Skip to main content
SpringerLink
Log in

Designing Double-Click-Based Unlocking Mechanism on Smartphones

  • Conference paper
  • First Online:
Security, Privacy, and Anonymity in Computation, Communication, and Storage (SpaCCS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12383))

Abstract

Smartphones have gained huge popularity and rapidly changed the way of people’s living habits and communication style. Despite the widespread adoption, there is a big challenge to protect data security on smartphones. This is because phone users often store their personal data (e.g., images) and proceed sensitive tasks (e.g., financial operations) on the device. To secure the device from unauthorized access, designing an appropriate unlocking mechanism is an expected solution. To complement existing schemes, we advocate that combining behavioral biometrics can enhance the security of unlocking mechanisms. In this work, we develop a double-click-based unlocking scheme (DCUS), which allows users to unlock the phone by double clicking on the pre-selected location on an image. For verification, DCUS has to check selected images, image location and behavioral features of double-click action. In the user study, we involve 40 participants and explore some common supervised algorithms. The results demonstrate that participants can achieve a good success rate (over 96%) with positive feedback.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. In: Proceedings of the 4th USENIX Conference on Offensive Technologies, pp. 1–7. USENIX Association (2010)

    Google Scholar 

  2. Al-Sudani, A.R., Gao, S., Wen, S., Al-Khiza’ay, M.: Checking an authentication of person depends on RFID with thermal image. SpaCCS 2018, 371–380 (2018)

    Google Scholar 

  3. Bonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, pp. 538–552 (2012)

    Google Scholar 

  4. De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touch me once and i know it’s you!: implicit authentication based on touch screen patterns. In: Proceedings of CHI, pp. 987–996. ACM (2012)

    Google Scholar 

  5. Deloitte’s 2019 global mobile consumer survey. https://www2.deloitte.com/content/dam/insights/us/articles/glob43115_2019-global-mobile-survey/DI_2019-global-mobile-survey.pdf

  6. Feng, T., et al.: Continuous mobile authentication using touchscreen gestures. In: Proceedings of the 2012 IEEE Conference on Technologies for Homeland Security (HST), pp. 451–456. IEEE, USA (2012)

    Google Scholar 

  7. Findling, R.D., Mayrhofer, R.: Towards face unlock: on the difficulty of reliably detecting faces on mobile phones. In: MoMM, pp. 275–280 (2012)

    Google Scholar 

  8. Frank, M., Biedert, R., Ma, E., Martinovic, I., Song, D.: Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans. Inf. Forensics Secur. 8(1), 136–148 (2013)

    Article  Google Scholar 

  9. Gomez-Barrero, M., Galbally, J.: Reversing the irreversible: a survey on inverse biometrics. Comput. Secur. 90, 101700 (2020)

    Article  Google Scholar 

  10. Guo, Y., Yang, L., Ding, X., Han, J., Liu, Y.: OpenSesame: unlocking smart phone through handshaking biometrics. In: INFOCOM, pp. 365–369 (2013)

    Google Scholar 

  11. Izuta, R., Murao, K., Terada, T., Iso, T., Inamura, H., Tsukamoto, M.: Screen unlocking method using behavioral characteristics when taking mobile phone from pocket. In: MoMM, pp. 110–114 (2016)

    Google Scholar 

  12. Larrucea, X., Moffie, M., Asaf, I.S.: Santamaria: towards a GDPR compliant way to secure European cross border healthcare industry 4.0. Comput. Stand. Interfaces 69, 103408 (2020)

    Article  Google Scholar 

  13. Li, Y., et al.: A closer look tells more: a facial distortion based liveness detection for face authentication. In: AsiaCCS, pp. 241–246 (2019)

    Google Scholar 

  14. Li, Y., Cheng, Y., Meng, W., Li, Y., Deng, R.H.: Designing leakage-resilient password entry on head-mounted smart wearable glass devices. IEEE Trans. Inf. Forensics Secur. 16, 307–321 (2021)

    Article  Google Scholar 

  15. Li, W., Tan, J., Meng, W., Wang, Yu., Li, J.: SwipeVLock: a supervised unlocking mechanism based on swipe behavior on smartphones. In: Chen, X., Huang, X., Zhang, J. (eds.) ML4CS 2019. LNCS, vol. 11806, pp. 140–153. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30619-9_11

    Chapter  Google Scholar 

  16. Li, W., Tan, J., Meng, W., Wang, Y.: A swipe-based unlocking mechanism with supervised learning on smartphones: design and evaluation. J. Netw. Comput. Appl 165, 102687 (2020)

    Article  Google Scholar 

  17. Meng, Y.: Designing click-draw based graphical password scheme for better authentication. In: Proceedings of the 7th IEEE International Conference on Networking, Architecture, and Storage (NAS), pp. 39–48 (2012)

    Google Scholar 

  18. Meng, Y., Li, W., Kwok, L.-F.: Enhancing click-draw based graphical passwords using multi-touch on mobile phones. In: Proceedings of the 28th IFIP TC 11 International Information Security and Privacy Conference (IFIP SEC), IFIP Advances in Information and Communication Technology, vol. 405, pp. 55–68 (2013)

    Google Scholar 

  19. Meng, W., Wong, D.S., Furnell, S., Zhou, J.: Surveying the development of biometric user authentication on mobile phones. IEEE Commun. Surv. Tutorials 17(3), 1268–1293 (2015)

    Article  Google Scholar 

  20. Meng, W.: RouteMap: a route and map based graphical password scheme for better multiple password memory. In: Proceedings of the 9th International Conference on Network and System Security (NSS), pp. 147–161 (2015)

    Google Scholar 

  21. Meng, W.: Evaluating the effect of multi-touch behaviours on android unlock patterns. Inf. Comput. Secur. 24(3), 277–287 (2016)

    Article  Google Scholar 

  22. Meng, W., Li, W., Wong, D.S., Zhou, J.: TMGuard: a touch movement-based security mechanism for screen unlock patterns on smartphones. In: Proceedings of the 14th International Conference on Applied Cryptography and Network Security (ACNS), pp. 629–647 (2016)

    Google Scholar 

  23. Meng, W., Lee, W.H., Liu, Z., Su, C., Li, Y.: Evaluating the impact of juice filming charging attack in practical environments. In: Kim, H., Kim, D.-C. (eds.) ICISC 2017. LNCS, vol. 10779, pp. 327–338. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78556-1_18

    Chapter  Google Scholar 

  24. Meng, W., Fei, F., Li, W., Au, M.H.: Harvesting smartphone privacy through enhanced juice filming charging attacks. In: Proceedings of ISC, pp. 291–308 (2017)

    Google Scholar 

  25. Meng, W., Li, W., Kwok, L.-F., Choo, K.-K.R.: Towards enhancing click-draw based graphical passwords using multi-touch behaviours on smartphones. Comput. Secur. 65, 213–229 (2017)

    Article  Google Scholar 

  26. Meng, W., Li, W., Lee, W., Jiang, L., Zhou, J.: A Pilot Study of Multiple Password Interference between Text and Map-based Passwords. In: Proceedings of the 15th International Conference on Applied Cryptography and Network Security (ACNS), pp. 145–162 (2017)

    Google Scholar 

  27. Meng, W., Lee, W.H., Au, M.H., Liu, Z.: Exploring effect of location number on map-based graphical password authentication. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10343, pp. 301–313. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59870-3_17

    Chapter  Google Scholar 

  28. Nyang, D., Kim, H., Lee, W., Kang, S., Cho, G., Lee, M.K., Mohaisen, A.: Two-thumbs-up: physical protection for PIN entry secure against recording attacks. Comput. Secur. 78, 1–15 (2018)

    Article  Google Scholar 

  29. Shepard, R.N.: Recognition memory for words, sentences, and pictures. J. Verbal Learn. Verbal Behav. 6(1), 156–163 (1967)

    Article  Google Scholar 

  30. Smith-Creasey, M., Rajarajan, M.: A continuous user authentication scheme for mobile devices. In: Proceedings of the 14th Annual Conference on Privacy, Security and Trust (PST), pp. 104–113 (2016)

    Google Scholar 

  31. Spitzer, J., Singh, C., Schweitzer, D.: A security class project in graphical passwords. J. Comput. Sci. Coll. 26(2), 7–13 (2010)

    Google Scholar 

  32. Shahzad, M., Liu, A.X., Samuel, A.: Behavior based human authentication on touch screen devices using gestures and signatures. IEEE Trans. Mob. Comput. 16(10), 2726–2741 (2017)

    Article  Google Scholar 

  33. Sharma, V., Enbody, R.: User authentication and identification from user interface interactions on touch-enabled devices. In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), pp. 1–11 (2017)

    Google Scholar 

  34. Suo, X., Zhu, Y., Owen, G.S.: Graphical passwords: a survey. In: Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC), pp. 463–472. IEEE Computer Society, USA (2005)

    Google Scholar 

  35. Sun, H., Chen, Y., Fang, C., Chang, S.: PassMap: a map based graphical-password authentication system. In: Proceedings of AsiaCCS, pp. 99–100 (2012)

    Google Scholar 

  36. Tao, H., Adams, C.: Pass-Go: a proposal to improve the usability of graphical passwords. Int. J. Netw. Secur. 2(7), 273–292 (2008)

    Google Scholar 

  37. Thorpe, J., MacRae, B., Salehi-Abari, A.: Usability and security evaluation of geopass: a geographic location-password scheme. In: Proceedings of the 9th Symposium on Usable Privacy and Security (SOUPS), pp. 1–14 (2013)

    Google Scholar 

  38. Wang, L., et al.: Unlock with your heart: heartbeat-based authentication on commercial mobile phones. In: Proceedings of ACM Interactive, Mobile, Wearable Ubiquitous Technologies, vol. 2, no. 3, pp. 140:1–140:22 (2018)

    Google Scholar 

  39. Weka: Machine Learning Software in Java. https://www.cs.waikato.ac.nz/ml/weka/

  40. Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: Passpoints: design and longitudinal evaluation of a graphical password system. Int. J. Hum.-Comput. Stud. 63(1–2), 102–127 (2005)

    Article  Google Scholar 

  41. Weir, M., Aggarwal, S., Collins, M., Stern, H.: Testing metrics for password creation policies by attacking large sets of revealed passwords. In: Proceedings of CCS, pp. 162–175 (2010)

    Google Scholar 

  42. Yi, S., Qin, Z., Carter, N., Li, Q.: WearLock: unlocking your phone via acoustics using smartwatch. In: ICDCS, pp. 469–479 (2017)

    Google Scholar 

  43. Zheng, N., Bai, K., Huang, H., Wang, H.: You are how you touch: user verification on smartphones via tapping behaviors. In: Proceedings of the 2014 International Conference on Network Protocols (ICNP), pp. 221–232 (2014)

    Google Scholar 

Download references

Acknowledgments

We would like to thank the participants for their hard work in the user study. This work was partially supported by National Natural Science Foundation of China (No. 61802080 and 61802077).

Author information

Authors and Affiliations

  1. Institute of Artificial Intelligence and Blockchain, Guangzhou University, Guangzhou, China

    Wenjuan Li & Yu Wang

  2. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Kongens Lyngby, Denmark

    Wenjuan Li

  3. KOTO Research Center, Macao, China

    Jiao Tan & Nan Zhu

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jiao Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nan Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Wang .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Bing Chen

  3. Computer Science, Georgia State University, Atlanta, GA, USA

    Wei Li

  4. College of Science and Engineering, Qatar Foundation Education City, Doha, Qatar

    Roberto Di Pietro

  5. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Xuefeng Yan

  6. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Hao Han

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, W., Tan, J., Zhu, N., Wang, Y. (2021). Designing Double-Click-Based Unlocking Mechanism on Smartphones. In: Wang, G., Chen, B., Li, W., Di Pietro, R., Yan, X., Han, H. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2020. Lecture Notes in Computer Science(), vol 12383. Springer, Cham. https://doi.org/10.1007/978-3-030-68884-4_47

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68884-4_47

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68883-7

  • Online ISBN: 978-3-030-68884-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation