scispace - formally typeset
Search or ask a question
Author

Jong-Woo Kim

Bio: Jong-Woo Kim is an academic researcher from Pusan National University. The author has contributed to research in topics: Password psychology & Password. The author has an hindex of 3, co-authored 4 publications receiving 40 citations.

Papers
More filters
Proceedings ArticleDOI
21 Feb 2011
TL;DR: This paper presents a new shoulder-surfing resistant password that makes it difficult for attackers to observe a user's password by requiring the user to locate his or her password in the given password grid instead of entering the password.
Abstract: In mobile devices such as smart phones, it is important to provide adequate user authentication. Conventional text-based passwords have significant drawbacks though they are used as the most common authentication method. To address the vulnerabilities of traditional text-based passwords, graphical password schemes have been developed as possible alternative solutions. However, a potential drawback of graphical password schemes is that they are more vulnerable to shoulder-surfing than conventional text-based passwords. In this paper, we present a new shoulder-surfing resistant password. Our approach makes it difficult for attackers to observe a user's password by requiring the user to locate his or her password in the given password grid instead of entering the password (Figure 1). Security analysis for shoulder-surfing attacks shows that our password is robust against both random and shoulder-surfing attacks.

37 citations

Proceedings ArticleDOI
29 Jun 2010
TL;DR: This paper presents an effective image-based CAPTCHA based on the orientation of N-gonal cropped sub-images as a solution of CAPTCHAs and discusses usability of the CAPTcha and the efficient values of the number of orientations and the crop size through user experiments and SVM-based machine learning tests.
Abstract: An increasing number of public web services have attempted to prevent exploitation by bots and automated scripts, by requiring a user to solve a Turing-test problem, namely a ”Completely Automated Public Turing test to tell Cmputers and Humans Apart (CAPTCHA)”, before they are allowed to use web services. In this paper, we present an effective image-based CAPTCHA based on the orientation of N-gonal cropped sub-images as a solution of CAPTCHAs. Our CAPTCHA is based on the difficulty of detecting the orientation of N-gonal sub-images. In our CAPTCHA, the number of orientations and the crop size are important considerations, since our CAPTCHA requires users to find the orientation of sub-images cropped in the form of a regular polygon. So, we discuss usability of our CAPTCHA and the efficient values of the number of orientations and the crop size through user experiments and SVM-based machine learning tests in this paper.

3 citations

Journal ArticleDOI
TL;DR: A new method to measure the capacity of communication between chat agents and a novel visualization method to depict the hierarchical structure of chat dialogues are proposed and concerned with communication networks for virtual people (avatars) living in virtual worlds.
Abstract: Internet chat programs and instant messaging services are becoming increasingly popular among Internet users. One of the crucial issues with Internet chat is how to manage the corresponding pairs of questions and answers in a sequence of conversations. Although many novel methodologies have been introduced to cope with this problem, most are poor in managing interruptions, organizing turn-taking, and conveying comprehension. The Internet environment is recently evolving into a 3D environment, but the problems with managing chat dialogues with the standard 2D text-based chat have remained. Therefore, we propose a more realistic communication model for chat agents in 3D virtual space in this paper. First, we propose a new method to measure the capacity of communication between chat agents and a novel visualization method to depict the hierarchical structure of chat dialogues. In addition, we are concerned with communication networks for virtual people (avatars) living in virtual worlds. In this paper we consider a microscopic aspect of a social network in a relatively short period of time. Our experiments show that our model is highly effective in a virtual chat environment, and the communication network based on our model greatly facilitates investigation of a very large and complicated communication network.

3 citations


Cited by
More filters
Proceedings Article
01 Jan 2014
TL;DR: It was found that on average, participants spent around 2.9 % of their smartphone interaction time with authenticating, and participants that used a secure lock screen like PIN or Android unlock patterns considered it unnecessary in 24.1 % of situations.
Abstract: A lot of research is being conducted into improving the usability and security of phone-unlocking. There is however a severe lack of scientic data on users’ current unlocking behavior and perceptions. We performed an online survey (n = 260) and a one-month eld study ( n = 52) to gain insights into real world (un)locking behavior of smartphone users. One of the main goals was to nd out how much overhead unlocking and authenticating adds to the overall phone usage and in how many unlock interactions security (i.e. authentication) was perceived as necessary. We also investigated why users do or do not use a lock screen and how they cope with smartphone-related risks, such as shouldersurng or unwanted accesses. Among other results, we found that on average, participants spent around 2.9 % of their smartphone interaction time with authenticating (9 % in the worst case). Participants that used a secure lock screen like PIN or Android unlock patterns considered it unnecessary in 24.1 % of situations. Shoulder surng was perceived to be a relevant risk in only 11 of 3410 sampled situations.

250 citations

Journal ArticleDOI
TL;DR: A text-mining approach using a Bayesian statistical topic model called latent Dirichlet allocation is employed to conduct a comprehensive analysis of 150 articles from 115 journals, revealing seven relevant topics.

162 citations

Proceedings ArticleDOI
26 Apr 2014
TL;DR: The results indicate that switching the sides increases security while authentication speed stays relatively fast (≤ 4 seconds), and insights on accuracy of eyes-free input (as used in XSide) are provided.
Abstract: In this paper, we present XSide, an authentication mechanism that uses the front and the back of smartphones to enter stroke-based passwords. Users can switch sides during input to minimize the risk of shoulder surfing. We performed a user study (n = 32) to explore how switching sides during authentication affects usability and security of the system. The results indicate that switching the sides increases security while authentication speed stays relatively fast (≤ 4 seconds). The paper furthermore provides insights on accuracy of eyes-free input (as used in XSide) and shows how 3D printed prototype cases can improve the back-of-device interaction experience.

126 citations

Proceedings ArticleDOI
07 May 2016
TL;DR: It is found that PIN users take longer to enter their codes, but commit fewer errors than pattern users, who unlock more frequently and are very prone to errors.
Abstract: To prevent unauthorized parties from accessing data stored on their smartphones, users have the option of enabling a "lock screen" that requires a secret code (e.g., PIN, drawing a pattern, or biometric) to gain access to their devices. We present a detailed analysis of the smartphone locking mechanisms currently available to billions of smartphone users worldwide. Through a month-long field study, we logged events from a panel of users with instrumented smartphones (N=134). We are able to show how existing lock screen mechanisms provide users with distinct tradeoffs between usability (unlocking speed vs. unlocking frequency) and security. We find that PIN users take longer to enter their codes, but commit fewer errors than pattern users, who unlock more frequently and are very prone to errors. Overall, PIN and pattern users spent the same amount of time unlocking their devices on average. Additionally, unlock performance seemed unaffected for users enabling the stealth mode for patterns. Based on our results, we identify areas where device locking mechanisms can be improved to result in fewer human errors -- increasing usability -- while also maintaining security.

118 citations

Proceedings ArticleDOI
02 May 2013
TL;DR: This paper proposes an improved text-based shoulder surfing resistant graphical password scheme by using colors, and shows the resistance of the proposed scheme to shoulder surfing and accidental login.
Abstract: Since conventional password schemes are vulnerable to shoulder surfing, many shoulder surfing resistant graphical password schemes have been proposed However, as most users are more familiar with textual passwords than pure graphical passwords, text-based graphical password schemes have been proposed Unfortunately, none of existing text-based shoulder surfing resistant graphical password schemes is both secure and efficient enough In this paper, we propose an improved text-based shoulder surfing resistant graphical password scheme by using colors In the proposed scheme, the user can easily and efficiently login system Next, we analyze the security and usability of the proposed scheme, and show the resistance of the proposed scheme to shoulder surfing and accidental login

45 citations