Article
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Authentication of personal computing device is prone to shoulder-surfing attacks. Gesture-based techniques are often used for such authentication. However, existing techniques fall prey to identity theft. The main reason is the visual trails that are left behind by the patterns or gestures. In this paper, a typical gesture-based authentication technique developed using an industry standard motion sensor, has been tested against shoulder-surfing attacks. We exploit the concept of difference in point-of-views of the user and the attacker to analyse the robustness of a password. In this quest, we have proposed a method to calculate strength of the passwords that can guide the users to carefully select the passwords. In this study, 840 authentication sessions were video recorded from different angles and positions to analyse the robustness of the passwords. Twenty volunteers were involved to observe these videos to decipher the passwords. Experiment results reveal that when the passwords are chosen carefully, guessing through shoulder surfing can be very difficult with average true negative rate of 94.4%. The method can be used to guide the users for selecting strong passwords for authentication in personal devices.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

Conference Paper
Shoulder Surfing Attacks (SSAs) represent a significant threat to user authentication (UA) methods, especially to the process based on the user’s knowledge in which the attacker writes down, memorizes, or records the user’s credential input. This study aims to offer the scientific community, industry, readers, and users a meta-analysis to understand this problem and develop software solutions for this threat. In this study, we systematically reviewed the literature using the methodological guide of Barbara Kitchenham. The results show that the UA method protected against SSA is based on Physiological Biometrics. Furthermore, this study determined that the primary detection and mitigation tools are the fisheye lens in the front camera for mobile devices, the Vicon system, which captures the position of each person and the orientations of the head and torso concerning the screen that visualizes, using the Kinect 2, computer and laptop cameras to capture images. Likewise, this research evidenced that some works used Deep Learning combined with Face Recognition, relying on the characteristics of electronic devices, such as dimming, device brightness, display of alerts, and activation of the lock screen, among others, to detect and mitigate these attacks. The study also showed some software and hardware artifacts used and studied to solve this problem. Finally, the meta-analysis determined future challenges and research directions for researchers looking for solutions to detect and mitigate SSA attacks.
Article
Rapid advancement in sensor technology through miniaturization of electronic components has enabled the consumer electronic (CE) research community including the manufacturers to embed various utility sensors into handheld devices. In addition to traditional sensors such as Inertial Measurement Unit (IMU), camera, fingerprint or proximity, futuristic sensors such as Electroencephalogram (EEG) or Electromyography (EMG) are also being included in the next-generation CE devices. Air or touch signature-based authentication systems are common in modern CE devices. However, cerebral activities clubbed with gestures will certainly enhance the security of such authentication systems. This can help consumers from being the victims of shoulder surfing attacks. In this paper, a new method is proposed to verify air signatures by analyzing finger movements and cerebral activities together with the help of sensors in next-generation CE devices. Signatures are first spotted by analyzing 3D geometrical features of the finger movement during the signing. Concurrent EEG responses are then analyzed for the verification. Hidden Markov Model (HMM) and Random Forest (RF) classifiers have been used to train the system. Experiments reveal that EEG signals are highly correlated with the finger movements during air signatures even in the presence of motion artifacts. Therefore, false-positive rates have significantly reduced as compared to the existing tracking-based methods. Verification accuracy as high as 95.5% (HMM) and 98.5% (RF) have been recorded when tested on our dataset.
Conference Paper
Full-text available
he individual distinguishing proof number or(PIN) and Passwords are the remarkable well known verificationstrategy used in different gadgets, for example, Atms, cell phones,and electronic gateway locks. Unfortunately, the traditional PIN-entrance technique is helpless vulnerable against shoulder-surfing attacks. However, the security examinations used tosupport these proposed system are not focused around onlyquantitative investigation, but instead on the results ofexperiments and testing performed on proposed system. Wepropose a new theoretical and experimental technique forquantitative security investigation of PIN-entry method. In thispaper we first introduce new security idea know as Grid BasedAuthentication System and rules for secure PIN-entry method byexamining the current routines under the new structure. Thus byconsider the existing systems guidelines; we try to develop a newPIN-entry method that definitely avoids human shoulder-surfingattacks by significantly increasing the amount of calculationscomplexity that required for an attacker to penetrate through thesecure system (PDF) Advanced pin entry method by resisting shoulder surfing attacks. Available from: https://www.researchgate.net/publication/305297706_Advanced_pin_entry_method_by_resisting_shoulder_surfing_attacks [accessed Aug 16 2024].
Article
Full-text available
Authentication based on passwords is used largely in applications for computer security and privacy. However, human actions such as choosing bad passwords and inputting passwords in an insecure way are regarded as ”the weakest link” in the authentication chain. Rather than arbitrary alphanumeric strings, users tend to choose passwords either short or meaningful for easy memorization. With web applications and mobile apps piling up, people can access these applications anytime and anywhere with various devices. This evolution brings great convenience but also increases the probability of exposing passwords to shoulder surfing attacks. Attackers can observe directly or use external recording devices to collect users’ credentials. To overcome this problem, we proposed a novel authentication system PassMatrix, based on graphical passwords to resist shoulder surfing attacks. With a one-time valid login indicator and circulative horizontal and vertical bars covering the entire scope of pass-images, PassMatrix offers no hint for attackers to figure out or narrow down the password even they conduct multiple camera-based attacks. We also implemented a PassMatrix prototype on Android and carried out real user experiments to evaluate its memorability and usability. From the experimental result, the proposed system achieves better resistance to shoulder surfing attacks while maintaining usability.
Article
Full-text available
Physical rehabilitation supported by computer assisted interface is gaining popularity among health-care fraternity. In this paper, we have proposed a computer vision assisted contact-less methodology to facilitate palm and finger rehabilitation. Leap motion controller has been interfaced with a computing device to record parameters describing 3D movements of the palm of a user undergoing rehabilitation. We have proposed an interface using Unity3D development platform. Our interface is capable of analyzing intermediate steps of rehabilitation without the help of expert and it can provide online feedback to the user. Isolated gestures are classified using Linear Discriminant Analysis (DA) and Support Vector Machines (SVM). Finally, a set of discrete Hidden Markov Models (HMM) have been used to classify gesture sequence performed during rehabilitation. Experimental validation using a large number of samples collected from healthy volunteers reveals that, discriminant analysis and support vector machine perform similarly while applied on isolated gesture recognition. We have compared the results of HMM-based sequence classification with CRF-based techniques. Our results confirm that, both HMM and CRF perform quite similarly when tested on gesture sequences. The proposed system can be used for home-based palm or finger rehabilitation in the absence of experts.
Article
Full-text available
In this paper, a multimodal hand gesture detection and recognition system using differential Pyro-electric Infrared (PIR) sensors and a regular camera is described. Any movement within the viewing range of the differential PIR sensors are first detected by the sensors and then checked if it is due to a hand gesture or not by video analysis. If the movement is due to a hand, one-dimensional continuous-time signals extracted from the PIR sensors are used to classify/recognize the hand movements in real-time. Classification of different hand gestures by using the differential PIR sensors is carried out by a new winner-take-all (WTA) hash based recognition method. Jaccard distance is used to compare the WTA hash codes extracted from 1-D differential infrared sensor signals. It is experimentally shown that the multimodal system achieves higher recognition rates than the system based on only the on/off decisions of the analog circuitry of the PIR sensors 1 . Index Terms — Hand gesture recognition, infrared sensors, sensor fusion, wavelet transform, winner-take-all (WTA) hash method.
Conference Paper
Full-text available
In this work we present a novel framework for the real-time interaction with 3D models in augmented virtual reality. Our framework incorporates view-dependent stereoscopic rendering of the reconstructed environment together with user's hands and a virtual object, and high-precision gesture recognition to manipulate it. Proposed setup consists of a Creative RGB-D camera, Oculus Rift VR head mounted display (HMD), Leap Motion hands and fingers tracker and an AR marker. The system is capable of augmenting the user's hands in relation to their point of view (POV) using the depth sensor mounted on the HMD, and allows manipulation of the environment through the Leap Motion sensor. The AR marker is used to determine the location of the Leap Motion sensor to help with consolidation of transformations between the Oculus and the Leap Motion sensor. Combined with accurate information from the Oculus HMD, the system is able to track the user's head and fingers, with 6-DOF, to provide a spatially accurate augmentation of the user's virtual hands. Such an approach allows us to achieve high level of user immersion since the augmented objects occlude the user's hands properly; something which is not possible with conventional AR. We hypothesize that users of our system will be able to perform better object manipulation tasks in this particular augmented VR setup as compared to virtual reality (VR) where user's hands are not visible, or if visible, always occlude virtual objects.
Article
Full-text available
Touchless-based fingerprint recognition technology is thought to be an alternative to touch-based systems to solve problems of hygienic, latent fingerprints, and maintenance. However, there are few studies about touchless fingerprint recognition systems due to the lack of a large database and the intrinsic drawback of low ridge-valley contrast of touchless fingerprint images. This paper proposes an end-to-end solution for user authentication systems based on touchless fingerprint images in which a multiview strategy is adopted to collect images and the robust fingerprint feature of touchless image is extracted for matching with high recognition accuracy. More specifically, a touchless multiview fingerprint capture device is designed to generate three views of raw images followed by preprocessing steps including region of interest (ROI) extraction and image correction. The distal interphalangeal crease (DIP)-based feature is then extracted and matched to recognize the human's identity in which part selection is introduced to improve matching efficiency. Experiments are conducted on two sessions of touchless multiview fingerprint image database with 541 fingers acquired about two weeks apart. An EER of ~ 1.7% can be achieved by using the proposed DIP-based feature, which is much better than touchless fingerprint recognition by using scale invariant feature transformation (SIFT) and minutiae features. The given fusion results show that it is effective to combine the DIP-based feature, minutiae, and SIFT feature for touchless fingerprint recognition systems. The EER is as low as ~ 0.5%.
Article
Full-text available
More than ever before the Internet is changing computing as we know it. Global access to information and resources is becoming an integral part of nearly every aspect of our lives. Unfortunately, with this global network access comes increased chances of malicious attack and intrusion. In an effort to confront the new threats unveiled by the networking revolution of the past few years reliable, rapid, and unintrusive means for automatically recognizing the identity of individuals are now being sought. In this paper we examine an emerging non-static biometric technique that aims to identify users based on analyzing habitual rhythm patterns in the way they type.
Conference Paper
Full-text available
This paper presents a set of interaction techniques for use in head- tracked immersive virtual environments. With these techniques, the user interacts with the 2D projections that 3D objects in the scene make on his image plane. The desktop analog is the use of a mouse to interact with objects in a 3D scene based on their projections on the monitor screen. Participants in an immersive environment can use the techniques we discuss for object selection, object manipulation, and user navigation in virtual environments. CR Categories and Subject Descriptors: 1.3.6 (Computer Graphics): Methodology and Techniques - InteractionTechniques; 1.3.7 (Computer Graphics): Three-Dimensional Graphics and Realism - VirtualReality. Additional Keywords: virtual worlds, virtual environments, navigation, selection, manipulation.
Conference Paper
We propose a personal authentication method against shoulder-surfing attacks for smartphone using secondary channel which is information transmitted to users only. Security level and usability of the proposed method is evaluated.
Article
Nowadays, mobile devices are often equipped with high-end processing units and large storage space. Mobile users usually store personal, official, and large amount of multimedia data. Security of such devices are mainly dependent on PIN (personal identification number), password, bio-metric data, or gestures/patterns. However, these mechanisms have a lot of security vulnerabilities and prone to various types of attacks such as shoulder surfing. The uniqueness of Electroencephalography (EEG) signal can be exploited to remove some of the drawbacks of the existing systems. Such signals can be recorded and transmitted through wireless medium for processing. In this paper, we propose a new framework to secure mobile devices using EEG signals along with existing pattern-based authentication. The pattern based authentication passwords are considered as identification tokens. We have investigated the use of EEG signals recorded during pattern drawing over the screen of the mobile device in the authentication phase. To accomplish this, we have collected EEG signals of 50 users while drawing different patterns. The robustness of the system has been evaluated against 2400 unauthorized attempts made by 30 unauthorized users who have tried to gain access of the device using known patterns of 20 genuine users. EEG signals are modeled using Hidden Markov Model (HMM), and using a binary classifier implemented with Support Vector Machine (SVM) to verify the authenticity of a test pattern. Verification performances are measured using three popular security matrices, namely Detection Error Trade-off (DET), Half Total Error Rate (HTER), and Receiver Operating Characteristic (ROC) curves. Our experiments revel that, the method is promising and can be a possible alternative to develop robust authentication protocols for hand-held devices.
Conference Paper
The most important kind of authentication used is PIN authentication which is simple, effective and usable, but it is prone to an attack known as shoulder surfing. Shoulder surfing refers to a direct observation, such as looking over a person's shoulder, to obtain information. The previous work was done with the visibility of the PIN, but here we propose an innovative way to authenticate user by providing PIN to the system which won't be visible to an attacker but will be known to the actual user who is drawing it on a touch screen device. This will help in reducing the effect of the shoulder surfing attack. Another important thing which we want to try out is whether the error rate can be lowered down or not. The current implementation will be working in two distinguishable modes i.e. Learning Mode and Recognition Mode. In learning mode, user will be able to make the system to learn the templates of any character or number by writing on a touch screen. In recognition mode, the system will automatically identify the character or number drawn on the touch screen and will display the result whether inputted character or number is matched or not.
Chapter
People often prefer to preserve a lot of confidential information in different electronic devices such as laptops, desktops, tablets, etc. Access to these personalized devices are managed through well known and robust user authentication techniques. Therefore, designing authentication methodologies using various input modalities received much attention of the researchers of this domain. Since we access such personalized devices everywhere including crowded places such as offices, public places, meeting halls, etc., the risk of an imposter gaining one’s identification information becomes highly feasible. One of the oldest but effective form of identity theft by observation is known as shoulder surfing. Patterns drawn by the authentic user on tablet surfaces or keys typed through keyboard can easily be recognized through shoulder surfing. Contact-less user interface devices such as Leap Motion controller can be used to mitigate some of the limitations of existing contact-based input methodologies. In this paper, we propose a robust user authentication technique that has been designed to counter the chances of getting one’s identity stolen by shoulder surfing. Our results reveal that, the proposed methodology can be quite effective to design robust user authentication systems, especially for personalized electronic devices.
Conference Paper
In this work we present a novel framework for the real-time interaction with 3D models in augmented virtual reality. Our framework incorporates view-dependent stereoscopic rendering of the reconstructed environment together with user's hands and a virtual object, and high-precision gesture recognition to manipulate it. Proposed setup consists of a Creative RGB-D camera, Oculus Rift VR head mounted display (HMD), Leap Motion hands and fingers tracker and an AR marker. The system is capable of augmenting the user's hands in relation to their point of view (POV) using the depth sensor mounted on the HMD, and allows manipulation of the environment through the Leap Motion sensor. The AR marker is used to determine the location of the Leap Motion sensor to help with consolidation of transformations between the Oculus and the Leap Motion sensor. Combined with accurate information from the Oculus HMD, the system is able to track the user's head and fingers, with 6-DOF, to provide a spatially accurate augmentation of the user's virtual hands. Such an approach allows us to achieve high level of user immersion since the augmented objects occlude the user's hands properly; something which is not possible with conventional AR. We hypothesize that users of our system will be able to perform better object manipulation tasks in this particular augmented VR setup as compared to virtual reality (VR) where user's hands are not visible, or if visible, always occlude virtual objects.
Patent
The invention provides a method and apparatus for authenticating a user in a touchscreen environment. A first tier may be defined having at least one object, and a destination tier may be defined having at least one bin. An authentication-key may be registered, the authentication-key comprising a length defining a number of nodes and a correct sequence of nodes, each node specifying a movement of one object from the first tier to one bin of the destination tier. A user sequence of at least one touchscreen gestures is received, each gesture specifying that one object from the first tier should be moved to one bin of the destination tier. Access is permitted if the at least one touchscreen gestures corresponds to the length, the correct sequence, and the movement of the authentication-key.
Conference Paper
We performed a systematic evaluation of the shoulder surfing susceptibility of the Android pattern (un)lock. The results of an online study (n=298) enabled us to quantify the influence of pattern length, line visibility, number of knight moves, number of overlaps and number of intersections on observation resistance. The results show that all parameters have a highly significant influence, with line visibility and pattern length being most important. We discuss implications for real-world patterns and present a linear regression model that can predict the observability of a given pattern. The model can be used to provide proactive security measurements for (un)lock patterns, in analogy to password meters.
Article
Wearable wireless devices and ubiquitous computing are expected to grow significantly in the coming years. Standard inputs such as a mouse and keyboard are not well suited for such mobile systems and gestures are seen as an effective alternative to these classic input styles. This paper examines gesture recognition algorithms that use an inertial sensor worn on the forearm. The recognition algorithms use the sensor's quaternion orientation in either a Hidden Markov Model or Markov Chain based approach. A set of six gestures were selected to fit within the context of an active video game. Despite the fact that the Hidden Markov Model is one of the most commonly used methods for gesture recognition, the experiments showed that the Markov Chain based algorithms outperformed the Hidden Markov Model. The Markov Chain algorithm obtained an average accuracy of 95%, while also having a much faster computation time, making it better suited for real time applications.
Article
We propose an authentication method against shoulder-surfing attacks using two kinds of channel, which are a primary channel on which there is a possibility of shoulder-surfing attacks and a secondary channel on which there is information only recognized by the user. Security and usability of the proposed method is evaluated.
Article
As a near ideal biometric, iris authentication is widely used and mobile acquisition techniques are known. But iris acquisition on handheld imaging devices, such as smartphones, poses multiple, unique challenges. In this paper, a range of factors that affect the quality of iris images are reviewed. Iris size, image quality and acquisition wavelength are found to be key factors. Experimental results are presented confirming the lower limits of iris size for useful authentication performance. The authentication workflow for handheld devices is described. A case study on a current smartphone model is presented, including calculation of the pixel resolution that can be achieved with a visible-only optical system. Based on these analyses, system requirements for unconstrained acquisition in smartphones are discussed. Several design strategies are presented and key research challenges are outlined together with potential solutions.
Article
Mobile device security has become increasingly important as we become more dependent on mobile devices. One fundamental security problem is user authentication, and if not executed correctly, leaves the mobile user vulnerable to harm like impersonation and unauthorized access. Although many user authentication mechanisms have been presented in the past, studies have shown mobile users preferring usability over security. Furthermore, mobile users often unlock their devices in public spaces, inevitably resulting in a high possibility of user credentials disclosure. Motivated by the above, we introduce a novel user-habit-oriented authentication model, where mobile users can integrate their own habits (or hobbies) with user authentication on mobile devices. The user-habit-oriented authentication turns a tedious security action into an enjoyable experience. In addition, we propose a rhythm-based authentication scheme, providing the first proof of concept toward secure user-habit-oriented authentication for mobile devices. The proposed scheme also takes the first step toward using the theory of mind into security field. Experimental results show that the proposed scheme has high accuracy in terms of false rejection rate. In addition, the proposed scheme is able to protect from attacks caused by credential disclosure, which could be fatal if it was done through the traditional schemes.
Conference Paper
The use of non-invasive methods for detecting motion of the human body in three dimensions has become very popular in recent years due to commercial availability of economically priced 3D sensors. In this paper, we present a web-based interactive serious game interface that uses noninvasive methods to recognize the movements of the body. Our framework provides a mechanism that can engage disabled children in playing serious games while tracking, in the background, their movements in the 3D axes. Motion data of the subjects is collected through multiple sensors in a noninvasive manner. This information can be displayed on screen in a live manner or recorded for offline replaying and data analysis. The system incorporates an intelligent authoring tool that allows the therapist to design a therapy and assign it to a patient. The subject as well as other members of the Community of Interest such as therapists, parents and caregivers can view the results at any time and thus could follow up with patient's progress.
Article
Devising a user authentication scheme based on personal identification numbers (PINs) that is both secure and practically usable is a challenging problem. The greatest difficulty lies with the susceptibility of the PIN entry process to direct observational attacks, such as human shoulder-surfing and camera-based recording. This paper starts with an examination of a previous attempt at solving the PIN entry problem, which was based on an elegant adaptive black-and-white coloring of the 10-digit keypad in the standard layout. Even though the method required uncomfortably many user inputs, it had the merit of being easy to understand and use. Our analysis that takes both the experimental and theoretical approaches reveals multiple serious shortcomings of the previous method, including round redundancy, unbalanced key presses, highly frequent system errors, and insufficient resilience to recording attacks. The lessons learned through our analysis are then used to improve the black-and-white PIN entry scheme. The new scheme has the remarkable property of resisting camera-based recording attacks over an unlimited number of authentication sessions without leaking any of the PIN digits.
Article
When a user interacts with a computing system to enter a secret password, shoulder surfing attacks are of great concern. To cope with this problem, previous methods presumed limited cognitive capabilities of a human adversary as a deterrent, but there was a pitfall with the assumption. In this paper, we show that human adversaries, even without a recording device, can be more effective at eavesdropping than expected, in particular by employing cognitive strategies and by training themselves. Our novel approach called covert attentional shoulder surfing indeed can break the well known PIN entry method previously evaluated to be secure against shoulder surfing. Another contribution in this paper is the formal modeling approach by adapting the predictive human performance modeling tool for security analysis and improvement. We also devise a defense technique in the modeling paradigm to deteriorate severely the perceptual performance of the adversaries while preserving that of the user. To the best of our knowledge, this is the first work to model and defend the new form of attack through human performance modeling. Real attack experiments and user studies are also conducted.
Article
The personal identification number (PIN) is a well-known authentication method used in various devices, such as ATMs, mobile devices, and electronic door locks. Unfortunately, the conventional PIN-entry method is vulnerable to shoulder-surfing attacks. Consequently, various shoulder-surfing resistant methods have been proposed. However, the security analyses used to justify these proposed methods are not based on rigorous quantitative analysis, but instead on the results of experiments involving a limited number of human attackers. In this paper, we propose new theoretical and experimental techniques for quantitative security analysis of PIN-entry methods. We first present new security notions and guidelines for secure PIN-entry methods by analyzing the existing methods under the new framework. On the basis of these guidelines, we develop a new PIN-entry method that effectively obviates human shoulder-surfing attacks by significantly increasing the amount of short-term memory required in an attack.
Article
Password patterns, as used on current Android phones, and other shape-based authentication schemes are highly usable and memorable. In terms of security, they are rather weak since the shapes are easy to steal and reproduce. In this work, we introduce an implicit authentication approach that enhances password patterns with an additional security layer, transparent to the user. In short, users are not only authenticated by the shape they input but also by the way they perform the input. We conducted two consecutive studies, a lab and a long-term study, using Android applications to collect and log data from user input on a touch screen of standard commercial smartphones. Analyses using dynamic time warping (DTW) provided first proof that it is actually possible to distinguish different users and use this information to increase security of the input while keeping the convenience for the user high.
Article
User authentication based on username and password is the most common means to enforce access control. This form of access restriction is prone to hacking since stolen usernames and passwords can be exploited to impersonate legitimate users in order to commit malicious activity. Biometric authentication incorporates additional user characteristics such as the manner by which the keyboard is used in order to identify users. We introduce a novel approach for user authentication based on the keystroke dynamics of the password entry. A classifier is tailored to each user and the novelty lies in the manner by which the training set is constructed. Specifically, only the keystroke dynamics of a small subset of users, which we refer to as representatives, is used along with the password entry keystroke dynamics of the examined user. The contribution of this approach is twofold: it reduces the possibility of overfitting, while allowing scalability to a high volume of users. We propose two strategies to construct the subset for each user. The first selects the users whose keystroke profiles govern the profiles of all the users, while the second strategy chooses the users whose profiles are the most similar to the profile of the user for whom the classifier is constructed. Results are promising reaching in some cases 90 #x0025; area under the curve. In many cases, a higher number of representatives deteriorate the accuracy which may imply overfitting. An extensive evaluation was performed using a dataset containing over 780 users.
Article
Adequate user authentication is a persistent problem, particularly with handheld devices, which tend to be highly personal and at the fringes of an organization's influence. Yet, these devices are being used increasingly in corporate settings where they pose a security risk, not only by the sensitive information they may contain, but also the means to access such information they may provide. User authentication is the first line of defense against unauthorized access to the contents of a lost or stolen device. Motivating users to employ common password mechanisms and periodically change their authentication information to meet corporate policy is always a challenge, and particularly so for handheld devices. This paper reviews mechanisms, which are compatible with the capabilities of handheld devices and designed to facilitate user authentication, as alternatives to using passwords.
Touch pointer: Rethink point-and-click for accurate indirect touch interactions on small touchscreens
  • T Kwon
  • S Na
  • S Shin
T. Kwon, S. Na, and S. Shin, "Touch pointer: Rethink point-and-click for accurate indirect touch interactions on small touchscreens," IEEE Trans. Consum. Electron., vol. 60, no. 3, pp. 285-293, Aug. 2014.