Cited By
View all- Vhaduri SDibbo SMuratyan ACheung W(2024)mWIoTAuth: Multi-wearable data-driven implicit IoT authenticationFuture Generation Computer Systems10.1016/j.future.2024.05.025159(230-242)Online publication date: Oct-2024
Touch-behavioral Authentication on Smartphones using Machine Learning
March 2022
Pages 105 - 108
Abstract
The traditional authentication approaches for smartphones, such as PIN code or pattern-based password, are vulnerable of password hacking in public by shoulder-suffering or smudge attack. On the other side, advanced authentication approaches, such as fingerprints or retina-based recognition, required specific hardware or high computational power. In this work, we propose using the advancements in machine learning (ML) for providing the authentication mechanism without the requirement of any additional hardware. We propose the usage of users’ touch interaction behavior on smartphone screen to provide the required authentication mechanism. We propose the solution in two modes, i.e., using the supervised ML technique where the system is trained and then authorized the legitimate user using a set of simple shapes, and using the unsupervised ML technique where the system is trained on a user’s free touch interaction with the underlying device. Moreover, we conducted a preliminary user study with our supervised learning based system.
References
[1]
Ghazanfer Abbas, Shah Rukh Humayoun, Ragaad AlTarawneh, and Achim Ebert. 2018. Simple Shape-Based Touch Behavioral Biometrics Authentication for Smart Mobiles. In Proceedings of the 2018 International Conference on Advanced Visual Interfaces(Castiglione della Pescaia, Grosseto, Italy) (AVI ’18). Association for Computing Machinery, New York, NY, USA, Article 50, 3 pages. https://doi.org/10.1145/3206505.3206571
[2]
Ulrich Burgbacher, Manuel Prätorius, and Klaus Hinrichs. 2014. A behavioral biometric challenge and response approach to user authentication on smartphones. In 2014 IEEE International Conference on Systems, Man, and Cybernetics (SMC). 3328–3335. https://doi.org/10.1109/SMC.2014.6974441
[3]
Euisun Choi and Chulhee Lee. 2003. Feature extraction based on the Bhattacharyya distance. Pattern Recognition 36, 8 (2003), 1703–1709. https://doi.org/10.1016/S0031-3203(03)00035-9
[4]
Alexander De Luca, Alina Hang, Frederik Brudy, Christian Lindner, and Heinrich Hussmann. 2012. Touch Me Once and i Know It’s You! Implicit Authentication Based on Touch Screen Patterns. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (Austin, Texas, USA) (CHI ’12). Association for Computing Machinery, New York, NY, USA, 987–996. https://doi.org/10.1145/2207676.2208544
[5]
Kalyani Devidas Deshmane and S.A. Ghodake. 2015. Android Software Based Multi-touch Gestures Recognition for Secure Biometric Modality. In 2015 International Conference on Information Technology (ICIT). 107–112. https://doi.org/10.1109/ICIT.2015.44
[6]
Rachel Eardley, Anne Roudaut, Steve Gill, and Stephen J. Thompson. 2018. Investigating How Smartphone Movement is Affected by Body Posture. Association for Computing Machinery, New York, NY, USA, 1–8. https://doi.org/10.1145/3173574.3173776
[7]
Tao Feng, Ziyi Liu, Kyeong-An Kwon, Weidong Shi, Bogdan Carbunar, Yifei Jiang, and Nhung Nguyen. 2012. Continuous mobile authentication using touchscreen gestures. In 2012 IEEE Conference on Technologies for Homeland Security (HST). 451–456. https://doi.org/10.1109/THS.2012.6459891
[8]
Tao Feng, Jun Yang, Zhixian Yan, Emmanuel Munguia Tapia, and Weidong Shi. 2014. TIPS: Context-Aware Implicit User Identification Using Touch Screen in Uncontrolled Environments. In Proceedings of the 15th Workshop on Mobile Computing Systems and Applications (Santa Barbara, California) (HotMobile ’14). Association for Computing Machinery, New York, NY, USA, Article 9, 6 pages. https://doi.org/10.1145/2565585.2565592
[9]
Mario Frank, Ralf Biedert, Eugene Ma, Ivan Martinovic, and Dawn Song. 2013. Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication. IEEE Transactions on Information Forensics and Security 8, 1(2013), 136–148. https://doi.org/10.1109/TIFS.2012.2225048
[10]
Jan Gugenheimer, Alexander De Luca, Hayato Hess, Stefan Karg, Dennis Wolf, and Enrico Rukzio. 2015. ColorSnakes: Using Colored Decoys to Secure Authentication in Sensitive Contexts. In Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services (Copenhagen, Denmark) (MobileHCI ’15). Association for Computing Machinery, New York, NY, USA, 274–283. https://doi.org/10.1145/2785830.2785834
[11]
Georgios Kambourakis, Dimitrios Damopoulos, Dimitrios Papamartzivanos, and Emmanouil Pavlidakis. 2016. Introducing Touchstroke: Keystroke-Based Authentication System for Smartphones. Sec. and Commun. Netw. 9, 6 (apr 2016), 542–554. https://doi.org/10.1002/sec.1061
[12]
Lingjun Li, Xinxin Zhao, and Guoliang Xue. 2013. Unobservable Re-authentication for Smartphones. In NDSS. The Internet Society. http://dblp.uni-trier.de/db/conf/ndss/ndss2013.html#LiZX13
[13]
Yuxin Meng, Duncan S. Wong, Roman Schlegel, and Lam-for Kwok. 2013. Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones. In Information Security and Cryptology, Mirosław Kutyłowski and Moti Yung (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 331–350.
[14]
G. P. Nason and B. W. Silverman. 1995. The Stationary Wavelet Transform and some Statistical Applications. Springer New York, New York, NY, 281–299. https://doi.org/10.1007/978-1-4612-2544-7_17
[15]
Ilesanmi Olade, Hai-ning Liang, and Charles Fleming. 2018. A Review of Multimodal Facial Biometric Authentication Methods in Mobile Devices and Their Application in Head Mounted Displays. In 2018 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computing, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). 1997–2004. https://doi.org/10.1109/SmartWorld.2018.00334
[16]
S.K. Pal and S. Mitra. 1992. Multilayer perceptron, fuzzy sets, and classification. IEEE Transactions on Neural Networks 3, 5 (1992), 683–697. https://doi.org/10.1109/72.159058
[17]
Martin L Puterman. 2014. Markov decision processes: discrete stochastic dynamic programming. John Wiley & Sons.
[18]
L.R. Rabiner. 1989. A tutorial on hidden Markov models and selected applications in speech recognition. Proc. IEEE 77, 2 (1989), 257–286. https://doi.org/10.1109/5.18626
[19]
Premkumar Saravanan, Samuel Clarke, Duen Horng (Polo) Chau, and Hongyuan Zha. 2014. LatentGesture: Active User Authentication through Background Touch Analysis. In Proceedings of the Second International Symposium of Chinese CHI (Toronto, Ontario, Canada) (Chinese CHI ’14). Association for Computing Machinery, New York, NY, USA, 110–113. https://doi.org/10.1145/2592235.2592252
[20]
Michael Sherman, Gradeigh Clark, Yulong Yang, Shridatt Sugrim, Arttu Modig, Janne Lindqvist, Antti Oulasvirta, and Teemu Roos. 2014. User-Generated Free-Form Gestures for Authentication: Security and Memorability. In Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services (Bretton Woods, New Hampshire, USA) (MobiSys ’14). Association for Computing Machinery, New York, NY, USA, 176–189. https://doi.org/10.1145/2594368.2594375
[21]
Ingo Steinwart and Andreas Christmann. 2008. Support Vector Machines(1st ed.). Springer Publishing Company, Incorporated.
[22]
Huiping Sun, Ke Wang, Xu Li, Nan Qin, and Zhong Chen. 2015. PassApp: My App is My Password!. In Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services (Copenhagen, Denmark) (MobileHCI ’15). Association for Computing Machinery, New York, NY, USA, 306–315. https://doi.org/10.1145/2785830.2785880
[23]
Hui Xu, Yangfan Zhou, and Michael R. Lyu. 2014. Towards Continuous and Passive Authentication via Touch Biometrics: An Experimental Study on Smartphones. In Proceedings of the Tenth USENIX Conference on Usable Privacy and Security (Menlo Park, CA) (SOUPS ’14). USENIX Association, USA, 187–198.
[24]
Saira Zahid, Muhammad Shahzad, Syed Ali Khayam, and Muddassar Farooq. 2009. Keystroke-Based User Identification on Smart Phones. In Recent Advances in Intrusion Detection, Engin Kirda, Somesh Jha, and Davide Balzarotti (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 224–243.
[25]
Xi Zhao, Tao Feng, and Weidong Shi. 2013. Continuous mobile authentication using a novel Graphic Touch Gesture Feature. In 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS). 1–6. https://doi.org/10.1109/BTAS.2013.6712747
[26]
Nan Zheng, Kun Bai, Hai Huang, and Haining Wang. 2014. You Are How You Touch: User Verification on Smartphones via Tapping Behaviors. In Proceedings of the 2014 IEEE 22nd International Conference on Network Protocols(ICNP ’14). IEEE Computer Society, USA, 221–232. https://doi.org/10.1109/ICNP.2014.43
Index Terms
- Touch-behavioral Authentication on Smartphones using Machine Learning
Index terms have been assigned to the content through auto-classification.
Recommendations
Enhancing touch behavioral authentication via cost-based intelligent mechanism on smartphones
Due to the popularity of smartphones, there is a great need to deploy appropriate authentication mechanisms to safeguard users' sensitive data. Touch dynamics-based authentication has been developed to verify smartphone users and detect imposters. These ...
Simple shape-based touch behavioral biometrics authentication for smart mobiles
AVI '18: Proceedings of the 2018 International Conference on Advanced Visual InterfacesOne of the main concerns during usage of the current smart mobile devices in public is the vulnerability of password hacking by shoulder-suffering or smudge attack. The traditional user authentication techniques such as PIN code or patterns-based ...
Touch and copy, touch and paste
CHI EA '11: CHI '11 Extended Abstracts on Human Factors in Computing SystemsSPARSH explores a novel interaction method to seamlessly transfer data between digital devices in a fun and intuitive way. The user touches whatever data item he or she wants to copy from a device. At that moment, the data item is conceptually saved in ...
Comments
Information & Contributors
Information
Published In
March 2022
142 pages
ISBN:9781450391450
DOI:10.1145/3490100
Copyright © 2022 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 22 March 2022
Check for updates
Author Tags
Qualifiers
- Work in progress
- Research
- Refereed limited
Conference
IUI '22: 27th International Conference on Intelligent User Interfaces
March 22 - 25, 2022
Helsinki, Finland
Acceptance Rates
Overall Acceptance Rate 746 of 2,811 submissions, 27%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 95Total Downloads
- Downloads (Last 12 months)12
- Downloads (Last 6 weeks)1
Other Metrics
Citations
Cited By
View all- Vhaduri SDibbo SMuratyan ACheung W(2024)mWIoTAuth: Multi-wearable data-driven implicit IoT authenticationFuture Generation Computer Systems10.1016/j.future.2024.05.025159(230-242)Online publication date: Oct-2024
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format