Hi, I'm Andreas, I worked as lecture recording HiWi and operate the camera and cut the movies for iPhone Programming and HCI Design Patterns in WS09/10 and SS10.
Also I wrote my diploma thesis on multitouch authentication, supervised by Jonathan Diehl.
Shoulder surfing is a constantly rising threat for IT security with lots of research potential. Few researchers looked into shoulder surfing security and most of them concentrated on new and not widely available hardware. New approaches are needed for a release to the public.
Main goal of this thesis is the development of authentication systems for increasingly popular multitouch systems. Main attributes of these systems shall be usability and security against shoulder surfing attacks.
A taxonomy was made, classifying up-to-date mutlitouch authentication systems to show potential for future research. Based on this, three prototypes were developed.
Utilizing paper prototypes, a study with 11 users was conducted and showed recognition rates of 70%-90% by humans. This study showed a 100% shoulder surfing security.
Subsequently, software prototypes were developed on a MacBookPro. The system was trained by machine learning and a user study with 62 users was conducted. The authentication data was gathered, learned and analyzed.
The software prototype could be improved to a recognition rate of 75% and all three authentication systems were graded "usable" by the users.