Search

Your search keyword '"Yvonne Hwei Syn Kam"' showing total 13 results
Start Over Author "Yvonne Hwei Syn Kam"
13 results on '"Yvonne Hwei Syn Kam"'

3. Improving memorability using Emojis in a shoulder surfing resistant authentication method [version 1; peer review: 1 approved with reservations, 1 not approved]

Author

Mohamed Mahrous Mahrous Amer, Yvonne Hwei-Syn Kam, and Aiman Hussein Elkhedrawi

Subjects
Research Article, Articles, Graphical Authentication System, PIN, Password, Emoji, Shoulder Surfing
Abstract

Background: Emojis are icons that are familiar and fun to add pizzazz and colour to communication. They have also been used in authentication where the emojis form memorable pictogram story-like passwords. Emojis, which are graphical, are in general vulnerable to shoulder surfing attacks (SSAs). This paper studies whether graphics such as emojis offer better memorability than numerics when implemented in a shoulder-surfing resistant authentication method. Thus, the proposed method aims to meet both needs of being shoulder-surfing resistant as well as being memorable. Methods: In this paper, a SSA resistant method (DragPIN) is used as a reference system on which to implement emojis in place of numerics. Additionally, a new feature, cue questions was implemented for added security. In the proposed method, users composed emoji-based stories using personalised cue questions that served as memory aids. Moreover, these self-chosen cue questions were less comprehensible to shoulder-surfing observers. There were two variants of the DragPIN method, manual and automatic-sliding. To compare the differences, both the reference configuration and modified versions based on the proposed method were implemented. Thirty people participated in user testing. A pre- and post-survey appraised user experience. User testing and survey on both methods and their variants for performance, memorability, and usability were performed. Results: All implementations successfully resisted shoulder surfing. The time taken for login in the manual variant using the proposed methodology was shorter than using the reference method. After four to six weeks, login performance taking into account intermediate failures was better for the proposed method (86.7-91.7%) than the reference method (76.7-78.3%). Hypothesis testing also showed significance in the results. This could point to higher memorability in the proposed method. Conclusion: The study provides testing of emoji-based compared to PIN-based implementation in authentication. Emoji-based stories may form memorable passwords while personalised cue questions may aid memorability.

Published
2022
Full Text
View/download PDF

5. Methods to Eye Gaze Interaction for Authentication

Author

Vik Tor Goh, Yvonne Hwei Syn Kam, and Kar Wing Kwong

Subjects
Authentication, InformationSystems_INFORMATIONINTERFACESANDPRESENTATION(e.g.,HCI), Computer science, business.industry, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, General Engineering, Usability, Dwell time, InformationSystems_MODELSANDPRINCIPLES, Shoulder surfing, Human–computer interaction, Management of Technology and Innovation, Peripheral vision, Eye tracking, business, Selection (genetic algorithm), Gesture
Abstract

One of the methods touted to reduce shoulder surfing during onscreen authentication is eye gaze input. Eye gaze authentication methods have thus far relied on a few methods for selection of on screen objects, namely dwell time, blinking, eye gestures and pursuit of moving objects. This paper surveys the literature on the various approaches. From analysis of the advantages and drawbacks of the surveyed approaches, we find that the dwell method has advantages in security and usability. We then describe a method designed previously by the authors that enhances the dwell method by making use of peripheral vision. The proposed method is in the ideation stage.

Published
2019

6. Usable Authentication Methods for Seniors

Author

Jaspreet Singh and Yvonne Hwei Syn Kam

Subjects
Password, Authentication, Computer science, Management of Technology and Innovation, General Engineering, Face (sociological concept), Cognitive decline, USable, Computer security, computer.software_genre, computer
Abstract

Standard authentication methods require user to remember long texts or random numbers when authenticating. The elderly face problems of remembering these passwords maybe due to cognitive decline or simply because they are unfamiliar with current technological devices. This paper compares available authentication methods that are more usable for the elderly and summarises the effectiveness of these systems

Published
2019

7. Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects’ Information

Author

Peng Foong Ho, Yvonne Hwei-Syn Kam, Mee Chin Wee, Yu Nam Chong, and Lip Yee Por

Subjects
Technology, Medicine, Science
Abstract

Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to “shoulder-surfing” attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user’s actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set’s input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user’s actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack.

Published
2014
Full Text
View/download PDF

8. Face-Based Graphical Authentication System Using Hybrid Images

Author

Assim Sulaiman Khaled and Yvonne Hwei Syn Kam

Subjects
Password, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication, Computer science, Shoulder surfing, Optical illusion, Face (geometry), Authentication system, Login, Computer security, computer.software_genre, computer, Vulnerability (computing)
Abstract

Authentication systems used in the security world vary greatly but one system, the textual password authentication system, has dominated and become the most common authentication method used today. However, secure textual passwords are difficult to remember. In contrast, faces are easier to remember than text [1]. In this study, a face-based graphical authentication system that utilizes hybrid images has been developed. To the best of the authors’ knowledge, hybrid images of faces has not yet been used for authentication, thus this study uses optical illusion on faces for the purpose of authentication. The main purpose of the method is to reduce the limitations found in conventional text (or PIN) based authentication methods, i.e. passwords are difficult to remember and vulnerability to shoulder surfing attacks. The system was tested on 20 users who logged in while being shoulder surfed. The results showed that shoulder surfing attacks were successfully prevented. With only one attempt, 35% of the users logged in correctly. They had a 72% accuracy in identifying the pass faces. In contrast, none of the shoulder surfers managed to login despite being given three attempts. They guessed correctly only 17% of the user’s pass images.

Published
2021

9. A Study on Using Emojis in a Shoulder Surfing Resistant Authentication Method

Author

Vik Tor Goh, Mohamed Mahrous Amer, and Yvonne Hwei Syn Kam

Subjects
Graphical data, Password, User testing, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication, Shoulder surfing, Emoji, Computer science, Human–computer interaction, Authentication system
Abstract

While images or emojis offer good memorability when used in an authentication method, inherently graphical data are highly susceptible to shoulder surfing attacks. An authentication system incorporating emojis was proposed and designed, which offers resistance to shoulder surfing attacks. The proposed system implements emojis in place of numerics in the reference method, DragPIN, and adds cue questions. The methods are compared in terms of performance and memorability, through user testing. The proposed authentication system was found to be successful at resisting shoulder surfing attacks. After 4–6 weeks, memorability was also higher in the proposed method compared to the reference method.

Published
2021

10. Vulnerabilities in Online Food Ordering Website

Author

Ji-Jian Chin, Vik Tor Goh, and Yvonne Hwei Syn Kam

Subjects
Computer science, business.industry, E-commerce, business, Computer security, computer.software_genre, computer, Mechanism (sociology)
Abstract

In this paper, we show several vulnerabilities in the ordering mechanism of one of Malaysia’s online food ordering services company (which we will call “Company X”) website. In particular, we show that the system is open to several kinds of abuse, demonstrating two proof-of-concept attacks we carried out, as well as discuss more potentially disruptive theoretical attacks. We also suggest several countermeasures to rectify the issues, that are not only applicable to Company X website, but also to other similar online ordering systems.

Published
2020

11. A Client-Server Prototype of a Symmetric Key Searchable Encryption Scheme Using Open-Source Applications

Author

Syh-Yuan Tan, Yvonne Hwei Syn Kam, Ji-Jian Chin, Geong Sen Poh, and Wei-Chuen Yau

Subjects
Computer science, business.industry, Client-side encryption, Encryption, computer.software_genre, Filesystem-level encryption, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Attribute-based encryption, On-the-fly encryption, business, computer, Computer network
Abstract

Searchable encryption is a cryptographic primitive that allows a user to confidentially store items on an outside server and grants the user the capability to search for any particular item that is stored without the server or any third party observers learning anything with regards to the item that is being searched for. In 2006, Curtmola et al. strengthened the security notions for symmetric-key searchable encyrption (SSE) and proposed two secure constructions that utilize only a conventional symmetric-key encryption scheme such as Advanced Encryption Standard (AES). In this work, we show a client-server prototype implementation of the adaptive-secure scheme by Curtmola et al. utilizing only open source software on both client and server side. We show that our implementation runs in reasonable time and provides confidential search functions as defined by SSE schemes.

Published
2015

12. Preventing Shoulder-Surfing Attack with the Concept of Concealing the Password Objects' Information

Author

Yvonne Hwei Syn Kam, Mee Chin Wee, Lip Yee Por, Peng Foong Ho, and Yu Nam Chong

Subjects
Male, Zero-knowledge password proof, Shoulder, Article Subject, Computer science, Salt (cryptography), lcsh:Medicine, Computer security, computer.software_genre, lcsh:Technology, One-time password, General Biochemistry, Genetics and Molecular Biology, S/KEY, Password strength, Computer Graphics, Humans, lcsh:Science, Computer Security, General Environmental Science, Password, Password policy, Cognitive password, lcsh:T, lcsh:R, General Medicine, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, lcsh:Q, Female, computer, Photic Stimulation, Research Article
Abstract

Traditionally, picture-based password systems employ password objects (pictures/icons/symbols) as input during an authentication session, thus making them vulnerable to “shoulder-surfing” attack because the visual interface by function is easily observed by others. Recent software-based approaches attempt to minimize this threat by requiring users to enter their passwords indirectly by performing certain mental tasks to derive the indirect password, thus concealing the user’s actual password. However, weaknesses in the positioning of distracter and password objects introduce usability and security issues. In this paper, a new method, which conceals information about the password objects as much as possible, is proposed. Besides concealing the password objects and the number of password objects, the proposed method allows both password and distracter objects to be used as the challenge set’s input. The correctly entered password appears to be random and can only be derived with the knowledge of the full set of password objects. Therefore, it would be difficult for a shoulder-surfing adversary to identify the user’s actual password. Simulation results indicate that the correct input object and its location are random for each challenge set, thus preventing frequency of occurrence analysis attack. User study results show that the proposed method is able to prevent shoulder-surfing attack.

Published
2014

13. Design and Development of a Multimedia Interactive Lab for Distance Learning Applications in the WWW

Author

Soon-Nyean Cheong, Yvonne Hwei Syn Kam, A. H. You, and Su Fong Chien

Subjects
Multimedia, business.industry, Computer science, Distance education, Virtual reality, computer.software_genre, Field (computer science), Development (topology), Human–computer interaction, ComputingMilieux_COMPUTERSANDEDUCATION, Virtual Laboratory, The Internet, Laboratory experimentation, business, computer
Abstract

Currently, distance education (DE) courses in Malaysia are only for the non-scientific field since DE lacks the laboratory experimentation indispensable to science. The concept of Virtual laboratory provides a timely solution. This paper describes the development and implementation of a novel, multimedia interactive laboratory (MI-LAB) for online experimentation. The aim of the MI-LAB project is to provide students access via the Internet to various experiments in conceptual physics, simplifying experimentation for home-learners and professionals in a distance teaching environment. MI-LAB's effectiveness is thoroughly demonstrated in the development of the Hall Effect experiment lab aimed at enhancing student's understanding. MI-LAB supplements the physical lab by augmenting student's learning experiences with relevant information, questions, graphs and video demonstrations. This Web approach integrates Flash actionscript to do extensive simulations and interactive animation of physics based experiments in virtual reality. MI-LAB is a low cost, zero maintenance, and risk-free alternative to conventional lab for DE.

Published
2002

Catalog

Books, media, physical & digital resources
See catalog results