Medusa3D : The Watchful Eye Freezing Illegitimate Users in Virtual Reality Interactions

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review

View graph of relations

Author(s)

Related Research Unit(s)

Detail(s)

Original languageEnglish
Article number270
Number of pages21
Journal / PublicationProceedings of the ACM on Human-Computer Interaction
Volume8
Issue numberMHCI
Online published24 Sept 2024
Publication statusPublished - Sept 2024

Abstract

The remarkable growth of Virtual Reality (VR) in recent years has extended its applications beyond entertainment to sectors including education, e-commerce, and remote communication. Since VR devices contain user's private information, user authentication becomes increasingly important. Current authentication systems in VR, such as password-based or static biometric-based methods, are either cumbersome to use or vulnerable to attacks such as shoulder surfing. To address these limitations, we propose Medusa3D, a challenge-response authentication system for VR based on reflexive eye responses. Unlike existing methods, reflexive eye responses are involuntary and effortless, offering a secure and user-friendly credential for authentication. We implement Medusa3D on an off-the-shelf VR and conduct evaluations with 25 participants. The evaluation results show that Medusa3D achieves 0.21% FAR and 0.13% FRR, demonstrating high security under various ocular conditions and resilience against attacks such as zero-effort attack, replay attack, and mimicry attack. A user study indicates that Medusa3D is user-friendly and well-adopted among participants. © 2024 Copyright held by the owner/author(s).

Research Area(s)

  • VR, user authentication, gaze

Bibliographic Note

Full text of this publication does not contain sufficient affiliation information. Related Research Unit(s) information for this record is supplemented by the author(s) concerned