Abstract
A keystroke authentication method has a lower cost and is more powerful and easier to use than other biometric authentication methods. However, traditional keystroke authentication has many weaknesses and is easy to attack by criminals. Attacks can include shoulder surfing attacks, eavesdropping attacks and key-logger attacks. When users try to access their computer or portable device by using keystroke authentication method, the users must push the correct buttons with the correct rhythm in order to be authenticated. If the users make several failed authentication attempts, the system will lock their account. As a result, the users usually use a simple password and rhythm for accessing their account which will make the risk even higher. This research proposes a new method of a keystroke authentication by using multi-touch technique on touchpad which is embedded on a laptop computer. The users can register their rhythm using their fingers on the touchpad to the system as a biometric authentication. An attacker will have difficulties conducting a shoulder surfing attack. This is because the users have no need to type their password and can use one hand to cover the other hand which is used to make their rhythm for the touch. Furthermore, the users can quickly make the rhythm. An eavesdropping attack is rendered useless since the touchpad can get event data when the users touch it without making any sound. Even though some users may not be vigilant and make tapping sounds, an eavesdropper cannot know how many fingers the users use to tap on the touchpad to make one beat. The research results show that the purposed multi-touch rhythm authentication performs better than the traditional keystroke method and provides better security, usability, and faster authentication.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Kim, J.J., Hong, S.P.: A method of risk assessment for multi-factor authentication. J. Inf. Process. Syst. 7(1), 187–198 (2011)
Mainka, C., Mladenov, V., Guenther, T., Schwenk, J.: Automatic Recognition, Processing and Attacking of Single Sign-On Protocols with Burp Suite (2015)
Subpratatsavee, P., Kuacharoen, P.: Transaction authentication using HMAC-based one-time password and QR code. In: Park, J.J., Stojmenovic, I., Jeong, H.Y., Yi, G. (eds.) Computer Science and its Applications. Lecture Notes in Electrical Engineering (LNEE), vol. 330, pp. 93–98. Springer, Heidelberg (2015)
Kant, C., Nath, R.: Reducing process-time for fingerprint identification system. Int. J. Biometric Bioinform. 3(1), 1–9 (2010)
Bhattacharyya, D., Ranjan, R., Alisherov, F., Choi, M.: Biometric authentication: a review. Int. J. of u- e-Serv. Sci. Technol. 2(3), 13–28 (2009)
Galbally, J., Cappelli, R., Lumini, A., Gonzalez-de-Rivera, G., Maltoni, D., Fierrez, J., Maio, D.: An evaluation of direct attacks using fake fingers generated from ISO templates. Pattern Recogn. Lett. 31(8), 725–732 (2010)
Maiorana, E., Campisi, P., González-Carballo, N., Neri, A.: Keystroke dynamics authentication for mobile phones. In: Proceedings of the 2011 ACM Symposium on Applied Computting, pp. 21–26. ACM (2011)
Shanmugapriya, D., Padmavathi, G.: A survey of biometric keystroke dynamics: approaches, security and challenges. arXiv preprint arXiv:0910.0817 (2009)
Huang, X., Lund, G., Sapeluk, A.: Development of a typing behaviour recognition mechanism on Android. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 1342–1347. IEEE (2012)
Antal, M., Szabó, L.Z., László, I.: Keystroke dynamics on android platform. Procedia Technol. 19, 820–826 (2015)
Saevanee, H., Bhatarakosol, P.: User authentication using combination of behavioral biometrics over the touchpad acting like touch screen of mobile device. In: Computer and Electrical Engineering, pp. 82–86. IEEE (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Wongnarukane, N., Kuacharoen, P. (2017). Rhythm Authentication Using Multi-touch Technology: A New Method of Biometric Authentication. In: Qiu, M. (eds) Smart Computing and Communication. SmartCom 2016. Lecture Notes in Computer Science(), vol 10135. Springer, Cham. https://doi.org/10.1007/978-3-319-52015-5_40
Download citation
DOI: https://doi.org/10.1007/978-3-319-52015-5_40
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-52014-8
Online ISBN: 978-3-319-52015-5
eBook Packages: Computer ScienceComputer Science (R0)