short-paper

On the Accuracy of Eye Gaze-driven Classifiers for Predicting Image Content Familiarity in Graphical Passwords

Authors:

Argyris Constantinides,

Christos Fidas,

Andreas PitsillidesAuthors Info & Claims

UMAP '19: Proceedings of the 27th ACM Conference on User Modeling, Adaptation and Personalization

Pages 201 - 205

https://doi.org/10.1145/3320435.3320474

Published: 07 June 2019 Publication History

Abstract

Graphical passwords leverage the picture superiority effect to enhance memorability, and reflect today's haptic users' interaction realms. Images related to users' past sociocultural experiences (e.g., retrospective) enable the creation of memorable and secure passwords, while randomly system-assigned images (e.g., generic) lead to easy-to-predict hotspot regions within graphical password schemes. What remains rather unexplored is whether the image type could be inferred during the password creation. In this work, we present a between-subjects user study in which 37 participants completed a recall-based graphical password creation task with retrospective and generic images, while we were capturing their visual behavior. We found that the image type can be inferred within a few seconds in real-time. User adaptive mechanisms might benefit from our work's findings, by providing users early feedback whether they are moving towards the creation of a weak graphical password.

References

[1]

Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras, and Nikolaos Avouris. 2018. Eye Gaze-driven Prediction of Cognitive Differences during Graphical Password Composition. In 23rd International Conference on Intelligent User Interfaces (IUI '18). ACM, New York, NY, USA, 147--152.

Digital Library

[2]

Andreas Bulling, Florian Alt, and Albrecht Schmidt. 2012. Increasing the security of gaze-based cued-recall graphical passwords using saliency masks. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '12). ACM Press, New York, NY, USA, 3011--3020.

Digital Library

[3]

Marios Belk, Andreas Pamboris, Christos Fidas, Christina Katsini, Nikolaos Avouris, and George Samaras. 2017. Sweet-spotting security and usability for intelligent graphical authentication mechanisms. In Proceedings of the International Conference on Web Intelligence (WI '17). ACM, New York, NY, USA, 252--259.

Digital Library

[4]

Argyris Constantinides, Marios Belk, Christos Fidas, and George Samaras. 2018. On Cultural-centered Graphical Passwords: Leveraging on Users' Cultural Experiences for Improving Password Memorability. In Proceedings of the 26th Conference on User Modeling, Adaptation and Personalization (UMAP '18). ACM, New York, NY, USA, 245--249.

Digital Library

[5]

Sonia Chiasson, Alain Forget, Robert Biddle, and P. C. van Oorschot. 2008. Influencing users towards better passwords: persuasive cued click-points. In Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1 (BCS-HCI '08), Vol. 1. British Computer Society, Swinton, UK, UK, 121--130.

[6]

Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy, and Nasir Memon. 2005. PassPoints: design and longitudinal evaluation of a graphical password system. International journal of human-computer studies 63, 1--2 (July 2005), 102--127.

Digital Library

[7]

Jeffrey Jay Johnson, Steve Seixeiro, Zachary Pace, Giles van der Bogert, Sean Gilmour, Levi Siebens, Kenneth Tubbs. 2014. Picture Gesture Authentication. Retrieved from https://www.google.com/patents/US8910253

[8]

Karen Renaud. 2009. On user involvement in production of images used in visual authentication. Journal of Visual Languages and Computing 20, 1, 1--15.

Digital Library

[9]

Thomas S. Tullis and Donna P. Tedesco. 2005. Using personal photos as pictorial passwords. In CHI '05 Extended Abstracts on Human Factors in Computing Systems (CHI EA '05). ACM, New York, NY, USA, 1841--1844.

Digital Library

[10]

Shane Ahern, Dean Eckles, Nathaniel S. Good, Simon King, Mor Naaman, and Rahul Nair. 2007. Over-exposed?: privacy patterns and considerations in online and mobile photo sharing. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '07). ACM, New York, NY, USA, 357--366.

Digital Library

[11]

Argyris Constantinides, Christos Fidas, Marios Belk, and George Samaras. 2018. On sociocultural-centered graphical passwords: an initial framework. In Proceedings of the 20th International Conference on Human-Computer Interaction with Mobile Devices and Services Adjunct (MobileHCI '18). ACM, New York, NY, USA, 277--284.

Digital Library

[12]

Paul C. van Oorschot and Julie Thorpe. 2011. Exploiting predictability in click-based graphical passwords. Journal of Computer Security 19, 4 (December 2011), 669--702.

Digital Library

[13]

Julie Thorpe, and Paul C. van Oorschot. 2007. Human-seeded attacks and exploiting hot-spots in graphical passwords. In Proceedings of the 16th USENIX Security Symposium (SS '07). USENIX Association, Berkeley, CA, USA, Article 8, 16 pages.

Digital Library

[14]

Paul C. van Oorschot, Amirali Salehi-Abari, and Julie Thorpe. 2010. Purely Automated Attacks on PassPoints-Style Graphical Passwords. In IEEE Transactions on Information Forensics and Security 5, 3 (September 2010), 393--405.

Digital Library

[15]

Sonia Chiasson, P. C. Van Oorschot, and Robert Biddle. 2007. Graphical password authentication using cued click points. In Proceedings of the 12th European Conference on Research in Computer Security (ESORICS '07), Joachim Biskup and Javier Lopez (Eds.). Springer-Verlag, Berlin, Heidelberg, 359--374.

Digital Library

[16]

Julie Thorpe, Muath Al-Badawi, Brent MacRae, and Amirali Salehi-Abari. 2014. The presentation effect on graphical passwords. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '14). ACM, New York, NY, USA, 2947--2950.

Digital Library

[17]

Christina Katsini, Christos Fidas, George E. Raptis, Marios Belk, George Samaras, and Nikolaos Avouris. 2018. Influences of Human Cognition and Visual Behavior on Password Strength during Picture Password Composition. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems (CHI '18). ACM, New York, NY, USA, Paper 87, 14 pages.

Digital Library

[18]

Darrell S. Best and Andrew T. Duchowski. 2016. A Rotary Dial for Gaze-based PIN Entry. In Proceedings of the Ninth Biennial ACM Symposium on Eye Tracking Research & Applications (ETRA '16). ACM, New York, NY, USA, 69--76.

Digital Library

[19]

Alexander De Luca, Martin Denzel, and Heinrich Hussmann. 2009. Look into my eyes!: can you guess my password?. In Proceedings of the 5th Symposium on Usable Privacy and Security (SOUPS '09). ACM, New York, NY, USA, Article 7, 12 pages.

Digital Library

[20]

Kenrick Mock, Bogdan Hoanca, Justin Weaver, and Mikal Milton. 2012. Real-time Continuous Iris Recognition for Authentication Using an Eye Tracker. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS '12). ACM, New York, NY, USA, 1007--1009.

Digital Library

[21]

Ivo Sluganovic, Marc Roeschlin, Kasper B. Rasmussen, and Ivan Martinovic. 2016. Using Reflexive Eye Movements for Fast Challenge-Response Authentication. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, New York, NY, USA, 1056--1067.

Digital Library

[22]

Christina Katsini, George E. Raptis, Christos Fidas, and Nikolaos Avouris. 2018. Towards gaze-based quantification of the security of graphical authentication schemes. In Proceedings of the 2018 ACM Symposium on Eye Tracking Research & Applications (ETRA '18). ACM, New York, NY, USA, Article 17, 5 pages.

Digital Library

[23]

George E. Raptis, Christina Katsini, Marios Belk, Christos Fidas, George Samaras, and Nikolaos Avouris. 2017. Using Eye Gaze Data and Visual Activities to Infer Human Cognitive Styles: Method and Feasibility Studies. In Proceedings of the 25th Conference on User Modeling, Adaptation and Personalization (UMAP '17). ACM, New York, NY, USA, 164--173.

Digital Library

[24]

Paul Dunphy and Jeff Yan. 2007. Do background images improve "draw a secret" graphical passwords?. In Proceedings of the 14th ACM conference on Computer and communications security (CCS '07). ACM, New York, NY, USA, 36--47.

Digital Library

[25]

Ziming Zhao, Gail-Joon Ahn, and Hongxin Hu. 2015. Picture Gesture Authentication: Empirical Analysis, Automated Attacks, and Scheme Evaluation. Journal of ACM Transactions on Information and System Security (TISSEC) 17, 4, Article 14 (April 2015), 37 pages.

Digital Library

[26]

Susan Wiedenbeck, Jim Waters, Jean-Camille Birget, Alex Brodskiy, and Nasir Memon. 2005. Authentication using graphical passwords: effects of tolerance and image choice. In Proceedings of the 2005 Symposium on Usable privacy and security (SOUPS '05). ACM, New York, NY, USA, 1--12.

Digital Library

[27]

Federico Perazzi, Philipp Krahenbu?hl, Yael Pritch, and Alexander Hornung. 2012. Saliency filters: Contrast based filtering for salient region detection. 2012 IEEE Conference on Computer Vision and Pattern Recognition (CVPR '12). IEEE, Providence, RI, USA, 733--740.

Digital Library

[28]

Maurizio Cardaci, Vito Di Gesu, Maria Petrou, and Marco Elio Tabacchi. 2009. A fuzzy approach to the evaluation of image complexity. Fuzzy Sets and Systems 160, 10 (May 2009), 1474--1484.

Digital Library

[29]

GP3 Eye Tracker. 2018. {Online} Available at: https://www.gazept.com/

[30]

George E. Raptis, Christos A. Fidas, and Nikolaos M. Avouris. 2016. Using Eye Tracking to Identify Cognitive Differences: A Brief Literature Review. In Proceedings of the 20th Pan-Hellenic Conference on Informatics (PCI '16). ACM, New York, NY, USA, Article 21, 6 pages.

Digital Library

[31]

Dereck Toker, Ben Steichen, Matthew Gingerich, Cristina Conati, and Giuseppe Carenini. 2014. Towards facilitating user skill acquisition: identifying untrained visualization users through eye tracking. In Proceedings of the 19th International Conference on Intelligent User Interfaces (IUI '14). ACM, New York, NY, USA, 105--114.

Digital Library

[32]

Dereck Toker, Sébastien Lallé, and Cristina Conati. 2017. Pupillometry and Head Distance to the Screen to Predict Skill Acquisition During Information Visualization Tasks. In Proceedings of the 22nd International Conference on Intelligent User Interfaces (IUI '17). ACM, New York, NY, USA, 221--231.

Digital Library

[33]

Sean M. Segreti, William Melicher, Saranga Komanduri, Darya Melicher, Richard Shay, Blase Ur, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Michelle L. Mazurek. 2017. Diversify to Survive: Making Passwords Stronger with Adaptive Policies. In Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017): 1--12.

Digital Library

[34]

Tulving, E. (1972). Episodic and semantic memory. Organization of memory, 1, 381--403.

[35]

Marios Belk, Christos Fidas, Panagiotis Germanakos, and George Samaras. 2017. The interplay between humans, technology and user authentication: a cognitive processing perspective, Computers in Human Behavior, 76, 184--200.

Digital Library

[36]

Florian Alt, Stefan Schneegass, Alireza Sahami Shirazi, Mariam Hassib, and Andreas Bulling. 2015. Graphical Passwords in the Wild: Understanding How Users Choose Pictures and Passwords in Image-based Authentication Schemes. In Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services (MobileHCI '15). ACM Press, New York, NY, USA, 316--322.

Digital Library

Cited By

Wang CTang HZhu HZheng JJiang C(2024)Behavioral authentication for security and safetySecurity and Safety10.1051/sands/20240033(2024003)Online publication date: 30-Apr-2024
https://doi.org/10.1051/sands/2024003
Constantinides CConstantinides ABelk MFidas CPitsillides A(2021)A Comparative Study among Different Computer Vision Algorithms for Assisting Users in Picture Password CompositionAdjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3450614.3464474(357-362)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1145/3450614.3464474
Fidas CBelk MConstantinides CConstantinides APitsillides A(2021)A Field Dependence-Independence Perspective on Eye Gaze Behavior within Affective ActivitiesHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85623-6_6(63-72)Online publication date: 26-Aug-2021
https://doi.org/10.1007/978-3-030-85623-6_6
Show More Cited By

Index Terms

On the Accuracy of Eye Gaze-driven Classifiers for Predicting Image Content Familiarity in Graphical Passwords
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. HCI theory, concepts and models

Recommendations

“I Recall this Picture”: Understanding Picture Password Selections based on Users’ Sociocultural Experiences
WI '19: IEEE/WIC/ACM International Conference on Web Intelligence

Graphical passwords leverage the picture superiority effect to enhance memorability, and reflect today's haptic user interaction realms. Image content related to users’ past sociocultural experiences assists users with the creation of more secure and ...
A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords
SOUPS '06: Proceedings of the second symposium on Usable privacy and security

Previous research has found graphical passwords to be more memorable than non-dictionary or "strong" alphanumeric passwords. Participants in a prior study expressed concerns that this increase in memorability could also lead to an increased ...
Multiple password interference in text passwords and click-based graphical passwords
CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

The underlying issues relating to the usability and security of multiple passwords are largely unexplored. However, we know that people generally have difficulty remembering multiple passwords. This reduces security since users reuse the same password ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

UMAP '19: Proceedings of the 27th ACM Conference on User Modeling, Adaptation and Personalization

June 2019

377 pages

ISBN:9781450360210

DOI:10.1145/3320435

General Chairs:
George Angelos Papadopoulos
University of Cyprus, Cyprus
,
George Samaras
University of Cyprus, Cyprus
,
Stephan Weibelzahl
PFH Private University of Applied Sciences Göttingen, Germany
,
Program Chairs:
Dietmar Jannach
Alpen-Adria-Universität Klagenfurt, Austria
,
Olga C. Santos
aDeNu Research Group - UNED, Spain

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 June 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

Conference

UMAP '19

Sponsor:

UMAP '19: 27th Conference on User Modeling, Adaptation and Personalization

June 9 - 12, 2019

Larnaca, Cyprus

Acceptance Rates

UMAP '19 Paper Acceptance Rate 30 of 122 submissions, 25%;

Overall Acceptance Rate 162 of 633 submissions, 26%

Upcoming Conference

UMAP '25

Sponsor:
sigchi
sigchi

33rd ACM Conference on User Modeling, Adaptation and Personalization

June 16 - 19, 2025

New York City , NY , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
263
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)1

Reflects downloads up to 06 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang CTang HZhu HZheng JJiang C(2024)Behavioral authentication for security and safetySecurity and Safety10.1051/sands/20240033(2024003)Online publication date: 30-Apr-2024
https://doi.org/10.1051/sands/2024003
Constantinides CConstantinides ABelk MFidas CPitsillides A(2021)A Comparative Study among Different Computer Vision Algorithms for Assisting Users in Picture Password CompositionAdjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3450614.3464474(357-362)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1145/3450614.3464474
Fidas CBelk MConstantinides CConstantinides APitsillides A(2021)A Field Dependence-Independence Perspective on Eye Gaze Behavior within Affective ActivitiesHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85623-6_6(63-72)Online publication date: 26-Aug-2021
https://doi.org/10.1007/978-3-030-85623-6_6
Constantinides ABelk MFidas CPitsillides A(2021)Understanding Insider Attacks in Personalized Picture Password SchemesHuman-Computer Interaction – INTERACT 202110.1007/978-3-030-85610-6_42(722-731)Online publication date: 26-Aug-2021
https://doi.org/10.1007/978-3-030-85610-6_42
Leonidou PConstantinides ABelk MFidas CPitsillides A(2021)Eye Gaze and Interaction Differences of Holistic Versus Analytic Users in Image-Recognition Human Interaction Proof SchemesHCI for Cybersecurity, Privacy and Trust10.1007/978-3-030-77392-2_5(66-75)Online publication date: 3-Jul-2021
https://doi.org/10.1007/978-3-030-77392-2_5
Man KHarring J(2020)Assessing Preknowledge Cheating via Innovative Measures: A Multiple-Group Analysis of Jointly Modeling Item Responses, Response Times, and Visual Fixation CountsEducational and Psychological Measurement10.1177/001316442096863081:3(441-465)Online publication date: 31-Oct-2020
https://doi.org/10.1177/0013164420968630
Georgakopoulos TKoutroumani MMoulias TFidas C(2020)On the Effectiveness of Low-Cost Face Recognition with Deep LearningProceedings of the 24th Pan-Hellenic Conference on Informatics10.1145/3437120.3437275(57-60)Online publication date: 20-Nov-2020
https://dl.acm.org/doi/10.1145/3437120.3437275
Michos EGkoumas SSiakampeti IFidas C(2020)On the Extension of the Haar Cascade Algorithm for Face Recognition: Case Study and ResultsProceedings of the 24th Pan-Hellenic Conference on Informatics10.1145/3437120.3437274(53-56)Online publication date: 20-Nov-2020
https://dl.acm.org/doi/10.1145/3437120.3437274
Constantinides ABelk MFidas CPitsillides A(2020)Design and Development of a Patient-centric User Authentication SystemAdjunct Publication of the 28th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3386392.3399564(201-203)Online publication date: 14-Jul-2020
https://dl.acm.org/doi/10.1145/3386392.3399564
Constantinides ABelk MFidas CPitsillides APaternò FOliver NConati CSpano LTintarev N(2020)An eye gaze-driven metric for estimating the strength of graphical passwords based on image hotspotsProceedings of the 25th International Conference on Intelligent User Interfaces10.1145/3377325.3377537(33-37)Online publication date: 17-Mar-2020
https://dl.acm.org/doi/10.1145/3377325.3377537
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents