Professorship for Security, Privacy & Society

Search

en

Completed Projects

Combating Phishing with AR

Phishing attacks trick people by using social engineering techniques that exploit emotions or weaknesses, such as inattentiveness. Together with collaboration partners from the Swiss Cyber Defence Campus and the University of Oxford spinnout phishAR, we conduct research on human-centered cybersecurity solutions to create targeted interventions that support users against phishing. To that end, we employ augmented reality (AR) to educate and inform users about the dangers of phishing and to assist them in identifying and avoiding such attacks. By using AR, we aim to create engaging and immersive experiences that help users to better understand the risks associated with phishing and to develop systems that compensate for human weaknesses and enhance human strengths when encountering phishing threats.

The project is kindly financially supported by the external pageCyber Defence Campus and Armasuisse W+T.

Project Duration: 01/2023-12/2023

Usable Authentication

The password still is the most commonly used authentication scheme despite downsides such as the high memory load for users. As a coping strategy, users often create weak passwords or reuse passwords across accounts which negatively impact password security. Alternatives not only exist but are manifold including various biometric (e.g. fingerprint authentication) and token-based schemes (e.g. chip cards). But which schemes are favorable from a user perspective in terms of usability and security perceptions? Which solutions can replace the password, and under which circumstances and in which situations? Which schemes or combination of schemes are sufficiently secure for the authentication purpose, e.g. online banking? These and related questions are addressed by the Security, Privacy and Society Group.

Exemplary publications

Marky, Karola; Schmitz, Martin; Zimmermann, Verena; Herbers, Martin; Kunze, Kai; Mühlhäuser, Max (2020): 3D-Auth: Two-Factor Authentication with Personalized 3D-Printed Items. p. 12, ACM, CHI '20: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, ISBN 978-1-4503-6708-0, DOI: 10.1145/3313831.3376189

Zimmermann, Verena; Gerber, Nina (2020): The password is dead, long live the password – A laboratory study on user perceptions of authentication schemes. In: International Journal of Human-Computer Studies, 133, pp. 26-44, Elsevier, DOI: 10.1016/j.ijhcs.2019.08.006

Zimmermann, Verena; Gerber, Nina; Mayer, Peter; Kleboth, Marius; Preuschen, Alexandra von; Schmidt, Konstantin (2019): Keep on rating – on the systematic rating and comparison of authentication schemes. In: Information & Computer Security, Emerald Publishing, ISSN 2056-4961, DOI: 10.1108/ICS-01-2019-0020

JavaScript has been disabled in your browser