University of Hertfordshire

By the same authors

Standard

A Study into the Usability and Security Implications of Text and Image Based Challenge Questions in the Context of Online Examination. / Ullah, Abrar; Xiao, Hannan; Barker, Trevor.

In: Education and Information Technologies, Vol. 24, No. 1, 15.01.2019, p. 13-39.

Research output: Contribution to journalArticle

Harvard

APA

Vancouver

Author

Bibtex

@article{adba8542d2254426bf3292ba882f7a0d,
title = "A Study into the Usability and Security Implications of Text and Image Based Challenge Questions in the Context of Online Examination",
abstract = "Online examinations are an integral component of online learning environments and research studies have identified academic dishonesty as a critical threat to the credibility of such examinations. Academic dishonesty exists in many forms. Collusion is seen as a major security threat, wherein a student invites a third party for help or to impersonate him or her in an online examination. This work aims to investigate the authentication of students using text-based and image-based challenge questions. The study reported in this paper involved 70 online participants from nine countries completing a five week online course and simulating an abuse case scenario. The results of a usability analysis suggested that i) image-based questions are more usable than text-based questions (p < 0.01) and ii) using a more flexible data entry method increased the usability of text-based questions (p < 0.01). An impersonation abuse scenario was simulated to test the influence of sharing with different database sizes. The findings revealed that iii) an increase in the number of questions shared for impersonation increased the success of an impersonation attack and the results showed a significant linear trend (p < 0.01). However, the number of correct answers decreased when the attacker had to memorize and answer the questions in an invigilated online examination or their response to questions was timed. The study also revealed that iv) an increase in the size of challenge question database decreased the success of an impersonation attack (p < 0.01).",
keywords = "Authentication, Challenge questions, Collusion, Computer security, Image based authentication, Online examinations",
author = "Abrar Ullah and Hannan Xiao and Trevor Barker",
note = "Open Access This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.",
year = "2019",
month = "1",
day = "15",
doi = "10.1007/s10639-018-9758-7",
language = "English",
volume = "24",
pages = "13--39",
journal = "Education and Information Technologies",
issn = "1360-2357",
publisher = "Springer",
number = "1",

}

RIS

TY - JOUR

T1 - A Study into the Usability and Security Implications of Text and Image Based Challenge Questions in the Context of Online Examination

AU - Ullah, Abrar

AU - Xiao, Hannan

AU - Barker, Trevor

N1 - Open Access This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

PY - 2019/1/15

Y1 - 2019/1/15

N2 - Online examinations are an integral component of online learning environments and research studies have identified academic dishonesty as a critical threat to the credibility of such examinations. Academic dishonesty exists in many forms. Collusion is seen as a major security threat, wherein a student invites a third party for help or to impersonate him or her in an online examination. This work aims to investigate the authentication of students using text-based and image-based challenge questions. The study reported in this paper involved 70 online participants from nine countries completing a five week online course and simulating an abuse case scenario. The results of a usability analysis suggested that i) image-based questions are more usable than text-based questions (p < 0.01) and ii) using a more flexible data entry method increased the usability of text-based questions (p < 0.01). An impersonation abuse scenario was simulated to test the influence of sharing with different database sizes. The findings revealed that iii) an increase in the number of questions shared for impersonation increased the success of an impersonation attack and the results showed a significant linear trend (p < 0.01). However, the number of correct answers decreased when the attacker had to memorize and answer the questions in an invigilated online examination or their response to questions was timed. The study also revealed that iv) an increase in the size of challenge question database decreased the success of an impersonation attack (p < 0.01).

AB - Online examinations are an integral component of online learning environments and research studies have identified academic dishonesty as a critical threat to the credibility of such examinations. Academic dishonesty exists in many forms. Collusion is seen as a major security threat, wherein a student invites a third party for help or to impersonate him or her in an online examination. This work aims to investigate the authentication of students using text-based and image-based challenge questions. The study reported in this paper involved 70 online participants from nine countries completing a five week online course and simulating an abuse case scenario. The results of a usability analysis suggested that i) image-based questions are more usable than text-based questions (p < 0.01) and ii) using a more flexible data entry method increased the usability of text-based questions (p < 0.01). An impersonation abuse scenario was simulated to test the influence of sharing with different database sizes. The findings revealed that iii) an increase in the number of questions shared for impersonation increased the success of an impersonation attack and the results showed a significant linear trend (p < 0.01). However, the number of correct answers decreased when the attacker had to memorize and answer the questions in an invigilated online examination or their response to questions was timed. The study also revealed that iv) an increase in the size of challenge question database decreased the success of an impersonation attack (p < 0.01).

KW - Authentication

KW - Challenge questions

KW - Collusion

KW - Computer security

KW - Image based authentication

KW - Online examinations

UR - http://www.scopus.com/inward/record.url?scp=85048815226&partnerID=8YFLogxK

U2 - 10.1007/s10639-018-9758-7

DO - 10.1007/s10639-018-9758-7

M3 - Article

VL - 24

SP - 13

EP - 39

JO - Education and Information Technologies

JF - Education and Information Technologies

SN - 1360-2357

IS - 1

ER -