Augmented Reality Security Assistant
PI: Ivan Martinovic
Department: Computer Science
Computer users are faced with many security-critical decisions every day. These span from deciding whether to download a potentially malicious attachment, avoiding phishing attempts, or pairing their electronic devices. In contrast to expert users (i.e., those with a strong understanding of computer systems, security and cryptography), non-expert users struggle to understand and follow the subtle details that differentiate between secure online behaviour and actions that result in exploitation.
Our previous research has shown how to apply augmented reality concepts to mobile systems equipped with a camera in order to continuously and unobtrusively observe and supervise a user’s interaction with other electronic devices (such as laptops). An example of such supervision is preventing a compromised laptop from changing online banking transaction data that the user inputs. We have demonstrated the core idea by evaluating the algorithms with a series of in-laboratory experimental tests, and running a pilot user study which measured participants’ responses to a range of different attacks. The results are highly promising: the experimental prototype automatically prevents simulated attacks in more than 98% of attempts, while participants in the pilot study detected the majority of the remaining attacks. Yet, the existing proof of concept prototype is not ready to be deployed and tested in scenarios with real-world constraints.
In this 6 month project, we would like to take the next step towards real-world evaluation and potential commercialisation of the described AR Security Assistant (ARSA) by making it usable in everyday settings on a range of mobile devices. This requires extending the existing research prototype into a functional application developed by a professional Android developer, designing an effective and attractive user interface, and running a usability study with a larger number of participants from the general population.