Abstract
No matter how sophisticated an authentication system has been devised, human is often considered as the weakest link in the security chain. Security problems can stem from bad interactions between humans and systems. Eye movement is a natural interaction modality. The application of eye tracking technology in authentication offers a promising and feasible solution to the trading-off between the usability and the security of an authentication system. This paper conducts a comprehensive survey on existing Eye Movement Based Authentication (EMBA) methodologies and systems, and briefly outlines the technical and methodological aspects of EMBA systems. We decompose the EMBA technique into three fundamental aspects: (1) eye movement input modality, (2) eye movement interaction mechanism, and (3) eye movement data recognition. The features and functions of the EMBA modules are further analyzed. An emphasis is put on the interrelationship among the modules and their general impacts on the formation and function of the EMBA framework. The paper attempts to provide a systemic treatment on the state of the art technology and also to outline some potential future development directions in eye movement based interaction or security systems.
Chapter PDF
Similar content being viewed by others
Keywords
References
Duchowski, A.T.: Eye Tracking Methodology: Theory and Practice. Springer-Verlag New York Inc., Secaucus (2003)
O’sullivan, C., Dingliana, J., Howlett, S.: Eye-movements and Interactive Graphics (2003)
Parkhurst, D., Culurciello, E., Niebur, E.: Evaluating variable resolution displays with visual search: task performance and eye movements. In: ETRA 2000: Proceedings of the 2000 Symposium on Eye Tracking Research & Applications, Palm Beach Gardens, Florida, United States, pp. 105–109. ACM, New York (2000)
Loschky, L.C., Mcconkie, G.W.: User performance with gaze contingent multiresolutional displays. In: ETRA 2000: Proceedings of the 2000 Symposium on Eye tracking Research & Applications, Palm Beach Gardens, Florida, United States, pp. 97–103. ACM, New York (2000)
Li, Z., Sun, Q., Lian, Y., Giusto, D.D.: An association-based graphical password design resistant to shoulder-surfing attack. In: IEEE International Conference on Multimedia and Expo., ICME 2005, pp. 245–8 (2005)
Blonder, G.E.: Graphical Password, United State Patent, 5559961 (1996)
Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: SSYM 1999: Proceedings of the 8th Conference on USENIX Security Symposium, Washington, D.C., pp.1–1. USENIX Association, Berkeley (1999)
Dhamija, R., Perrig, A.: Déjà Vu: a user study using images for authentication. In: SSYM 2000: Proceedings of the 9th Conference on USENIX Security Symposium, Denver, Colorado, pp. 4–4. USENIX Association, Berkeley (2000)
Sabzevar, A.P., Stavrou, A.: Universal multi-factor authentication using graphical passwords. In: SITIS 2008: Proceedings of the 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems, pp. 625–632. IEEE Computer Society, Washington, DC (2008)
Jobusch, D.L., Oldenhoeft, A.E.: A survey of password mechanisms: weaknesses and potential improvement, part 1 & 2. Comput. Secur. 8, 587–601 (1989)
Poole, A., Ball, L.: Eye tracking in human-computer interaction and usability research: current status and future prospects. In: Ghaoui, C. (ed.) Encyclopedia of Human Computer Interaction. IGI Global (2005)
Jacob, R., Karn, K.: Eye tracking in human-computer interaction and usability research: ready to deliver the promises. In: Hyona, J., Radach, R., Deubel, H. (eds.) The Mind’s Eye: Cognitive and Applied Aspects of Eye Movement Research. Elsevier Science, Oxford (2003)
Qvarfordt, P., Zhai, S.: Conversing with the user based on eye-gaze patterns. In: CHI 2005: Proceedings of the SIGCHI Conference on Human Factors In Computing Systems, Portland, Oregon, USA, pp. 221–230. ACM, New York (2005)
Weinshall, D., Kirkpatrick, S.: Passwords you’ll never forget, but can’t recall. In: CHI 2004 Extended Abstracts on Human Factors in Computing Systems, Vienna, Austria, pp. 1399–1402. ACM, New York (2004)
Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: AVI 2006: Proceedings of the Working Conference On Advanced Visual Interfaces, Venezia, Italy, pp. 177–184. ACM, New York (2006)
Patrick, A.S., Long, A.C., Flinn, S.: HCI and security systems. In: CHI 2003 Extended Abstracts On Human Factors In Computing Systems, Ft. Lauderdale, Florida, USA, pp. 1056–1057. ACM, New York (2003)
Faundez Zanuy, M.: Biometric security technology. IEEE Aerospace and Electronic Systems Magazine 21, 15–26 (2006)
Kumar, M., Garfinkel, T., Boneh, D., Winograd, T.: Reducing shoulder-surfing by using gaze-based password entry. In: SOUPS 2007: Proceedings of the 3rd Symposium on Usable Privacy And Security, Pittsburgh, Pennsylvania, pp 13–19. ACM, New York (2007)
Maeder, A.J., Fookes, C.B., Sridharan, S.: Gaze based user authentication for personal computer applications (2004)
Hoanca, B., Mock, K.: Secure graphical password system for high traffic public areas. In: ETRA 2006: Proceedings of the 2006 symposium on Eye Tracking Research \& Applications, San Diego, California, pp. 35–35. ACM, New York (2006)
Dunphy, P., Fitch, A., Olivier, P.: Gaze-Contingent Passwords at the ATM. Czech Republic, Prague, pp. 50–62, September 2–3, 2008
Maeder, A.J., Fookes, C.B.: A visual attention approach to personal identification. In: Eighth Australian and New Zealand Intelligent Information Systems Conference, December 10–12, 2003
De Luca, A., Weiss, R., Drewes, H.: Evaluation of eye-gaze interaction methods for security enhanced PIN-entry. In: OZCHI 2007: Proceedings of the 19th Australasian Conference on Computer-Human Interaction, Adelaide, Australia, pp. 199–202. ACM, New York (2007)
De Luca, A., Weiss, R., Hußmann, H., An, X.: Eyepass - eye-stroke authentication for public terminals. In: CHI 2008 Extended Abstracts on Human Factors in Computing Systems, Florence, Italy, pp. 3003–3008. ACM, New York (2008)
Drewes, H., Schmidt, A.: Interacting with the computer using gaze gestures. In: Baranauskas, C., Abascal, J., Barbosa, S.D.J. (eds.) INTERACT 2007. LNCS, vol. 4663, pp. 475–488. Springer, Heidelberg (2007)
Wobbrock, J.O., Myers, B.A., Kembel, J.A.: Edgewrite: a stylus-based text entry method designed for high accuracy and stability of motion. In: UIST 2003: Proceedings of the 16th annual ACM symposium on User Interface Software and Technology, Vancouver, Canada, pp. 61–70. ACM, New York (2003)
Ober, J., Hajda, J., Loska, J., Jamicki, M.: Application of eye movement measuring system OBER 2 to medicine and technology. In: Andresen, B.F., Scholl, M.S. (eds.) Society of Photo-Optical Instrumentation Engineers (SPIE) Conference Series; Society of Photo-Optical Instrumentation Engineers (SPIE) Conference Series, pp. 327–336, August 1997
Bednarik, R., Kinnunen, T., Mihaila, A., Fränti, P.: Eye-movements as a biometric. In: Kalviainen, H., Parkkinen, J., Kaarna, A. (eds.) SCIA 2005. LNCS, vol. 3540, pp. 780–789. Springer, Heidelberg (2005)
Suo, X., Zhu, Y., Owen, G.: Graphical passwords: a survey, 10 pp. (2005)
Kasprowski, P., Ober, J.: Eye movements in biometrics. In: Maltoni, D., Jain, A.K. (eds.) BioAW 2004. LNCS, vol. 3087, pp. 248–258. Springer, Heidelberg (2004)
Surakka, V., Illi, M., Isokoski, P., Hyönä, J., Radach, R., Deubel, H.: Voluntary eye movements in human-computer interaction. Elsevier Science, Oxford (2003)
Zhu, Z., Ji, Q.: Eye and gaze tracking for interactive graphic display. Machine Vision and Applications 15, 139–148 (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Y., Mou, X. (2015). Survey on Eye Movement Based Authentication Systems. In: Zha, H., Chen, X., Wang, L., Miao, Q. (eds) Computer Vision. CCCV 2015. Communications in Computer and Information Science, vol 546. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48558-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-662-48558-3_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-48557-6
Online ISBN: 978-3-662-48558-3
eBook Packages: Computer ScienceComputer Science (R0)