and solves the current schemes' lack of usability. We implemented PinWheel and evaluated it from the perspective of security and usability. The experiments required 262 days, and 573 subjects participated in our investigation. The evaluation results show that PinWheel can at least effectively resist both mainstream attacks and is superior to most existing schemes in terms of usability. [ABSTRACT FROM AUTHOR]

Published

2021