Regresar

Social Engineering Shoulder Surfing Attacks (SSAs): A Literature Review. Lessons, Challenges, and Future Directions

Abstract:

Shoulder Surfing Attacks (SSAs) represent a significant threat to user authentication (UA) methods, especially to the process based on the user’s knowledge in which the attacker writes down, memorizes, or records the user’s credential input. This study aims to offer the scientific community, industry, readers, and users a meta-analysis to understand this problem and develop software solutions for this threat. In this study, we systematically reviewed the literature using the methodological guide of Barbara Kitchenham. The results show that the UA method protected against SSA is based on Physiological Biometrics. Furthermore, this study determined that the primary detection and mitigation tools are the fisheye lens in the front camera for mobile devices, the Vicon system, which captures the position of each person and the orientations of the head and torso concerning the screen that visualizes, using the Kinect 2, computer and laptop cameras to capture images. Likewise, this research evidenced that some works used Deep Learning combined with Face Recognition, relying on the characteristics of electronic devices, such as dimming, device brightness, display of alerts, and activation of the lock screen, among others, to detect and mitigate these attacks. The study also showed some software and hardware artifacts used and studied to solve this problem. Finally, the meta-analysis determined future challenges and research directions for researchers looking for solutions to detect and mitigate SSA attacks.