Abstract
We study the feasibility of leveraging the sensors embedded on mobile devices to enable a user authentication mechanism that is easy for users to perform, but hard for attackers to bypass. The proposed approach lies on the fact that users perform gestures in a unique way that depends on how they hold the phone, and on their hand’s geometry, size, and flexibility. Based on this observation, we introduce two new unlock gestures that have been designed to enable the phone’s embedded sensors to properly capture the geometry and biokinetics of the user’s hand during the gesture. The touch sensor extracts the geometry and timing of the user hand, while the accelerometer and gyro sensors record the displacement and rotation of the mobile device during the gesture. When combined, a sensor fingerprint for the user is generated. In this approach, potential attackers need to simultaneously reproduce the touch, accelerometer, and gyro sensor signatures to falsely authenticate. Using 5000 gestures recorded over two user studies involving a total of 70 subjects, our results indicate that sensor fingerprints can accurately differentiate users while achieving less than 2.5% false accept and false reject rates. Attackers that directly observe the true user authenticating on a device, can successfully bypass authentication only 3% of the time.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
1-hand gesture, https://dl.dropboxusercontent.com/u/64756732/gestures/1-hand-gesture.avi
2-hand gesture, https://dl.dropboxusercontent.com/u/64756732/gestures/2-hand-gesture.avi
Angulo, J., Wästlund, E.: Exploring touch-screen biometrics for user identification on smart phones. In: Camenisch, J., Crispo, B., Fischer-Hübner, S., Leenes, R., Russello, G. (eds.) Privacy and Identity Management for Life. IFIP AICT, vol. 375, pp. 130–143. Springer, Heidelberg (2012)
Feng, T., Liu, Z., Kwon, K., Shi, W., Carbunar, B., Jiang, Y., Nguyen, N.: Continuous mobile authentication using touchscreen gestures. In: HST 2012 (2012)
Frank, M., Biedert, R., Ma, E., Martinovic, I., Song, D.: Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Transactions on Information Forensics and Security (2013)
Jain, A., Ross, A., Pankanti, S.: A prototype hand geometry-based verification system. In: AVBPA 1999 (1999)
Jakobsson, M., Shi, E., Golle, P., Chow, R.: Implicit authentication for mobile devices. In: HotSec 2009 (2009)
Kolly, S.M., Wattenhofer, R., Welten, S.: A personal touch: Recognizing users based on touch screen behavior. In: PhoneSense (2012)
Luca, A.D., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Implicit authentication based on touch screen patterns. In: CHI 2012 (2012)
Sae-Bae, N., Ahmed, K., Isbister, K., Memon, N.: Biometric-rich gestures: A novel approach to authentication on multi-touch devices. In: CHI 2012 (2012)
Sato, M., Poupyrev, I., Harrison, C.: Touche: Enhancing touch interaction on humans, screens, liquids, and everyday objects. In: CHI 2012 (2012)
Shahzad, M., Liu, A.X., Samuel, A.: Secure unlocking of mobile touch screen devices by simple gestures: you can see it but you can not do it. In: MobiCom 2013 (2013)
Sherman, M., Clark, G., Yang, Y., Sugrim, S., Modig, A., Lindqvist, J., Oulasvirta, A.: User-generated free-form gestures for authentication: security and memorability. In: MobiSys 2014 (2014)
Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: ACM AVI 2006 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Wang, H., Lymberopoulos, D., Liu, J. (2015). Sensor-Based User Authentication. In: Abdelzaher, T., Pereira, N., Tovar, E. (eds) Wireless Sensor Networks. EWSN 2015. Lecture Notes in Computer Science, vol 8965. Springer, Cham. https://doi.org/10.1007/978-3-319-15582-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-15582-1_11
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15581-4
Online ISBN: 978-3-319-15582-1
eBook Packages: Computer ScienceComputer Science (R0)