The Interplay between Personal Relationships &amp; Shoulder Surfing Mitigation

Farzand, Habiba; Bhardwaj, Kinshuk; Marky, Karola; Khamis, Mohamed

doi:10.1145/3473856.3474006

Cited by 10 publications

(11 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Alerting mechanisms only alert the user about shoulder surfing and lets the user decide what to do next. Whereas, a mitigation mechanism protects privacy by hiding the content [16].…”

Section: Shoulder Surfing Mitigation Methodsmentioning

confidence: 99%

Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study

Farzand

Marky

Khamis

2022

Proceedings of the 2022 European Symposium on Usable Security

View full text Add to dashboard Cite

Figure 1: The figure shows some commonly occurring scenarios of shoulder surfing in everyday life of users resulting from the findings of the diary study. The diary study showed that user's privacy is compromised in the naturalistic settings. Contentbased shoulder surfing is more frequent than authentication-based shoulder surfing. In the scenarios shown in the figure, the shoulder surfer (the person in the red shirt) is invading the user's privacy by observing the user's screen without their consent. Shoulder surfing can happen in private and/or public environments such as an individual's home, office, or shopping mall. Further, anyone could be a shoulder surfer; related or unrelated to the user, as it only requires observing someone's screen close in distance. Different observations are perceived differently by users, and users prefer different mechanisms in different contexts of shoulder surfing. (The figure was created using Canva [7] under Free Content License.

show abstract

“…Alerting mechanisms only alert the user about shoulder surfing and lets the user decide what to do next. Whereas, a mitigation mechanism protects privacy by hiding the content [16].…”

Section: Shoulder Surfing Mitigation Methodsmentioning

confidence: 99%

Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study

Farzand

Marky

Khamis

2022

Proceedings of the 2022 European Symposium on Usable Security

View full text Add to dashboard Cite

show abstract

“…It is important to consider the usability and social implications of consistent warning. Previous work showed that reacting in an overt way to a shoulder surfing situation may damage the relationship between the user and the shoulder surfer [17], who may be friends, family members or partners [15,30]. In fact, a study by Farzand et al [17] showed that users prefer to use cover methods for mitigating shoulder surfing, and invest time and effort in making sure the shoulder surfer does not know that they were caught.…”

Section: Usability and Social Implications Of Shoulder Surfing Mitiga...mentioning

confidence: 99%

“…Previous work showed that reacting in an overt way to a shoulder surfing situation may damage the relationship between the user and the shoulder surfer [17], who may be friends, family members or partners [15,30]. In fact, a study by Farzand et al [17] showed that users prefer to use cover methods for mitigating shoulder surfing, and invest time and effort in making sure the shoulder surfer does not know that they were caught. It is important to note that shoulder surfers are not necessarily the user's enemies; shoulder surfing is in many cases unintentional or done out of boredom rather than being motivated by malicious intentions [15].…”

Section: Usability and Social Implications Of Shoulder Surfing Mitiga...mentioning

confidence: 99%

“…It is important to note that shoulder surfers are not necessarily the user's enemies; shoulder surfing is in many cases unintentional or done out of boredom rather than being motivated by malicious intentions [15]. Some recorded shoulder surfing incidents even involved children shoulder surfing their older siblings or parents out of curiosity rather than malicious intentions [17].…”

Section: Usability and Social Implications Of Shoulder Surfing Mitiga...mentioning

confidence: 99%

See 1 more Smart Citation

PrivacyScout: Assessing Vulnerability to Shoulder Surfing on Mobile Devices

Bâce

Saad

Khamis

et al. 2022

PoPETs

Self Cite

View full text Add to dashboard Cite

One approach to mitigate shoulder surfing attacks on mobile devices is to detect the presence of a bystander using the phone’s front-facing camera. However, a person’s face in the camera’s field of view does not always indicate an attack. To overcome this limitation, in a novel data collection study (N=16), we analysed the influence of three viewing angles and four distances on the success of shoulder surfing attacks. In contrast to prior works that mainly focused on user authentication, we investigated three common types of content susceptible to shoulder surfing: text, photos, and PIN authentications. We show that the vulnerability of text and photos depends on the observer’s location relative to the device, while PIN authentications are vulnerable independent of the observation location. We then present PrivacyScout – a novel method that predicts the shoulder-surfing risk based on visual features extracted from the observer’s face as captured by the front-facing camera. Finally, evaluations from our data collection study demonstrate our method’s feasibility to assess the risk of a shoulder surfing attack more accurately.

show abstract

“…Most notably, researchers have designed approaches to protecting credentials from shoulder surfing, including PINs [15,16,27,37] and textual and graphical passwords [11,26]. Also Farzand et al investigated the personal relations and shoulder surfing mitigation strategies [13]. Again, these countermeasures mostly focus on personal mobile devices, but there is also work on mitigation strategies on other devices like public displays [9,15] and heads-up displays [41].…”

Section: Shoulder Surfingmentioning

confidence: 99%

Understanding Shoulder Surfer Behavior and Attack Patterns Using Virtual Reality

Abdrabou

Rivu

Ammar

et al. 2022

Proceedings of the 2022 International Conference on Advanced Visual Interfaces

Self Cite

View full text Add to dashboard Cite

In this work, we explore attacker behavior during shoulder surfing. As such behavior is often opportunistic and difficult to observe in real world settings, we leverage the capabilities of virtual reality (VR). We recruited 24 participants and observed their behavior in two virtual waiting scenarios: at a bus stop and in an open office space. In both scenarios, participants shoulder surfed private screens displaying different types of content. From the results we derive an understanding of factors influencing shoulder surfing behavior, reveal common attack patterns, and sketch a behavioral shoulder surfing model. Our work suggests directions for future research on shoulder surfing and can serve as a basis for creating novel approaches to mitigate shoulder surfing. CCS CONCEPTS• Security and privacy → Human and societal aspects of security and privacy;

show abstract

The Interplay between Personal Relationships & Shoulder Surfing Mitigation

Cited by 10 publications

References 24 publications

Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study

Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study

PrivacyScout: Assessing Vulnerability to Shoulder Surfing on Mobile Devices

Understanding Shoulder Surfer Behavior and Attack Patterns Using Virtual Reality

Contact Info

Product

Resources

About