EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks
Graphical authentication schemes have the advantage of being more memorable than conventional passwords. Although some image distortion methods have been proposed to prevent the risks of over-the-shoulder attacks (OSAs), these methods cannot prevent camera recording attacks, as the key images are th...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2022-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/9662374/ |
_version_ | 1798040492400705536 |
---|---|
author | Takayuki Kawamura Tadashi Ebihara Naoto Wakatsuki Keiichi Zempo |
author_facet | Takayuki Kawamura Tadashi Ebihara Naoto Wakatsuki Keiichi Zempo |
author_sort | Takayuki Kawamura |
collection | DOAJ |
description | Graphical authentication schemes have the advantage of being more memorable than conventional passwords. Although some image distortion methods have been proposed to prevent the risks of over-the-shoulder attacks (OSAs), these methods cannot prevent camera recording attacks, as the key images are the same each time. In this study, we propose a graphical authentication scheme that generates various distorted images, named Estimating Your Encodable Distorted images (EYEDi). EYEDi generates distorted images by applying several image processing filters to the original images. Moreover, EYEDi estimates the appropriate image processing filter strength based on the authentication data. To measure attack resistance, twenty participants performed three types of attacks (OSA, camera recording attack, and screenshot) 300 times, each using existing methods and EYEDi. The classification error rate of all three types of attacks showed that EYEDi had a lower classification error rate between the legitimate user and attackers. Especially for the screenshot attack, which is the most severe threat model, the existing method was completely broken through, while EYEDi prevented the attacks with a classification error rate of 10%. This result shows that EYEDi can eliminate the screenshot attacker by using the difference in authentication times and a simple improvement in defense performance. |
first_indexed | 2024-04-11T22:08:22Z |
format | Article |
id | doaj.art-c5900e2b76ff4d7fa018fd55196688c3 |
institution | Directory Open Access Journal |
issn | 2169-3536 |
language | English |
last_indexed | 2024-04-11T22:08:22Z |
publishDate | 2022-01-01 |
publisher | IEEE |
record_format | Article |
series | IEEE Access |
spelling | doaj.art-c5900e2b76ff4d7fa018fd55196688c32022-12-22T04:00:38ZengIEEEIEEE Access2169-35362022-01-01102256226810.1109/ACCESS.2021.31380939662374EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot AttacksTakayuki Kawamura0https://orcid.org/0000-0003-0765-4472Tadashi Ebihara1https://orcid.org/0000-0001-5457-6783Naoto Wakatsuki2https://orcid.org/0000-0002-3889-8915Keiichi Zempo3https://orcid.org/0000-0003-2339-5298Graduate School of Science and Technology, University of Tsukuba, Tsukuba, JapanFaculty of Engineering, Information and Systems, University of Tsukuba, Tsukuba, JapanFaculty of Engineering, Information and Systems, University of Tsukuba, Tsukuba, JapanFaculty of Engineering, Information and Systems, University of Tsukuba, Tsukuba, JapanGraphical authentication schemes have the advantage of being more memorable than conventional passwords. Although some image distortion methods have been proposed to prevent the risks of over-the-shoulder attacks (OSAs), these methods cannot prevent camera recording attacks, as the key images are the same each time. In this study, we propose a graphical authentication scheme that generates various distorted images, named Estimating Your Encodable Distorted images (EYEDi). EYEDi generates distorted images by applying several image processing filters to the original images. Moreover, EYEDi estimates the appropriate image processing filter strength based on the authentication data. To measure attack resistance, twenty participants performed three types of attacks (OSA, camera recording attack, and screenshot) 300 times, each using existing methods and EYEDi. The classification error rate of all three types of attacks showed that EYEDi had a lower classification error rate between the legitimate user and attackers. Especially for the screenshot attack, which is the most severe threat model, the existing method was completely broken through, while EYEDi prevented the attacks with a classification error rate of 10%. This result shows that EYEDi can eliminate the screenshot attacker by using the difference in authentication times and a simple improvement in defense performance.https://ieeexplore.ieee.org/document/9662374/Authenticationgraphical passcodeover-the-shoulder attackcamera recordingimage processing filter |
spellingShingle | Takayuki Kawamura Tadashi Ebihara Naoto Wakatsuki Keiichi Zempo EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks IEEE Access Authentication graphical passcode over-the-shoulder attack camera recording image processing filter |
title | EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks |
title_full | EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks |
title_fullStr | EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks |
title_full_unstemmed | EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks |
title_short | EYEDi: Graphical Authentication Scheme of Estimating Your Encodable Distorted Images to Prevent Screenshot Attacks |
title_sort | eyedi graphical authentication scheme of estimating your encodable distorted images to prevent screenshot attacks |
topic | Authentication graphical passcode over-the-shoulder attack camera recording image processing filter |
url | https://ieeexplore.ieee.org/document/9662374/ |
work_keys_str_mv | AT takayukikawamura eyedigraphicalauthenticationschemeofestimatingyourencodabledistortedimagestopreventscreenshotattacks AT tadashiebihara eyedigraphicalauthenticationschemeofestimatingyourencodabledistortedimagestopreventscreenshotattacks AT naotowakatsuki eyedigraphicalauthenticationschemeofestimatingyourencodabledistortedimagestopreventscreenshotattacks AT keiichizempo eyedigraphicalauthenticationschemeofestimatingyourencodabledistortedimagestopreventscreenshotattacks |