Continuous Authentication Using Human-Induced Electric Potential
Authors: 
Srinivasan Murali, Wenqiang Jin, Vighnesh Sivaraman, Huadi Zhu, Tianxi Ji, Pan Li, Ming LiAuthors Info & Claims
Srinivasan Murali, Wenqiang Jin, Vighnesh Sivaraman, Huadi Zhu, Tianxi Ji, Pan Li, Ming LiAuthors Info & ClaimsPages 409 - 423
Abstract
Most terminal devices authenticate users only once at the time of initial login, leaving the terminal unprotected during an active session when the original user leaves it unattended. To address this issue, continuous authentication has been proposed by automatically locking the terminal after a period of inactivity. However, it does not fully eliminate the risk of unauthorized access before the session expires. Recent research has also investigated the feasibility of using physiological and behavioral patterns as biometrics. This study presents a novel two-factor continuous authentication that explores a new form of signal called human-induced electric potential captured by wearables in contact with the user’s body. By analyzing this signal, we can determine the time of user-terminal interactions and compare it with information recorded by the terminal’s OS. If the original user remains on the same terminal, the two-source readings would match. Additionally, the proposed scheme includes an extra layer of protection by extracting terminal’s physical fingerprints from the human-induced electric potential to defend against advanced mimicry attacks. To test the effectiveness of our design, a low-cost wearable prototype is developed. Through extensive experiments, it is found that the proposed scheme has a low error rate of 2.3%, with minimal computational and energy requirements.
References
[1]
Abbas Acar, Hidayet Aksu, A Selcuk Uluagac, and Kemal Akkaya. 2018. WACA: Wearable-assisted continuous authentication. In IEEE Secur. Priv. Workshops. 264–269.
[2]
Apple. 2023. Unlock your mac with apple watch.https://support.apple.com/guide/watch/unlock-your-mac-with-apple-watch-apd4200675b8/watchos. (2023).
[3]
Çağatay Barut, Erhan Kiziltan, Ethem Gelir, and Fürüzan Köktürk. 2013. Advanced analysis of finger-tapping performance: a preliminary study. Balk. Med. J. 2013, 2 (2013), 167–171.
[4]
Eli Billauer. 2023. Peak detection.http://www.billauer.co.il/peakdet.html. (2023).
[5]
Cheng Bo, Lan Zhang, Xiang-Yang Li, Qiuyuan Huang, and Yu Wang. 2013. Silentsense: silent user identification via touch and movement behavioral biometrics. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 187–190.
[6]
Fortune business insights. 2023. Touch Screen Display Market Share & Growth | Forecast. https://www.fortunebusinessinsights.com/touch-screen-display-market-105362/. (2023).
[7]
Jagmohan Chauhan, Yining Hu, Suranga Seneviratne, Archan Misra, Aruna Seneviratne, and Youngki Lee. 2017. BreathPrint: Breathing acoustics-based user authentication. In Proc. Annu. Int. Conf. Mobile Syst. Appl. Serv. (MobiSys). 278–291.
[8]
Yushi Cheng, Xiaoyu Ji, Juchuan Zhang, Wenyuan Xu, and Yi-Chao Chen. 2019. Demicpu: Device fingerprinting with magnetic signals radiated by cpu. In Proc. ACM SIGSAC Conf. Comput. Commun. Secur. (CCS). 1149–1170.
[9]
Mark D Corner and Brian D Noble. 2002. Zero-interaction authentication. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 1–11.
[10]
Mark D Corner and Brian D Noble. 2003. Protecting applications with transient authentication. In Proc. Annu. Int. Conf. Mobile Syst. Appl. Serv. (MobiSys). 57–70.
[11]
Simon Eberz, Giulio Lovisotto, Kasper B Rasmussen, Vincent Lenders, and Ivan Martinovic. 2019. 28 blinks later: Tackling practical challenges of eye movement biometrics. In Proc. ACM SIGSAC Conf. Comput. Commun. Secur. (CCS). 1187–1199.
[12]
Simon Eberz, K Rasmussen, Vincent Lenders, and Ivan Martinovic. 2015. Preventing lunchtime attacks: Fighting insider threats with eye movement biometrics. In Netw. Distrib. Syst. Secur. Symp. (NDSS).
[13]
Bernhard Etzlinger, Barbara Nußbaummüller, Philipp Peterseil, and Karin Anna Hummel. 2021. Distance estimation for ble-based contact tracing–a measurement study. In Wirel. Days (WD). 1–5.
[14]
Mario Frank, Ralf Biedert, Eugene Ma, Ivan Martinovic, and Dawn Song. 2012. Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans. Inf. Forensics Secur. 8, 1 (2012), 136–148.
[15]
Gatekeeper. 2023. MFA hardware token|Proximity-based wireless security key. https://gkaccess.com/products/2fa-token-halberd/. (2023).
[16]
Github. 2023. Blue Proximity. https://github.com/tiktaalik-dev/blueproximity. (2023).
[17]
Dianqi Han, Yimin Chen, Tao Li, Rui Zhang, Yaochao Zhang, and Terri Hedgpeth. 2018. Proximity-proof: Secure and usable mobile two-factor authentication. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 401–415.
[18]
Micromax Health. 2023. All-In-One Medical PC – Mate Series. https://micromaxhealth.com/products-2/all-in-one-medical-pc/. (2023).
[19]
Otto Huhta, Prakash Shrestha, Swapnil Udar, Mika Juuti, Nitesh Saxena, and N Asokan. 2016. Pitfalls in designing zero-effort deauthentication: Opportunistic human observation attacks. In Netw. Distrib. Syst. Secur. Symp. (NDSS).
[20]
Texas Instruments. 2023. INA 219. https://www.ti.com/product/INA219. (2023).
[21]
Kyungho Joo, Wonsuk Choi, and Dong Hoon Lee. 2020. Hold the door! Fingerprinting your car key to prevent keyless entry car theft. In Netw. Distrib. Syst. Secur. Symp. (NDSS).
[22]
Tomi Kinnunen and Haizhou Li. 2010. An overview of text-independent speaker recognition: From features to supervectors. Speech Commun. 52, 1 (2010), 12–40.
[23]
Ross Koppel, Joshua P Metlay, Abigail Cohen, Brian Abaluck, A Russell Localio, Stephen E Kimmel, and Brian L Strom. 2005. Role of computerized physician order entry systems in facilitating medication errors. Jama 293, 10 (2005), 1197–1203.
[24]
Ross Koppel, Sean Smith, Jim Blythe, and Vijay Kothari. 2015. Workarounds to computer access in healthcare organizations: you want my password or a dead patient? In Driv. Qual. Inform. Fulfill. Promis.215–220.
[25]
Lenovo. 2023. Lenovo yoga tab 13 tablet.https://www.lenovo.com/us/en/p/tablets/android-tablets/lenovo-tab-series/yoga-tab-13/wmd00000469?org. (2023).
[26]
Lingjun Li, Xinxin Zhao, and Guoliang Xue. 2013. Unobservable re-authentication for smartphones. In Netw. Distrib. Syst. Secur. Symp. (NDSS), Vol. 56.
[27]
Feng Lin, Chen Song, Yan Zhuang, Wenyao Xu, Changzhi Li, and Kui Ren. 2017. Cardiac Scan: A non-contact and continuous heart-based user authentication system. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 315–328.
[28]
Wael Louis, Majid Komeili, and Dimitrios Hatzinakos. 2016. Continuous authentication using one-dimensional multi-resolution local binary patterns (1DMRLBP) in ECG biometrics. IEEE Trans. Inf. Forensics Secur. 11, 12 (2016), 2818–2832.
[29]
Shrirang Mare, Andrés Molina Markham, Cory Cornelius, Ronald Peterson, and David Kotz. 2014. ZEBRA: Zero-effort bilateral recurring authentication. In IEEE Symp. Secur. Privacy.705–720.
[30]
Shrirang Mare, Reza Rawassizadeh, Ronald Peterson, and David Kotz. 2019. Continuous smartphone authentication using wristbands. In Proc. Workshop Usable Secur.
[31]
Alex T Mariakakis, Souvik Sen, Jeongkeun Lee, and Kyu-Han Kim. 2014. Sail: Single access point-based indoor localization. In Proc. Annu. Int. Conf. Mobile Syst. Appl. Serv. (MobiSys). 315–328.
[32]
Miklós Maróti, Branislav Kusy, Gyula Simon, and Akos Lédeczi. 2004. The flooding time synchronization protocol. In Proc. Int. Conf. Embed. Netw. Sens. Syst. (SenSys). 39–49.
[33]
MathWorks. 2023. Discrete time analytic signal using hilbert transform.https://www.mathworks.com/help/signal/ref/hilbert.html. (2023).
[34]
MathWorks. 2023. Envelope extraction.https://www.mathworks.com/help/signal/ug/envelope-extraction-using-the-analytic-signal.html. (2023).
[35]
HIMSS Media. 2023. The Usage of Tablets in the Healthcare Industry. https://www.healthcareitnews.com/blog/usage-tablets-healthcare-industry. (2023).
[36]
Todd K Moon. 1996. The expectation-maximization algorithm. IEEE Signal Process. Mag. 13, 6 (1996), 47–60.
[37]
Brian CJ Moore and Brian R Glasberg. 1983. Suggested formulae for calculating auditory-filter bandwidths and excitation patterns. J. Acoust. Soc. Am. 74, 3 (1983), 750–753.
[38]
Nymi. 2023. Wearable identity for the future-ready workplace. https://www.nymi.com/nymi-band. (2023).
[39]
U.S. Department of Energy. 2023. United States electricity industry primer.https://www.energy.gov/sites/prod/files/2015/12/f28/united-states-electricity-industry-primer.pdf. (2023).
[40]
Mauricio Pamplona Segundo, Sudeep Sarkar, Dmitry Goldgof, Luciano Silva, and Olga Bellon. 2013. Continuous 3D face authentication using RGB-D cameras. In Proc. IEEE Conf. Comput. Vis. Pattern Recognit. Workshops. 64–69.
[41]
Mickaël Pruvost, Wilbert J Smit, Cécile Monteux, Philippe Poulin, and Annie Colin. 2019. Polymeric foams for flexible and highly sensitive low-pressure capacitive sensors. npj Flex. Electron. 3, 1 (2019), 1–6.
[42]
Kasper Bonne Rasmussen, Marc Roeschlin, Ivan Martinovic, and Gene Tsudik. 2014. Authentication using pulse- response biometrics. In Netw. Distrib. Syst. Secur. Symp. (NDSS).
[43]
J Patrick Reilly. 2012. Applied bioelectricity: from electrical stimulation to electropathology.
[44]
Douglas A Reynolds. 2002. An overview of automatic speaker recognition technology. In Proc. IEEE Int. Conf. Acoust. Speech Signal Process. (ICASSP), Vol. 4. IV–4072.
[45]
Hataichanok Saevanee, Nathan Clarke, Steven Furnell, and Valerio Biscione. 2015. Continuous user authentication using multi-modal biometrics. Comput. Secur. 53 (2015), 234–246.
[46]
Samsung. 2023. Samsung galaxy tab S7 / S7+.https://www.samsung.com/us/tablets/tab-s7/. (2023).
[47]
Munehiko Sato, Rohan S Puri, Alex Olwal, Deepak Chandra, Ivan Poupyrev, and Ramesh Raskar. 2015. Zensei: Augmenting objects with effortless user recognition capabilities through bioimpedance sensing. In Adjunct Proc. Annu. ACM Symp. User Interface Softw. Technol. (UIST).
[48]
Ralf Schluter, Ilja Bezrukov, Hermann Wagner, and Hermann Ney. 2007. Gammatone features and feature combination for large vocabulary speech recognition. In Proc. IEEE Int. Conf. Acoust. Speech Signal Process. (ICASSP). IV–649.
[49]
Mohit Sethi, Markku Antikainen, and Tuomas Aura. 2014. Commitment-based device pairing with synchronized drawing. In Proc. IEEE Int. Conf. Pervasive Comput. Commun. (PerCom). 181–189.
[50]
Chao Shen, Yuanxun Li, Yufei Chen, Xiaohong Guan, and Roy A Maxion. 2017. Performance analysis of multi-motion sensor behavior for active smartphone authentication. IEEE Trans. Inf. Forensics Secur. 13, 1 (2017), 48–62.
[51]
Chao Shen, Yong Zhang, Xiaohong Guan, and Roy A Maxion. 2015. Performance analysis of touch-interaction behavior for active smartphone authentication. IEEE Trans. Inf. Forensics Secur. 11, 3 (2015), 498–513.
[52]
Yiran Shen, Chengwen Luo, Weitao Xu, and Wen Hu. 2015. Poster: An online approach for gait recognition on smart glasses. In Proc. ACM Conf. Embed. Netw. Sens. Syst. (SenSys). 389–390.
[53]
Sara Sinclair. 2014. Access control in and for the real world. Dartmouth College.
[54]
Zdeňka Sitová, Jaroslav Šeděnka, Qing Yang, Ge Peng, Gang Zhou, Paolo Gasti, and Kiran S Balagani. 2015. HMOG: New behavioral biometric features for continuous authentication of smartphone users. IEEE Trans. Inf. Forensics Secur. 11, 5 (2015), 877–892.
[55]
Seeed Studio. 2023. Seeed studio XIAO nRF52840. https://www.seeedstudio.com/Seeed-XIAO-BLE-nRF52840-p-5201.html. (2023).
[56]
Tom’s-guide. 2023. iPhone X Face ID Slower Than Touch ID.https://www.tomsguide.com/us/iphone-x-face-id-speed-up, news-26060.html. (2023).
[57]
Ge Wang, Haofan Cai, Chen Qian, Jinsong Han, Xin Li, Han Ding, and Jizhong Zhao. 2018. Towards replay-resilient RFID authentication. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 385–399.
[58]
Jiyun Wu and Zhide Chen. 2015. An implicit identity authentication system considering changes of gesture based on keystroke behaviors. Int. J. Distrib. Sens. Netw. 11, 6 (2015), 470274.
[59]
Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Mahbub Hassan, Neil Bergmann, and Wen Hu. 2017. KEH-Gait: Towards a mobile healthcare user authentication system by kinetic energy harvesting. In Netw. Distrib. Syst. Secur. Symp. (NDSS).
[60]
Zhenyu Yan, Qun Song, Rui Tan, Yang Li, and Adams Wai Kin Kong. 2019. Towards touch-to-access device authentication using induced body electric potentials. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom).
[61]
Fusang Zhang, Jie Xiong, Zhaoxin Chang, Junqi Ma, and Daqing Zhang. 2022. Mobi2Sense: empowering wireless sensing with mobility. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 268–281.
[62]
Tengxiang Zhang, Xin Yi, Ruolin Wang, Yuntao Wang, Chun Yu, Yiqin Lu, and Yuanchun Shi. 2018. Tap-to-pair: associating wireless devices with synchronous tapping. Proc. ACM Interact. Mobile Wearable Ubiquitous Technol. 2, 4 (2018), 1–21.
[63]
Yongtuo Zhang, Wen Hu, Weitao Xu, Chun Tung Chou, and Jiankun Hu. 2018. Continuous authentication using eye movement response of implicit visual stimuli. Proc. ACM Interact. Mobile Wearable Ubiquitous Technol. 1, 4 (2018), 1–22.
[64]
Tianming Zhao, Yan Wang, Jian Liu, and Yingying Chen. 2018. Your heart won’t lie: PPG-based continuous authentication on wrist-worn wearable devices. In Proc. Annu. Int. Conf. Mobile Comput. Netw. (MobiCom). 783–785.
[65]
Tianming Zhao, Yan Wang, Jian Liu, Yingying Chen, Jerry Cheng, and Jiadi Yu. 2020. TrueHeart: Continuous authentication on wrist-worn wearables using PPG-based biometrics. In IEEE Conf. Comput. Commun. (INFOCOM). 30–39.
[66]
Xiaojia Zhao, Yang Shao, and DeLiang Wang. 2012. CASA-based robust speaker identification. IEEE Trans. Audio Speech Lang. Process. 20, 5 (2012), 1608–1616.
[67]
Xiaojia Zhao and DeLiang Wang. 2013. Analyzing noise robustness of MFCC and GFCC features in speaker identification. In IEEE international conference on acoustics, speech and signal processing (ICASSP). 7204–7208.
[68]
Xiaoqiang Zhu, Tie Qiu, Wenyu Qu, Xiaobo Zhou, Mohammed Atiquzzaman, and Dapeng Oliver Wu. 2023. BLS-Location: A Wireless Fingerprint Localization Algorithm Based on Broad Learning. IEEE Trans. Mobile Comput. 22, 1 (2023), 115–128.
[69]
Thomas G Zimmerman, Joshua R Smith, Joseph A Paradiso, David Allport, and Neil Gershenfeld. 1995. Applying electric field sensing to human-computer interfaces. In Proc. SIGCHI Conf. Hum. Factors Comput. Syst. (CHI). 280–287.
Index Terms
- Continuous Authentication Using Human-Induced Electric Potential
Recommendations
Smart Kiosk with Gait-Based Continuous Authentication
Proceedings of the Third International Conference on Distributed, Ambient, and Pervasive Interactions - Volume 9189The authors propose to develop a smart kiosk that plays the role of an identity selector activated implicitly when a user is approaching that kiosk. The identity of a user is recognized implicitly in background by a mobile/wearable device based on his ...
Continuous and transparent multimodal authentication: reviewing the state of the art
Individuals, businesses and governments undertake an ever-growing range of activities online and via various Internet-enabled digital devices. Unfortunately, these activities, services, information and devices are the targets of cybercrimes. Verifying ...
Continuous Authentication Using Behavioral Biometrics
IWSPA '17: Proceedings of the 3rd ACM on International Workshop on Security And Privacy AnalyticsCurrently, the standard methods to authenticate a computer/network user typically occur once at the initial log-in. These authentication methods involve user proxies, especially passwords and smart cards such as common access cards (CACs) and service ID ...
Comments
Information & Contributors
Information
Published In
December 2023
836 pages
ISBN:9798400708862
DOI:10.1145/3627106
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 04 December 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ACSAC '23
Acceptance Rates
Overall Acceptance Rate 104 of 497 submissions, 21%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 432Total Downloads
- Downloads (Last 12 months)432
- Downloads (Last 6 weeks)66
Reflects downloads up to 03 Oct 2024
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatGet Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in