Professor Zhang Dongsong, Department of Business Information Systems and Operations Management, University of North Carolina, Charlotte, was invited to give an academic report
Contributed by, Photographer: Department of Management Engineering
At the invitation of the School of Management and Economics, Professor Zhang Dongsong of the Department of Business Information Systems and Operations Management at the University of North Carolina, Charlotte, made an academic report entitled "shoulder-finding resident mobile user authentication: a comparison of touch style - and keystroke-based password methods" online at 10 a.m. on October 26, 2022. The seminar was presided over by Associate Professor Jia Lin, and attended by many teachers and students of the college."Shoulder-surfing attack" refers to the act of peeking at the victim through direct observation or video without the victim's knowledge in order to obtain his or her identity or personal information. Professor Zhang first introduced the background of mobile device security and peeping behavior. On this basis, Professor Zhang summarized the strategies to prevent peeping from four aspects: visual reduction, behavior disassembly, knowledge dissemination and feature recognition, put forward the research questions of this paper, and established assumptions based on relevant research contents. In order to fully understand the degree of protection of two different cryptographic methods against peeping behavior, Professor Zhang's research considered four situational variables: the way of password mixing, human-computer interaction mode, observation angle and input error, and constructed relevant assumptions and indicators to measure effectiveness and efficiency. Finally, the research verifies the research hypothesis by designing 24 groups of longitudinal laboratory experiments and online experiments. Professor Zhang introduced the experimental results. The results show that the password method based on touch gesture is better than the password method based on keys in preventing users from peeping. The research results provide empirical evidence for the impact of interaction mode, observation angle and observation strength on the prevention of peeping behavior, and also provide suggestions on how to enhance the security of password-based authentication methods.After the report, the teachers and students at the meeting had a positive and full discussion with Professor Zhang. The report received a warm response and was unanimously praised by teachers and students.After the report, the teachers and students at the meeting had a positive and full discussion with Professor Zhang. The report received a warm response and was unanimously praised by teachers and students.Profile of Professor Zhang Dongsong:
Professor Zhang Dongsong is currently the Belk Chair Professor of Business Analysis, Department of Business Information Systems and Operations Management, University of North Carolina, Charlotte, and the Research Director of the School of Data Science. In 2002, he received a doctor's degree in management information system from the Eller School of Management, University of Arizona, USA. His research mainly includes knowledge management, online community, e-commerce, automatic identification of online fraud and other fields. At present, he has published about 100 academic papers in relevant academic journals and conferences, including MIS Quarterly, Journal of Management Information Systems (JMIS), IEEE Transactions on Knowledge and Data Engineering (TKDE), IEEE Transactions on Software Engineering, IEEE Transactions on Systems, Man, Cybernetics, Decision Support Systems and Information&Management. He has received research grants from the National Science Foundation (NSF), the National Institutes of Health (NIH), Google, the National Natural Science Foundation of China, the Chinese Academy of Sciences, the Royal Society and other institutions. He is now a senior editor, deputy editor and editorial board member of several internationally renowned journals in the field of information systems and e-commerce, including MIS Quarterly, Journal of Management Information Systems (JMIS), Communications of the ACM (CACM), Journal of Association of Information Systems, etc