Details
| Original language | English |
|---|---|
| Title of host publication | Proceedings - EuroUSEC 2022 |
| Subtitle of host publication | 2022 European Symposium on Usable Security, EuroUSEC 2022 |
| Publisher | Association for Computing Machinery (ACM) |
| Pages | 85-97 |
| Number of pages | 13 |
| ISBN (electronic) | 9781450397001 |
| Publication status | Published - 29 Sept 2022 |
| Event | 2nd European Symposium on Usable Security, EuroUSEC 2022 - Karlsruhe, Germany Duration: 29 Sept 2022 → 30 Sept 2022 |
Publication series
| Name | ACM International Conference Proceeding Series |
|---|
Abstract
Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.
Keywords
- privacy, security, shoulder surfing
ASJC Scopus subject areas
- Computer Science(all)
- Human-Computer Interaction
- Computer Science(all)
- Computer Networks and Communications
- Computer Science(all)
- Computer Vision and Pattern Recognition
- Computer Science(all)
- Software
Cite this
- Standard
- Harvard
- Apa
- Vancouver
- BibTeX
- RIS
Proceedings - EuroUSEC 2022: 2022 European Symposium on Usable Security, EuroUSEC 2022. Association for Computing Machinery (ACM), 2022. p. 85-97 (ACM International Conference Proceeding Series).
Research output: Chapter in book/report/conference proceeding › Conference contribution › Research › peer review
}
TY - GEN
T1 - Shoulder Surfing through the Social Lens
T2 - 2nd European Symposium on Usable Security, EuroUSEC 2022
AU - Farzand, Habiba
AU - Marky, Karola
AU - Khamis, Mohamed
N1 - Funding Information: This publication was supported by an Excellence Bursary Award by the University of Glasgow, by an EPSRC New Investigator Award (grant number EP/V008870/1), and by the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, which is also funded by the UK EPSRC under grant number EP/S035362/1. Figure 1 was created using Canva [7] under Free Content License.
PY - 2022/9/29
Y1 - 2022/9/29
N2 - Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.
AB - Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people's daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.
KW - privacy
KW - security
KW - shoulder surfing
UR - http://www.scopus.com/inward/record.url?scp=85138487959&partnerID=8YFLogxK
U2 - 10.1145/3549015.3554211
DO - 10.1145/3549015.3554211
M3 - Conference contribution
AN - SCOPUS:85138487959
T3 - ACM International Conference Proceeding Series
SP - 85
EP - 97
BT - Proceedings - EuroUSEC 2022
PB - Association for Computing Machinery (ACM)
Y2 - 29 September 2022 through 30 September 2022
ER -