research-article

Hide my Gaze with EOG!: Towards Closed-Eye Gaze Gesture Passwords that Resist Observation-Attacks with Electrooculography in Smart Glasses

Authors:

Rainhard Dieter Findling,

Stephan SiggAuthors Info & Claims

MoMM2019: Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia

Pages 107 - 116

https://doi.org/10.1145/3365921.3365922

Published: 22 February 2020 Publication History

Abstract

Smart glasses allow for gaze gesture passwords as a hands-free form of mobile authentication. However, pupil movements for password input are easily observed by attackers, who thereby can derive the password. In this paper we investigate closed-eye gaze gesture passwords with EOG sensors in smart glasses. We propose an approach to detect and recognize closed-eye gaze gestures, together with a 7 and 9 character gaze gesture alphabet. Our evaluation indicates good gaze gesture detection rates. However, recognition is challenging specifically for vertical eye movements with 71.2%-86.5% accuracy and better results for opened than closed eyes. We further find that closed-eye gaze gesture passwords are difficult to attack from observations with 0% success rate in our evaluation, while attacks on open eye passwords succeed with 61%. This indicates that closed-eye gaze gesture passwords protect the authentication secret significantly better than their open eye counterparts.

References

[1]

Yomna Abdelrahman, Mohamed Khamis, Stefan Schneegass, and Florian Alt. 2017. Stay Cool! Understanding Thermal Attacks on Mobile-based User Authentication. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (CHI '17). ACM, New York, NY, USA, 3751--3763. https://doi.org/10.1145/3025453.3025461

Digital Library

[2]

Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, and Jonathan M. Smith. 2010. Smudge attacks on smartphone touch screens. In Proc. of the 4th USENIX conference on offensive technologies. Berkeley, CA, USA, 1--7. http://dl.acm.org/citation.cfm?id=1925004.1925009

[3]

J. Bonneau. 2012. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. In IEEE Symposium on Security and Privacy (SP 2012). 538--552. https://doi.org/10.1109/SP.2012.49

Digital Library

[4]

Andreas Bulling, Florian Alt, and Albrecht Schmidt. 2012. Increasing the Security of Gaze-based Cued-recall Graphical Passwords Using Saliency Masks. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '12). ACM, New York, NY, USA, 3011--3020. https://doi.org/10.1145/2207676.2208712

Digital Library

[5]

Andreas Bulling, Daniel Roggen, and Gerhard Tröster. 2008. It's in Your Eyes - Towards Context-Awareness and Mobile HCI Using Wearable EOG Goggles. In Proc. of the 10th International Conference on Ubiquitous Computing (UbiComp 2008) (ACM International Conference Proceeding Series), Vol. 344. 84--93. https://doi.org/10.1145/1409635.1409647 acceptance rate: 18.6%.

[6]

Andreas Bulling, Daniel Roggen, and Gerhard Tröster. 2009. Wearable EOG Goggles: Eye-based Interaction in Everyday Environments. In CHI '09 Extended Abstracts on Human Factors in Computing Systems (CHI EA '09). ACM, New York, NY, USA, 3259--3264. https://doi.org/10.1145/1520340.1520468

Digital Library

[7]

Andreas Bulling, J. A. Ward, Hans Gellersen, and Gerhard Tröster. 2011. Eye Movement Analysis for Activity Recognition Using Electrooculography. IEEE Transactions on Pattern Analysis and Machine Intelligence 33, 4 (April 2011), 741--753. https://doi.org/10.1109/TPAMI.2010.86

Digital Library

[8]

Alexander De Luca, Martin Denzel, and Heinrich Hussmann. 2009. Look into My Eyes!: Can You Guess My Password?. In Proc. 5th Symposium on Usable Privacy and Security (SOUPS '09). ACM, New York, NY, USA, Article 7, 12 pages. https://doi.org/10.1145/1572532.1572542

Digital Library

[9]

Alexander De Luca, Roman Weiss, and Heiko Drewes. 2007. Evaluation of Eye-gaze Interaction Methods for Security Enhanced PIN-entry. In Proceedings of the 19th Australasian Conference on Computer-Human Interaction: Entertaining User Interfaces (OZCHI '07). ACM, New York, NY, USA, 199--202. https://doi.org/10.1145/1324892.1324932

[10]

Heiko Drewes, Alexander De Luca, and Albrecht Schmidt. 2007. Eye-gaze Interaction for Mobile Phones. In Proceedings of the 4th International Conference on Mobile Technology, Applications, and Systems and the 1st International Symposium on Computer Human Interaction in Mobile Technology (Mobility '07). ACM, New York, NY, USA, 364--371. https://doi.org/10.1145/1378063.1378122

Digital Library

[11]

Heiko Drewes and Albrecht Schmidt. 2007. Interacting with the Computer Using Gaze Gestures. In Human-Computer Interaction -- INTERACT 2007, Cécilia Baranauskas, Philippe Palanque, Julio Abascal, and Simone Diniz Junqueira Barbosa (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 475--488. https://doi.org/10.1007/978-3-540-74800-7_43

Digital Library

[12]

Rainhard Dieter Findling and René Mayrhofer. 2013. Towards Pan Shot Face Unlock: Using Biometric Face Information from Different Perspectives to Unlock Mobile Devices. International Journal of Pervasive Computing and Communications 9, 3 (Sept. 2013), 190--208. https://doi.org/10.1108/IJPCC-05-2013-0012

[13]

Rainhard Dieter Findling, Muhammad Muaaz, Daniel Hintze, and René Mayrhofer. 2017. ShakeUnlock: Securely Transfer Authentication States Between Mobile Devices. IEEE Transactions on Mobile Computing (TMC) 16, 4 (April 2017), 1163--1175. https://doi.org/10.1109/TMC.2016.2582489

[14]

Rainhard Dieter Findling, Le Ngu Nguyen, and Stephan Sigg. 2019. Closed-Eye Gaze Gestures: Detection and Recognition of Closed-Eye Movements with Cameras in Smart Glasses. In 15th International Work-Conference on Artificial Neural Networks (IWANN 2019) (LNCS), Vol. 11506. Springer, 322--334.

[15]

Henna Heikkilä and Kari-Jouko Räihä. 2009. Speed and Accuracy of Gaze Gestures. Journal of Eye Movement Research 3, 2 (Nov. 2009), 1--14. https://doi.org/10.16910/jemr.3.2.1

[16]

Daniel Hintze, Rainhard Dieter Findling, Muhammad Muaaz, Eckhard Koch, and René Mayrhofer. 2015. CORMORANT: Towards Continuous Risk-Aware Multi-Modal Cross-Device Authentication. Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication (UbiComp 2015), Osaka, Japan. In Proc. 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication (UbiComp 2015). ACM, Osaka, Japan, 169--172. https://doi.org/10.1145/2800835.2800906

[17]

Daniel Hintze, Rainhard Dieter Findling, Sebastian Scholz, and René Mayrhofer. 2014. Mobile Device Usage Characteristics: The Effect of Context and Form Factor on Locked and Unlocked Usage. In Proc. MoMM 2014: 12th International Conference on Advances in Mobile Computing and Multimedia. ACM Press, New York, NY, USA, 105--114. https://doi.org/10.1145/2684103.2684156

Digital Library

[18]

Daniel Hintze, Philipp Hintze, Rainhard Dieter Findling, and René Mayrhofer. 2017. A Large-Scale, Long-Term Analysis of Mobile Device Usage Characteristics. Proc. ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 1, 2 (June 2017). https://doi.org/10.1145/3090078

Digital Library

[19]

Daniel Hintze, Muhammad Muaaz, Rainhard Dieter Findling, S. Scholz, E. Koch, and René Mayrhofer. 2015. Confidence and Risk Estimation Plugins for Multi-Modal Authentication on Mobile Devices using CORMORANT. In 13th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2015). ACM, Brussels, Belgium, 384--388. https://doi.org/10.1145/2837126.2843845

Digital Library

[20]

M. S. Hossain, Kristie Huda, S M. Sadman Rahman, and Mohiuddin Ahmad. 2015. Implementation of an EOG based security system by analyzing eye movement patterns. https://doi.org/10.1109/ICAEE.2015.7506818

[21]

Aulikki Hyrskykari, Howell Istance, and Stephen Vickers. 2012. Gaze Gestures or Dwell-based Interaction?. In Proceedings of the Symposium on Eye Tracking Research and Applications (ETRA '12). ACM, New York, NY, USA, 229--232. https://doi.org/10.1145/2168556.2168602

Digital Library

[22]

Shoya Ishimaru, Kai Kunze, Katsuma Tanaka, Yuji Uema, Koichi Kise, and Masahiko Inami. 2015. Smart Eyewear for Interaction and Activity Recognition. In Proceedings of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing Systems (CHI EA '15). ACM, New York, NY, USA, 307--310. https://doi.org/10.1145/2702613.2725449

Digital Library

[23]

Howell Istance, Aulikki Hyrskykari, Lauri Immonen, Santtu Mansikkamaa, and Stephen Vickers. 2010. Designing Gaze Gestures for Gaming: An Investigation of Performance. In Proceedings of the 2010 Symposium on Eye-Tracking Research & Applications (ETRA '10). ACM, New York, NY, USA, 323--330. https://doi.org/10.1145/1743666.1743740

Digital Library

[24]

Moritz Kassner, William Patera, and Andreas Bulling. 2014. Pupil: An Open Source Platform for Pervasive Eye Tracking and Mobile Gaze-based Interaction. In Proc. UbiComp 2014, Adjunct Publication. ACM, 1151--1160.

Digital Library

[25]

Mohamed Khamis, Florian Alt, Mariam Hassib, Emanuel von Zezschwitz, Regina Hasholzner, and Andreas Bulling. 2016. GazeTouchPass: Multimodal Authentication Using Gaze and Touch on Mobile Devices. In Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems (CHI EA '16). ACM, New York, NY, USA, 2156--2164. https://doi.org/10.1145/2851581.2892314

Digital Library

[26]

Mohamed Khamis, Mariam Hassib, Emanuel von Zezschwitz, Andreas Bulling, and Florian Alt. 2017. GazeTouchPIN: Protecting Sensitive Data on Mobile Devices Using Secure Multimodal Authentication. In Proceedings of the 19th ACM International Conference on Multimodal Interaction (ICMI 2017). ACM, New York, NY, USA, 446--450. https://doi.org/10.1145/3136755.3136809

Digital Library

[27]

Abraham. Savitzky and M. J. E. Golay. 1964. Smoothing and Differentiation of Data by Simplified Least Squares Procedures. Analytical Chemistry 36, 8 (1964), 1627--1639.

[28]

Florian Schaub, Ruben Deyhle, and Michael Weber. 2012. Password entry usability and shoulder surfing susceptibility on different smartphone platforms. In Proc. of the 11th International Conference on Mobile and Ubiquitous Multimedia (MUM'12). ACM, New York, NY, USA, Article 13, 10 pages. https://doi.org/10.1145/2406367.2406384

Digital Library

[29]

Youngbae Song, Geumhwan Cho, Seongyeol Oh, Hyoungshick Kim, and Jun Ho Huh. 2015. On the Effectiveness of Pattern Lock Strength Meters: Measuring the Strength of Real World Pattern Locks. In Proc. 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 2343--2352. https://doi.org/10.1145/2702123.2702365

Digital Library

[30]

Melanie Swan. 2012. Sensor Mania! The Internet of Things, Wearable Computing, Objective Metrics, and the Quantified Self 2.0. Journal of Sensor and Actuator Networks (JSAN) 1, 3 (Nov. 2012), 217--253.

[31]

Dirk Van Bruggen, Shu Liu, Mitch Kajzer, Aaron Striegel, Charles R. Crowell, and John D'Arcy. 2013. Modifying Smartphone User Locking Behavior. In Proc. SOUPS 2013. ACM, NY, USA, Article 10, 14 pages. https://doi.org/10.1145/2501604.2501614

Digital Library

[32]

Paul C. van Oorschot and Julie Thorpe. 2008. On Predictive Models and User-drawn Graphical Passwords. ACM Trans. Inf. Syst. Secur. 10, 4, Article 5 (Jan. 2008), 33 pages. https://doi.org/10.1145/1284680.1284685

[33]

Roman Weiss and Alexander De Luca. 2008. PassShapes: Utilizing Stroke Based Authentication to Increase Password Memorability. In Proc. 5th Nordic Conference on Human-computer Interaction: Building Bridges (NordiCHI '08). ACM, New York, NY, USA, 383--392. https://doi.org/10.1145/1463160.1463202

Digital Library

[34]

Jacob O. Wobbrock, Brad A. Myers, and John A. Kembel. 2003. EdgeWrite: A Stylus-based Text Entry Method Designed for High Accuracy and Stability of Motion. In Proceedings of the 16th Annual ACM Symposium on User Interface Software and Technology (UIST '03). ACM, New York, NY, USA, 61--70. https://doi.org/10.1145/964696.964703

Digital Library

[35]

Jacob O. Wobbrock, James Rubinstein, Michael W. Sawyer, and Andrew T. Duchowski. 2008. Longitudinal Evaluation of Discrete Consecutive Gaze Gestures for Text Entry. In Proceedings of the 2008 Symposium on Eye Tracking Research & Applications (ETRA '08). ACM, New York, NY, USA, 11--18. https://doi.org/10.1145/1344471.1344475

Digital Library

Cited By

Hallal LRhinelander JVenkat R(2024)Recent Trends of Authentication Methods in Extended Reality: A SurveyApplied System Innovation10.3390/asi70300457:3(45)Online publication date: 28-May-2024
https://doi.org/10.3390/asi7030045
Han MOakley IKostakos VKay JHoang T(2024)EyeWithShut: Exploring Closed Eye Features to Estimate Eye PositionCompanion of the 2024 on ACM International Joint Conference on Pervasive and Ubiquitous Computing10.1145/3675094.3677605(157-161)Online publication date: 5-Oct-2024
https://dl.acm.org/doi/10.1145/3675094.3677605
Bature ZAbdullahi SChiracharit WChamnongthai K(2024)Translated Pattern-Based Eye-Writing Recognition Using Dilated Causal Convolution NetworkIEEE Access10.1109/ACCESS.2024.339074612(59079-59092)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3390746
Show More Cited By

Index Terms

Hide my Gaze with EOG!: Towards Closed-Eye Gaze Gesture Passwords that Resist Observation-Attacks with Electrooculography in Smart Glasses
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. Interaction techniques
      1. Gestural input
  2. Ubiquitous and mobile computing
    1. Ubiquitous and mobile computing theory, concepts and paradigms
      1. Mobile computing
    2. Ubiquitous and mobile devices
      1. Mobile devices
2. Security and privacy
  1. Security services
    1. Authentication
      1. Graphical / visual passwords

Recommendations

Haptic feedback of gaze gestures with glasses: localization accuracy and effectiveness
UbiComp/ISWC'15 Adjunct: Adjunct Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2015 ACM International Symposium on Wearable Computers

Wearable devices including smart eyewear require new interaction methods between the device and the user. In this paper, we describe our work on the combined use of eye tracking for input and haptic (touch) stimulation for output with eyewear. Input ...
Gliding and saccadic gaze gesture recognition in real time

Eye movements can be consciously controlled by humans to the extent of performing sequences of predefined movement patterns, or 'gaze gestures'. Gaze gestures can be tracked noninvasively employing a video-based eye tracking system. Gaze gestures hold ...
Vibrotactile stimulation of the head enables faster gaze gestures

Gaze gestures are a promising input technology for wearable devices especially in the smart glasses form factor because gaze gesturing is unobtrusive and leaves the hands free for other tasks. We were interested in how gaze gestures can be enhanced with ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

MoMM2019: Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia

December 2019

266 pages

ISBN:9781450371780

DOI:10.1145/3365921

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Johannes Kepler University, Linz, Austria
@WAS: International Organization of Information Integration and Web-based Applications and Services

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 February 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

MoMM2019

MoMM2019: The 17th International Conference on Advances in Mobile Computing & Multimedia

December 2 - 4, 2019

Munich, Germany

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
257
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)7

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hallal LRhinelander JVenkat R(2024)Recent Trends of Authentication Methods in Extended Reality: A SurveyApplied System Innovation10.3390/asi70300457:3(45)Online publication date: 28-May-2024
https://doi.org/10.3390/asi7030045
Han MOakley IKostakos VKay JHoang T(2024)EyeWithShut: Exploring Closed Eye Features to Estimate Eye PositionCompanion of the 2024 on ACM International Joint Conference on Pervasive and Ubiquitous Computing10.1145/3675094.3677605(157-161)Online publication date: 5-Oct-2024
https://dl.acm.org/doi/10.1145/3675094.3677605
Bature ZAbdullahi SChiracharit WChamnongthai K(2024)Translated Pattern-Based Eye-Writing Recognition Using Dilated Causal Convolution NetworkIEEE Access10.1109/ACCESS.2024.339074612(59079-59092)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3390746
Demirel ÇReguş LKöse H(2024)Harmonic enhancement to optimize EOG based ocular activity decoding: A hybrid approach with harmonic source separation and EEMDHeliyon10.1016/j.heliyon.2024.e35242(e35242)Online publication date: Jul-2024
https://doi.org/10.1016/j.heliyon.2024.e35242
Bature ZAbdullahi SYeamkuan SChiracharit WChamnongthai K(2023)Boosted Gaze Gesture Recognition Using Underlying Head Orientation SequenceIEEE Access10.1109/ACCESS.2023.327028511(43675-43689)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3270285
Newn JQuesada SHou BKhan AWeidner FGellersen H(2023)Exploring Eye Expressions for Enhancing EOG-Based InteractionHuman-Computer Interaction – INTERACT 202310.1007/978-3-031-42293-5_6(68-79)Online publication date: 26-Aug-2023
https://doi.org/10.1007/978-3-031-42293-5_6
Belkhiria CBoudir AHurter CPeysakhovich V(2022)EOG-Based Human–Computer Interface: 2000–2020 ReviewSensors10.3390/s2213491422:13(4914)Online publication date: 29-Jun-2022
https://doi.org/10.3390/s22134914
Khamis MMarky KBulling AAlt F(2022)User-centred multimodal authentication: securing handheld mobile devices using gaze and touch inputBehaviour & Information Technology10.1080/0144929X.2022.206959741:10(2061-2083)Online publication date: 6-May-2022
https://doi.org/10.1080/0144929X.2022.2069597

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten