Eiji Hayashi

Learn More
A number of recent scams and security attacks (phishing, spyware, fake terminals, ...) hinge on a crook's ability to <i>observe</i> user behavior. In this paper, we describe the design, implementation, and evaluation of a novel class of user authentication systems that are resilient to observation attacks. Our proposal is the first to rely on the human(More)
In this paper, we propose and evaluate Use Your Illusion, a novel mechanism for user authentication that is secure and usable regardless of the size of the device on which it is used. Our system relies on the human ability to recognize a degraded version of a previously seen image. We illustrate how distorted images can be used to maintain the usability of(More)
Most mobile phones and tablets support only two access control device states: locked and unlocked. We investigated how well all or-nothing device access control meets the need of users by interviewing 20 participants who had both a smartphone and tablet. We find all-or-nothing device access control to be a remarkably poor fit with users' preferences. On(More)
While past work has examined password usage on a specific computer, web site, or organization, there is little work examining overall password usage in daily life. Through a diary study, we examine all usage of passwords, and offer some new findings based on quantitative analyses regarding how often people log in, where they log in, and how frequently(More)
We introduce context-aware scalable authentication (CASA) as a way of balancing security and usability for authentication. Our core idea is to choose an appropriate form of active authentication (e.g., typing a PIN) based on the combination of multiple passive factors (e.g., a user's current location) for authentication. We provide a probabilistic framework(More)
We explore how well the intersection between our own everyday memories and those captured by our smartphones can be used for what we call autobiographical authentication-a challenge-response authentication system that queries users about day-to-day experiences. Through three studies-two on MTurk and one field study-we found that users are good, but make(More)
While a large body of research on image-based authentication has focused on memorability, comparatively less attention has been paid to the new security challenges these schemes may introduce. Because images can convey more information than text, image-based authentication may be more vulnerable to educated guess attacks than passwords. In this paper, we(More)
Time is a difficult concept for parents to communicate with young children. We developed TimeBlocks, a novel tangible, playful object to facilitate communication about concepts of time with young children. TimeBlocks consists of a set of cubic blocks that function as a physical progress bar. Parents and children can physically manipulate the blocks to(More)
This study reports on melatonin treatment in autism. A 14-year-old autistic male with severe mental retardation was given melatonin at a dose of 6 mg at 9:00 pm (C1) or 11:00 pm (C2). His parents kept a sleep diary. In C1, he often experienced early morning waking and fragmented night sleep but in C2, night sleep was prolonged and sleep-wake rhythm was(More)
We introduce a body-based identification system that leverages individual differences in body segment lengths and hand waving gesture patterns. The system identifies users based on a two-second hand waving gesture captured by a Microsoft Kinect. To evaluate our system, we collected 8640 gesture measurements from 75 participants through two lab studies and a(More)