User Authentication based on Continuous Touch Biometrics

Mobile devices such as smartphones have until now been protected by traditional authentication methods, including passwords or pattern locks. These authentication mechanisms are difficult to remember and are often disabled, leaving the device vulnerable if stolen. This paper investigates the possibility of unobtrusive, continuous authentication for smartphones based on biometric data collected using a touchscreen. The possibility of authenticating users on a smartphone was evaluated by conducting an experiment simulating real-world touch interaction. Touch data was collected from 30 participants during normal phone use. The touch features were analysed in terms of the information provided for authentication. It was found that features such as finger pressure, location of touch interaction and shape of the finger were important discriminators for authentication. The touch data was also analysed using two classification algorithms to measure the authentication accuracy. The results show that touch data is sufficiently distinct between users to be used in authentication without disrupting normal touch interaction. It is also shown that the raw touch data was more effective in authentication than the aggregated gesture data.

Download Full-text

A Hybrid Deep Learning System for Real-World Mobile User Authentication Using Motion Sensors

Sensors ◽

10.3390/s20143876 ◽

2020 ◽

Vol 20 (14) ◽

pp. 3876 ◽

Cited By ~ 3

Author(s):

Tiantian Zhu ◽

Zhengqiu Weng ◽

Guolang Chen ◽

Lei Fu

Keyword(s):

Feature Extraction ◽

Deep Learning ◽

Mobile Devices ◽

Real World ◽

Large Scale ◽

User Authentication ◽

Mobile User ◽

Learning System ◽

Support Vector ◽

Motion Sensors

With the popularity of smartphones and the development of hardware, mobile devices are widely used by people. To ensure availability and security, how to protect private data in mobile devices without disturbing users has become a key issue. Mobile user authentication methods based on motion sensors have been proposed by many works, but the existing methods have a series of problems such as poor de-noising ability, insufficient availability, and low coverage of feature extraction. Based on the shortcomings of existing methods, this paper proposes a hybrid deep learning system for complex real-world mobile authentication. The system includes: (1) a variational mode decomposition (VMD) based de-noising method to enhance the singular value of sensors, such as discontinuities and mutations, and increase the extraction range of the feature; (2) semi-supervised collaborative training (Tri-Training) methods to effectively deal with mislabeling problems in complex real-world situations; and (3) a combined convolutional neural network (CNN) and support vector machine (SVM) model for effective hybrid feature extraction and training. The training results under large-scale, real-world data show that the proposed system can achieve 95.01% authentication accuracy, and the effect is better than the existing frontier methods.

Download Full-text

A Lightweight Privacy-Aware Continuous Authentication Protocol-PACA

ACM Transactions on Privacy and Security ◽

10.1145/3464690 ◽

2021 ◽

Vol 24 (4) ◽

pp. 1-28

Author(s):

Abbas Acar ◽

Shoukat Ali ◽

Koray Karabina ◽

Cengiz Kaygusuz ◽

Hidayet Aksu ◽

...

Keyword(s):

Template Matching ◽

User Authentication ◽

Third Party ◽

Biometric Data ◽

Concrete System ◽

Current State ◽

Continuous Authentication ◽

User Data ◽

Continuous User ◽

Privacy Issues

As many vulnerabilities of one-time authentication systems have already been uncovered, there is a growing need and trend to adopt continuous authentication systems. Biometrics provides an excellent means for periodic verification of the authenticated users without breaking the continuity of a session. Nevertheless, as attacks to computing systems increase, biometric systems demand more user information in their operations, yielding privacy issues for users in biometric-based continuous authentication systems. However, the current state-of-the-art privacy technologies are not viable or costly for the continuous authentication systems, which require periodic real-time verification. In this article, we introduce a novel, lightweight, <underline>p</underline>rivacy-<underline>a</underline>ware, and secure <underline>c</underline>ontinuous <underline>a</underline>uthentication protocol called PACA. PACA is initiated through a password-based key exchange (PAKE) mechanism, and it continuously authenticates users based on their biometrics in a privacy-aware manner. Then, we design an actual continuous user authentication system under the proposed protocol. In this concrete system, we utilize a privacy-aware template matching technique and a wearable-assisted keystroke dynamics-based continuous authentication method. This provides privacy guarantees without relying on any trusted third party while allowing the comparison of noisy user inputs (due to biometric data) and yielding an efficient and lightweight protocol. Finally, we implement our system on an Apple smartwatch and perform experiments with real user data to evaluate the accuracy and resource consumption of our concrete system.

Download Full-text

Multimodal Continuous User Authentication on Mobile Devices via Interaction Patterns

Wireless Communications and Mobile Computing ◽

10.1155/2021/5677978 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Xiaomei Zhang ◽

Pengming Zhang ◽

Haomin Hu

Keyword(s):

Mobile Devices ◽

User Authentication ◽

User Interaction ◽

Behavior Modeling ◽

Interaction Patterns ◽

Hand Motion ◽

Static Interaction ◽

Continuous Authentication ◽

Multimodal Systems ◽

Continuous User

Behavior-based continuous authentication is an increasingly popular methodology that utilizes behavior modeling and sensing for authentication and account access authorization. As an appearing behavioral biometric, user interaction patterns with mobile devices focus on verifying their identity in terms of their features or operating styles while interacting with devices. However, unimodal continuous authentication schemes, which are on the basis of a single source of interaction information, can only deal with a particular action or scenario. Hence, multimodal systems should be taken to suit for various environmental conditions especially in circumstances of attacks. In this paper, we propose a multimodal continuous authentication method both based on static interaction patterns and dynamic interaction patterns with mobile devices. Behavioral biometric features, HMHP, which is combined hand motion (HM) and hold posture (HP), are essentially established upon the touch screen and accelerator and capture the variation model of microhand motions and hold patterns generated in both dynamic and static scenes. By combining the features of HM and HP, the fusion feature HMHP achieves 97% accuracy with a 3.49% equal error rate.

Download Full-text

Fingerprinting Mobile Devices Using Personalized Configurations

Proceedings on Privacy Enhancing Technologies ◽

10.1515/popets-2015-0027 ◽

2016 ◽

Vol 2016 (1) ◽

pp. 4-19 ◽

Cited By ~ 32

Author(s):

Andreas Kurtz ◽

Hugo Gascon ◽

Tobias Becker ◽

Konrad Rieck ◽

Felix Freiling

Keyword(s):

Supervised Learning ◽

Mobile Devices ◽

Real World ◽

Third Party ◽

Learning Approach ◽

Total Accuracy ◽

Over Time

Abstract Recently, Apple removed access to various device hardware identifiers that were frequently misused by iOS third-party apps to track users. We are, therefore, now studying the extent to which users of smartphones can still be uniquely identified simply through their personalized device configurations. Using Apple’s iOS as an example, we show how a device fingerprint can be computed using 29 different configuration features. These features can be queried from arbitrary thirdparty apps via the official SDK. Experimental evaluations based on almost 13,000 fingerprints from approximately 8,000 different real-world devices show that (1) all fingerprints are unique and distinguishable; and (2) utilizing a supervised learning approach allows returning users or their devices to be recognized with a total accuracy of 97% over time

Download Full-text

Towards Wider Adoption of Continuous Authentication on Mobile Devices

Advanced Sciences and Technologies for Security Applications - Securing Social Identity in Mobile Platforms ◽

10.1007/978-3-030-39489-9_13 ◽

2020 ◽

pp. 235-262

Author(s):

Sanka Rasnayaka ◽

Terence Sim

Keyword(s):

Mobile Devices ◽

Continuous Authentication

Download Full-text

Secondary User Authentication Based on Mobile Devices Location

2010 IEEE Fifth International Conference on Networking, Architecture, and Storage ◽

10.1109/nas.2010.56 ◽

2010 ◽

Cited By ~ 1

Author(s):

Min-Hsao Chen ◽

Chung-Han Chen

Keyword(s):

Mobile Devices ◽

User Authentication ◽

Secondary User

Download Full-text

Continuous User Authentication Based on Keystroke Dynamics through Neural Network Committee Machines

Continuous Authentication Using Biometrics ◽

10.4018/978-1-61350-129-0.ch011 ◽

2011 ◽

pp. 232-252

Author(s):

Sérgio Roberto de Lima e Silva Filho ◽

Mauro Roisenberg

Keyword(s):

Neural Network ◽

Neural Networks ◽

User Authentication ◽

Keystroke Dynamics ◽

Continuous Authentication ◽

Biometric Characteristic ◽

Continuous User ◽

Computer Keyboard

This chapter proposes an authentication methodology that is both inexpensive and non-intrusive and authenticates users continuously while using a computer keyboard. This proposed methodology uses neural network committee machines. The committee consists of several independent neural networks trained to recognize a behavioral biometric characteristic: user’s typing pattern. Continuous authentication prevents potential attacks when users leave their desks without logging out or locking their computer session. Some experiments were conducted to evaluate and to calibrate the authentication committee. Best results show that a 0% FAR and a 0.15% FRR can be achieved when different thresholds are used in the system for each user. In this proposed methodology, capture system does not need to concern about typing errors in the text. Another feature of this methodology is that new users can be easily added to the system, with no need to re-train all neural networks involved.

Download Full-text

Supporting Synchronous Collaboration with Heterogeneous Devices

Interdisciplinary Perspectives on E-Collaboration ◽

10.4018/978-1-61520-676-6.ch002 ◽

2010 ◽

pp. 12-30

Author(s):

Axel Guicking ◽

Peter Tandler ◽

Thomas Grasse

Keyword(s):

System Design ◽

Mobile Devices ◽

Real World ◽

Functional Requirements ◽

Synchronous Collaboration ◽

Heterogeneous Devices ◽

Framework Design ◽

Real World Applications ◽

Collaborative Applications ◽

Electronic Meeting System

The increasing availability of mobile devices in today’s business contexts raises the demand to shift the focus of groupware framework design. Instead of solely focusing on functional requirements of specific application domains or device characteristics, nonfunctional requirements need to be taken into account as well. Flexibility concerning the integration of devices and tailorability of the framework according to different usage contexts is essential for addressing device heterogeneity. Besides flexibility, in order to support the development of real-world applications involving heterogeneous devices, robustness and scalability concerns have to be addressed explicitly by the framework. This article presents Agilo, a groupware framework for synchronous collaboration. The framework incorporates approaches addressing flexibility, robustness, and scalability issues. The combination of these concerns makes it suitable for development of collaborative applications involving up to hundreds of users. As an example application, a commercial electronic meeting system is presented by illustrating typical usage scenarios, explaining applicationspecific requirements and describing the system design.

Download Full-text

User Authentication Method using Shaking Actions in Mobile Devices

Proceedings of the International Conference on Research in Adaptive and Convergent Systems - RACS '16 ◽

10.1145/2987386.2987411 ◽

2016 ◽

Cited By ~ 2

Author(s):

Tae Kyong Lee ◽

Tae Guen Kim ◽

Eul Gyu Im

Keyword(s):

Mobile Devices ◽

User Authentication

Download Full-text

Collaborative Mapping and GIS

Handbook of Research on Geoinformatics ◽

10.4018/978-1-59140-995-3.ch045 ◽

2010 ◽

pp. 388-399 ◽

Cited By ~ 1

Author(s):

Edward Mac Gillavry

Keyword(s):

Web Services ◽

Mobile Devices ◽

Real World ◽

Information Infrastructure ◽

Geographic Information ◽

Web Technologies ◽

Location Aware ◽

Collaborative Mapping ◽

Machine Readable ◽

Complementary And Alternative

The collection and dissemination of geographic information has long been the prerogative of national mapping agencies. Nowadays, location-aware mobile devices could potentially turn everyone into a mapmaker. Collaborative mapping is an initiative to collectively produce models of real-world locations online that people can then access and use to virtually annotate locations in space. This chapter describes the technical and social developments that underpin this revolution in mapmaking. It presents a framework for an alternative geographic information infrastructure that draws from collaborative mapping initiatives and builds on established Web technologies. Storing geographic information in machine-readable formats and exchanging geographic information through Web services, collaborative mapping may enable the “napsterisation” of geographic information, thus providing complementary and alternative geographic information from the products created by national mapping agencies.

Download Full-text