Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study

Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

Autorschaft

  • Habiba Farzand
  • Karola Marky
  • Mohamed Khamis

Organisationseinheiten

Externe Organisationen

  • University of Glasgow
Forschungs-netzwerk anzeigen

Details

OriginalspracheEnglisch
Titel des SammelwerksProceedings - EuroUSEC 2022
Untertitel2022 European Symposium on Usable Security, EuroUSEC 2022
Herausgeber (Verlag)Association for Computing Machinery (ACM)
Seiten85-97
Seitenumfang13
ISBN (elektronisch)9781450397001
PublikationsstatusVeröffentlicht - 29 Sept. 2022
Veranstaltung2nd European Symposium on Usable Security, EuroUSEC 2022 - Karlsruhe, Deutschland
Dauer: 29 Sept. 202230 Sept. 2022

Publikationsreihe

NameACM International Conference Proceeding Series

Abstract

Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.

ASJC Scopus Sachgebiete

Zitieren

Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study. / Farzand, Habiba; Marky, Karola; Khamis, Mohamed.
Proceedings - EuroUSEC 2022: 2022 European Symposium on Usable Security, EuroUSEC 2022. Association for Computing Machinery (ACM), 2022. S. 85-97 (ACM International Conference Proceeding Series).

Publikation: Beitrag in Buch/Bericht/Sammelwerk/KonferenzbandAufsatz in KonferenzbandForschungPeer-Review

Farzand, H, Marky, K & Khamis, M 2022, Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study. in Proceedings - EuroUSEC 2022: 2022 European Symposium on Usable Security, EuroUSEC 2022. ACM International Conference Proceeding Series, Association for Computing Machinery (ACM), S. 85-97, 2nd European Symposium on Usable Security, EuroUSEC 2022, Karlsruhe, Deutschland, 29 Sept. 2022. https://doi.org/10.1145/3549015.3554211
Farzand, H., Marky, K., & Khamis, M. (2022). Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study. In Proceedings - EuroUSEC 2022: 2022 European Symposium on Usable Security, EuroUSEC 2022 (S. 85-97). (ACM International Conference Proceeding Series). Association for Computing Machinery (ACM). https://doi.org/10.1145/3549015.3554211
Farzand H, Marky K, Khamis M. Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study. in Proceedings - EuroUSEC 2022: 2022 European Symposium on Usable Security, EuroUSEC 2022. Association for Computing Machinery (ACM). 2022. S. 85-97. (ACM International Conference Proceeding Series). doi: 10.1145/3549015.3554211
Farzand, Habiba ; Marky, Karola ; Khamis, Mohamed. / Shoulder Surfing through the Social Lens : A Longitudinal Investigation & Insights from an Exploratory Diary Study. Proceedings - EuroUSEC 2022: 2022 European Symposium on Usable Security, EuroUSEC 2022. Association for Computing Machinery (ACM), 2022. S. 85-97 (ACM International Conference Proceeding Series).
Download
@inproceedings{f79a801c3b8d4af59e14b7d8cffcba38,
title = "Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study",
abstract = "Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.",
keywords = "privacy, security, shoulder surfing",
author = "Habiba Farzand and Karola Marky and Mohamed Khamis",
note = "Funding Information: This publication was supported by an Excellence Bursary Award by the University of Glasgow, by an EPSRC New Investigator Award (grant number EP/V008870/1), and by the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, which is also funded by the UK EPSRC under grant number EP/S035362/1. Figure 1 was created using Canva [7] under Free Content License.; 2nd European Symposium on Usable Security, EuroUSEC 2022 ; Conference date: 29-09-2022 Through 30-09-2022",
year = "2022",
month = sep,
day = "29",
doi = "10.1145/3549015.3554211",
language = "English",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery (ACM)",
pages = "85--97",
booktitle = "Proceedings - EuroUSEC 2022",
address = "United States",

}

Download

TY - GEN

T1 - Shoulder Surfing through the Social Lens

T2 - 2nd European Symposium on Usable Security, EuroUSEC 2022

AU - Farzand, Habiba

AU - Marky, Karola

AU - Khamis, Mohamed

N1 - Funding Information: This publication was supported by an Excellence Bursary Award by the University of Glasgow, by an EPSRC New Investigator Award (grant number EP/V008870/1), and by the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, which is also funded by the UK EPSRC under grant number EP/S035362/1. Figure 1 was created using Canva [7] under Free Content License.

PY - 2022/9/29

Y1 - 2022/9/29

N2 - Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.

AB - Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.

KW - privacy

KW - security

KW - shoulder surfing

UR - http://www.scopus.com/inward/record.url?scp=85138487959&partnerID=8YFLogxK

U2 - 10.1145/3549015.3554211

DO - 10.1145/3549015.3554211

M3 - Conference contribution

AN - SCOPUS:85138487959

T3 - ACM International Conference Proceeding Series

SP - 85

EP - 97

BT - Proceedings - EuroUSEC 2022

PB - Association for Computing Machinery (ACM)

Y2 - 29 September 2022 through 30 September 2022

ER -