Virtual Fingerprint - Image-Based Authentication Increases Privacy for Users of Mouse-Replacement Interfaces
Current secondary user authentication methods are imperfect. They either rely heavily on a user’s ability to remember key preferences and phrases or they involve providing authentication on multiple devices. However, malicious attacks that compromise a user’s device or discover personal information about the user are becoming more sophisticated and increasing in number. Users who rely on mouse-replacement interfaces face additional privacy concerns when monitored or assisted by caregivers. Our authentication method proposes a way of quantifying a user’s personality traits by observing his selection of images. This method would not be as vulnerable to malicious attacks as current methods are because the method is based on psychological observations that can not be replicated by anyone other than the correct user. As a preliminary evaluation, we created a survey consisting of slides of images and asked participants to click through them. The results indicated our proposed authentication method has clear potential to address these issues.
KeywordsHuman-Computer Interaction Mouse-replacement interfaces Security Privacy Behavioral biometric Authentication Camera Mouse Virtual Fingerprint
The authors would like to thank their participants. We would also like to thank John Chandy for his extensive guidance and the University of Connecticut for hosting the Research Experience for Undergraduates where much of the study discussed in this paper was conducted. Lastly we would like to thank the NSF for providing funding through the CNS-1359329 grant.
- 1.Ahmed, A.A.E., Traore, I.: Detecting computer intrusions using behavioral biometrics. In: PST (2005)Google Scholar
- 3.Barbosa, N.: Strategies: an inclusive authentication framework. In: Proceedings of the 16th International ACM SIGACCESS Conference on Computers & Accessibility (ASSETS 2014), pp. 335–336. ACM (2014)Google Scholar
- 6.Denning, T., Bowers, K., van Dijk, M., Juels, A.: Exploring implicit memory for painless password recovery. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI 2011), pp. 2615–2618. ACM (2011)Google Scholar
- 7.Dhamija, R. Perrig, A.: Deja vu: a user study using images for authentication. In: Proceedings of the 9th Conference on USENIX Security Symposium, SSYM 2000, vol. 9. USENIX Association (2000)Google Scholar
- 8.Jermyn, I., Mayer, A.J., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Usenix Security (1999)Google Scholar
- 9.Lewis, M.: Cerebral palsy and online social networks. In: The 12th International ACM SIGACCESS Conference on Computers and Accessibility (ASSETS 2010). ACM, October 2010Google Scholar
- 10.Magee, J.J., Betke, M.: Automatically generating online social network messages to combat social isolation of people with disabilities. In: Stephanidis, C., Antona, M. (eds.) UAHCI 2013, Part II. LNCS, vol. 8010, pp. 684–693. Springer, Heidelberg (2013) Google Scholar
- 11.Perrig, A., Song, D.: Hash visualization: a new technique to improve real-world security. In: International Workshop on Cryptographic Techniques and E-Commerce, pp. 131–138 (1999)Google Scholar
- 12.Schmidt, A-D., Bye, R, Schmidt, H-G., Clausenm J., Kiraz, O., Yuksel, K.A., Camtepe, S.A., Albayrak, S.: Static analysis of executables for collaborative malware detection on android. In: IEEE International Conference on Communications, ICC 2009, pp. 1–5. IEEE (2009)Google Scholar