Farzand, H., Marky, K. and Khamis, M. (2022) Shoulder Surfing through the Social Lens: A Longitudinal Investigation & Insights from an Exploratory Diary Study. In: European Symposium on Usable Security (EuroUSEC 2022), Karlsruhe, Germany, 29-30 September 2022, pp. 85-97. ISBN 9781450397001 (doi: 10.1145/3549015.3554211)
Text
276959.pdf - Accepted Version Available under License Creative Commons Attribution. 3MB |
Abstract
Shoulder surfing is a prevailing threat when accessing information on personal devices like smartphones. Adequate mitigation requires studying shoulder surfing occurrences in people’s daily lives. In this paper, we confirm and extend previous research findings on shoulder surfing occurrences using a new method; a one-month diary study (N=23). Our results provide evidence of shoulder surfing in public and private environments. Content-based shoulder surfing happens more frequently than authentication-based shoulder surfing. Participants experienced shoulder surfing at least twice during the study period and considered the closeness of relationships with the shoulder surfers when deciding how to respond to shoulder surfing incidents. Participants preferred unobtrusive alerting mechanisms over mitigation mechanisms for protection against shoulder surfing. Our work advocates moving away from one-size-fits-all privacy solutions and supports the design of user-centred shoulder surfing mitigation methods that consider social aspects. We conclude with directions for future research to assist security researchers and practitioners.
Item Type: | Conference Proceedings |
---|---|
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Marky, Dr Karola and Khamis, Dr Mohamed and Farzand, Ms Habiba |
Authors: | Farzand, H., Marky, K., and Khamis, M. |
College/School: | College of Science and Engineering > School of Computing Science |
ISBN: | 9781450397001 |
Published Online: | 29 September 2022 |
Copyright Holders: | Copyright © 2022 The Authors |
Publisher Policy: | Reproduced in accordance with the copyright policy of the publisher |
Related URLs: |
University Staff: Request a correction | Enlighten Editors: Update this record