Human Interaction in Shoulder Surfing Security

Authors

  • S. Geethanjali  Department of Computer Science and Engineering, Velammal Institute of Technology, Chennai, Tamilnadu, India
  • J. Mary Monika  Department of Computer Science and Engineering, Velammal Institute of Technology, Chennai, Tamilnadu, India
  • V. Nandhini  Department of Computer Science and Engineering, Velammal Institute of Technology, Chennai, Tamilnadu, India

Keywords:

human adversaries, information security, shoulder-surfing

Abstract

We propose a web application based security system. When a user interacts with a computing system to enter a secret password, shoulder surfing attacks are of great concern. This system overcomes the problem of shoulder surfing. Previous system proposed a methodology in which the user has to remember all the events performed. This limits the system usage. Our novel approach enhances the shoulder surfing security with human interaction; indeed can break the well-known PIN entry method previously evaluated to be secure against shoulder surfing. To overcome the problem, we design a multi-color number panel. This interface provides the user, a higher level of security that the shoulder surfer cannot be aware of the process the user undergoes. The color pattern in the number panel changes periodically so that for each user is provided a different pattern.

References

  1. V. Roth, K. Richter, and R. Freidinger, “A PIN entry method resilient against shoulder surfing,” in Proc. ACM Conf. Comput. Commun. Security, 2004, pp. 236–245.
  2. M. I. Posner, “Orienting of attention,” Quart. J. Experimental Psychology, vol. 32, no. 1, pp. 3–25, 1980.
  3. D. G. Lowe, “Perceptual Organization and Visual Recognition. Norwell”, MA, USA: Kluwer, 1985.
  4. S. K. Card, T. P. Moran, and A. Newell, “The keystroke-level model for user performance time with interactive systems,” Commun. ACM, vol. 23, no. 7, pp. 396–410, 1980.
  5. B. E. John and W. D. Gray, “CPM-GOMS: An analysis method for tasks with parallel activities,” in Proc. ACM SIGCHI Conf. Human Factors Comput. Syst., 1995, pp. 393–394.
  6. Q. Yan, J. Han, Y. Li, and R. H. Deng, “On limitations of designing leakage-resilient password systems: Attacks, principles and usability,” in Proc. 19th Internet Soc. Netw. Distrib. Syst. Security (NDSS) Symp., 2012.
  7. “Banking—Personal Identification Number (PIN) Management and Security—Part 1: Basic Principles and Requirements for Online PIN Handling in ATM and POS Systems”, Clause 5.4 Packaging Considerations, ISO 9564-1:2002, 2002.
  8. X. Bai, W. Gu, S. Chellappan, X. Wang, D. Xuan, and B. Ma, “PAS: Predicate-based authentication services against powerful passive adversaries,” in Proc. IEEE Annu. Comput. Security Appl. Conf., Dec. 2008, pp. 433–442.
  9. H. Gao, X. Liu, S. Wang, and R. Dai, “A new graphical password scheme against spyware by using CAPTCHA,” in Proc. ACM Symp.Usable Privacy Security, 2009, pp. 15-17.
  10. A. D. Luca, K. Hertzschuch, and H. Hussmann, “ColorPIN-securing PIN entry through indirect input,” in Proc. ACM SIGCHI Conf. Human Factors Comput. Syst., 2010, pp. 1103–1106.
  11. N. Hopper and M. Blum, “Secure human identification protocols,” in Proc. Adv. Cryptology-ASIACRYPT, 2001, pp. 52–66.
  12. D. Weinshall, “Cognitive authentication schemes safe against spyware,” in Proc. IEEE Symp. Security Privacy, May 2006, pp. 295–300.
  13. P. Golle and D. Wagner, “Cryptanalysis of a cognitive authentication scheme,” in Proc. IEEE Symp. Security Privacy, May 2007, pp. 66–70.
  14. S. Li, H. J. Asghar, J. Pieprzyk, A.-R. Sadeghi, R. Schmitz, and H. Wang, “On the security of PAS (predicate-based authentication service),” in Proc. IEEE Annu. Comput. Security Appl. Conf., Dec. 2009, pp. 209– 218.
  15. P. Dunphy, A. P. Heiner, and N. Asokan, “A closer look at recognitionbased graphical passwords on mobile devices,” in Proc.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2015-04-25

Issue

Volume 1, Issue 2, March-April-2015

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
S. Geethanjali, J. Mary Monika, V. Nandhini, " Human Interaction in Shoulder Surfing Security, International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 1, Issue 2, pp.334-338, March-April-2015.