Secure graphical password system for high traffic public areas

Slides:



Advertisements
Similar presentations
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Advertisements

1 Manufacturing Process A sequence of activities that is intended to achieve a result (Juran). Quality of Manufacturing Process depends on Entry Criteria.
Multimedia Specification Design and Production 2012 / Semester 1 / week 6 Lecturer: Dr. Nikos Gazepidis
Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.
Attacking Session Management Juliette Lessing
Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
Logging and Replay of Go Game Steven Davis Elizabeth Fehrman Seth Groder.
User Authentication Rachna Dhamija Human Centered Computing Course December 6, 1999 Image Recognition in.
AQM for Congestion Control1 A Study of Active Queue Management for Congestion Control Victor Firoiu Marty Borden.
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
Keystroke Biometric Studies Security Research at Pace Keystroke Biometric Drs. Charles Tappert and Allen Stix Seidenberg School of CSIS.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Lecture 11 Reliability and Security in IT infrastructure.
Authenticating with Google Glass Brandon Grey. Google Glass Input  Inputting information into google glass has been limited to either gestures or speech.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
L C SL C S The Untrusted Computer Problem and Camera-Based Authentication Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten van Dijk,
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
Copyright © 2006 Pearson Education, Inc. or its affiliate(s). All rights reserved.
E XPLORING USABILITY EFFECTS OF INCREASING SECURITY IN CLICK - BASED GRAPHICAL PASSWORDS Elizabeth StobertElizabeth Stobert, Alain Forget, Sonia Chiasson,
GRAPHICAL PASSWORD AUTHENTICATION PRESENTED BY SUDEEP KUMAR PATRA REGD NO Under the guidance of Mrs. Chinmayee Behera.
GUIDe: Alternative to the Computer Mouse Group 8 Paul McNutt, Blake Williams, Colby Holland, and Brandon Carpenter.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
1 Low-cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup Cynthia KuoCarnegie Mellon University.
Keystroke Biometric System Client: Dr. Mary Villani Instructor: Dr. Charles Tappert Team 4 Members: Michael Wuench ; Mingfei Bi ; Evelin Urbaez ; Shaji.
Information Systems Security Operational Control for Information Security.
SIGNAL DETECTION IN FIXED PATTERN CHROMATIC NOISE 1 A. J. Ahumada, Jr., 2 W. K. Krebs 1 NASA Ames Research Center; 2 Naval Postgraduate School, Monterey,
D´ej`a Vu: A User Study Using Images for Authentication Rachna Dhamija,Adrian Perrig SIMS / CS, University of California Berkeley 報告人:張淯閎.
Multifactor Identification for Internet Banking Citizens State Bank Monticello, Iowa
Stable Multi-Target Tracking in Real-Time Surveillance Video
J. Pfingstner Jitter studies February 12, 2014 Optics corrections in the ATF damping ring Jürgen Pfingstner, Yves Renier.
Login session using mouse biometrics A static authentication proposal using mouse biometrics Christopher Johnsrud Fullu 2008.
1 Iris Recognition Ying Sun AICIP Group Meeting November 3, 2006.
Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.
Why Cryptography is Harder Than It Looks
Team IRALAR Breanna Heidenburg -- Michael Lenisa -- Daniel Wentzel Advisor: Dr. Malinowski.
Counting How Many Words You Read
14 January Observational Astronomy SPECTROSCOPIC data reduction Piskunov & Valenti 2002, A&A 385, 1095.
Hot Topics in Information Security Rick Shaw – President, CorpNet Security, Inc. Mick Johannes – CTO, CorpNet Security, Inc.
Turning a Mobile Device into a Mouse in the Air
Shoulder-Surfing Safe Login in a Partially Observable Attacker Model (Short Paper) FC 2010 Toni Perković joint work with Mario Čagalj and Nitesh Saxena.
I can be You: Questioning the use of Keystroke Dynamics as Biometrics Tey Chee Meng, Payas Gupta, Debin Gao Ke Chen.
N A S A G O D D A R D S P A C E F L I G H T C E N T E R I n s t r u m e n t S y n t h e s i s a n d A n a l y s i s L a b o r a t o r y APS Formation Sensor.
DEFINITION LEAF AREA INDEX is defined as one half the total foliage
Detecting Occlusion from Color Information to Improve Visual Tracking
Mobile eye tracker construction and gaze path analysis By Wen-Hung Liao 廖文宏.
Effective Password Management Neil Kownacki. Passwords we use today PINs, smartphone unlock codes, computer accounts, websites Passwords are used to protect.
Lecture 17 Page 1 CS 188,Winter 2015 A Design Problem in Distributed Systems CS 188 Distributed Systems March 10, 2015.
Towards Another Step from 3D Password to 4D Password:
Using Hand Gestures for Alternative User Verification
CSCE 548 Student Presentation By Manasa Suthram
WHAT’S NEW PRESENTATION
CompTIA Security+ Study Guide (SY0-401)
Lecture 1-Part 2: Operating-System Structures
Eye Tracker Performance Evaluation with ISO 9241 – Point and Click by Blinking and Dwelling Student: Matthew Conte Superviser: Prof Scott MacKenzie CSE.
Outline What does the OS protect? Authentication for operating systems
MONITORING MICROSOFT WINDOWS SERVER 2003
Multidisciplinary Engineering Senior Design Project P06441 See Through Fog Imaging Preliminary Design Review 05/19/06 Project Sponsor: Dr. Rao Team Members:
Outline What does the OS protect? Authentication for operating systems
Do-It-Yourself Eye Tracker: Impact of the Viewing Angle on the
IMAGE-BASED AUTHENTICATION
ISOMAP TRACKING WITH PARTICLE FILTERING
Persistent Surveillance
眼動儀與互動介面設計 廖文宏 6/26/2009.
CSE (c) S. Tanimoto, 2002 Image Understanding
REU Summer Research in Computer Security
Persistent Surveillance
Service Delivery Maturity
Record and Playback PHY Abstraction for n MAC Simulations
Erik Lindskog Hemanth Sampath Ravi Narasimhan
CSE (c) S. Tanimoto, 2004 Image Understanding
Presentation transcript:

Secure graphical password system for high traffic public areas Bogdan Hoanca and Kenrick Mock University of Alaska Anchorage

Outline Shoulder surfing as security threat in information systems Eye tracking based authentication Error rates of eye tracking hardware Error-aware eye tracking Systematic errors Random errors Conclusions March 27, 2006 Hoanca/Mock ETRA 2006

Shoulder surfing Stealing authentication information Critical threat for mobile users or in public places Safest bet: assume “naked” user under constant surveillance March 27, 2006 Hoanca/Mock ETRA 2006

Defending against shoulder surfing Screen filters Challenge-response schemes Physical key schemes Biometric schemes March 27, 2006 Hoanca/Mock ETRA 2006

Eye tracking based authentication Use the eye tracker without on-screen feedback to select on-screen objects Ideally, transparent for the user Secure from shoulder surfing Slower than typing Still vulnerable to key logger and screen capture programs March 27, 2006 Hoanca/Mock ETRA 2006

Graphical Password Entry via Eye Tracking March 27, 2006 Hoanca/Mock ETRA 2006

Sample authentication log March 27, 2006 Hoanca/Mock ETRA 2006 Image size 700x482

High error rates due to hardware limitations “Low error” user Mean D = 12 pixels “High error” user Mean D = 30 pixels Plots of actual gaze location as compared with intended target (red); black is the center of gravity Distances are in pixels and scale is -40…40 in both X and Y March 27, 2006 Hoanca/Mock ETRA 2006

Error rates of eye tracking hardware Using the ERICA system from Eye Response Technologies Error types Systematic errors Due to head tilt Slowly varying with time Dependent on screen geometry and location Random errors Highly user dependent March 27, 2006 Hoanca/Mock ETRA 2006

Handling random errors Loss of cryptographic complexity depends on how much error is acceptable Success rate (%, 0…100) vs. distance in pixels (1…1000, log scale) March 27, 2006 Hoanca/Mock ETRA 2006

Handling systematic errors Red – raw data Green -- corrected Success rate (%, 0…100) vs. distance in pixels (1…1000, log scale) one user 25 sessions “low error” Average over multiple attempts or over multiple users Loss of cryptographic complexity – equivalent to one click less March 27, 2006 Hoanca/Mock ETRA 2006

Handling systematic errors (continued) Success rate (%, 0…100) vs. distance in pixels (1…1000, log scale) one user 25 sessions “high error” Limited usefulness for high error users Red – raw data Green -- corrected March 27, 2006 Hoanca/Mock ETRA 2006

Summary Eye tracking is a promising technology for authenticating from public places with reduced danger of shoulder surfing Wide acceptance will require eye tracking technologies that are More stable and accurate Ideally, head tracking-capable and calibration-free Much lower in price March 27, 2006 Hoanca/Mock ETRA 2006

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.