Your search
Results 4 resources
-
Poor security practices among smartphone users, such as the use of simple, easily guessed passcodes for logins, are a result of the effort required to memorize stronger ones. In this paper, we devise a concept of “open code” biometric tap pad to authenticate smartphone users, which eliminates the need of memorizing secret codes. A biometric tap pad consists of a grid of buttons each labeled with a unique digit. The user attempting to log into the phone will tap these buttons in a given sequence. He/she will not memorize this tap sequence. Instead, the sequence will be displayed on the screen. The focus here is how the user types the sequence. This typing behavior is used for authentication. An open code biometric tap pad has several advantages, such as (1) users do not need to memorize passcodes, (2) manufacturers do not need to include extra sensors, and (3) onlookers have no chance to practice shoulder-surfing. We designed three tap pads and incorporated them into an Android app. We evaluated the performance of these tap pads by experimenting with three sequence styles and five different fingers: two thumbs, two index fingers, and the “usual” finger. We collected data from 33 participants over two weeks. We tested three machine learning algorithms: Support Vector Machine, Artificial Neural Network, and Random Forest. Experimental results show significant promise of open code biometric tap pads as a solution to the problem of weak smartphone security practices used by a large segment of the population.
-
As more people rely on smartphones to store sensitive information, the need for robust security measures is all the more pressing. Because traditional one shot authentication methods like PINs and passwords are vulnerable to various attacks, we present a behavioral biometrics based smartphone authentication system using swipes. While previous research focused on a single kind of swipe, our data set features swipes using different fingers and directions collected from 36 users across three sessions. In our system, we experimented with support vector machine (SVM) and random forest (RF) classifiers. We investigated which finger, direction, and classifier provided the best individual swipe authentication results. Then, we analyzed whether fusion of different fingers and directions improved results. The best unimodal result came from a rightward swipe with right thumb using SVM, which resulted in an area under ROC curve (AUC) of 0.936 and an equal error rate (EER) of 0.135. We found that swipes using thumbs offered better performance. Fusion improves results for the most part, and our best result was the combination of a leftward swipe with right thumb and a leftward swipe with left thumb. This combination gave an AUC of 0.969 and EER of 0.081 with the SVM classifier.
-
In this paper, we develop a new point-of-entry security measure for smartphone users. We devise a concept, the “Quad Swipe Pattern”, which includes four swipes from a user in four directions and utilizes the user’s swipe behavior for authentication. The Quad Swipe Pattern overcomes several shortcomings present in current point-of-entry security measures. We performed several experiments to demonstrate the effectiveness of the Quad Swipe Pattern in smartphone user authentication. We evaluated the Quad Swipe Pattern using five machine learning classifiers, three datasets of different sizes, and five different fingers. In addition, we studied how fusion of information from multiple fingers and multiple classifiers can improve the performance of Quad Swipe Pattern. All of our experimental results show significant promise of the Quad Swipe Pattern as a new point-of-entry security measure for smartphones. With a Neural Network model, the Quad Swipe Pattern achieves the Accuracy of 99.7%, False Acceptance Rate of 0.4%, and False Rejection Rate of 0%. With Support Vector Machine, the Quad Swipe Pattern achieves the Accuracy of 99.5%, False Acceptance Rate of 0.4%, and False Rejection Rate of 1.7%. With fusion of two best fingers, the Quad Swipe Pattern demonstrates an excellent performance of a zero Equal Error Rate.
-
This paper focuses on how zoom touchscreen gestures can be used to continuously authenticate and identify smartphone users. The zoom gesture is critically under-researched as a behavioral biometric despite richness of data found in this gesture. Furthermore, analysing how the zoom gesture performs over time is a novel line of inquiry. Zoom samples from three different data collection sessions were sourced. In these sessions, each participant zoomed in and out on three images. Eighty-five features were extracted from each gesture. The classification models used were Support Vector Machine (SVM), Random Forest (RF), and K-nearest Neighbor (KNN). The best authentication performance of AUC 0.937 and EER 10.6% were achieved using the SVM classifier. The best identification performance of 65.5% accuracy, 69.6% precision, and 67.9% recall were achieved using the RF classifier. In terms of stability over time, SVM proved to be the most stable classifier, with an AUC degradation of only 0.007 after two weeks had elapsed. This analysis proves that zoom gestures demonstrate promise for use in continuous smartphone authentication and identification applications. © 2021 Elsevier Ltd