1 / 26

Hui Xu, Yangfan Zhou, Michael R. Lyu The Chinese University of Hong Kong huixu@cuhk.hku.hk

Towards Continuous and Passive Authentication via Touch Biometrics An Experimental Study on Smartphones. Hui Xu, Yangfan Zhou, Michael R. Lyu The Chinese University of Hong Kong huixu@cuhk.hku.hk. 1. Motivation. 1. Motivation. Scenario. Who is the user ?. Malicious Attacker.

sharis
Télécharger la présentation

Hui Xu, Yangfan Zhou, Michael R. Lyu The Chinese University of Hong Kong huixu@cuhk.hku.hk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Towards Continuous and Passive Authentication via Touch BiometricsAn Experimental Study on Smartphones Hui Xu, Yangfan Zhou, Michael R. Lyu The Chinese University of Hong Kong huixu@cuhk.hku.hk

  2. 1. Motivation

  3. 1. Motivation Scenario Who is the user ? Malicious Attacker physical access Personal Device Vision: A smartphone should exclusively serve its owner by recognizing its current user.

  4. 1. Motivation Current Solution Smartphone offers different screen locker solutions. No Protection It is not very difficult to break locker (e.g., smudge attack, peeping). Strong Security & Rarely Used Medium Security & Widely Used Pattern PIN Password More importantly, there are no more protections if bypassing the screen locker.

  5. 1. Motivation Continuous and Passive Continuous: The smartphone can authenticate its current user from time to time (whenever there is interaction), not just when unlocking screen. Passive: The authentication is done in the background without any prompt for credentials, which is non-intrusive.

  6. 1. Motivation Why Touch Biometrics Question: How do we recognize a friend passively? Blabla… Answer: Through the information we received from our ears, eyes (i.e., the interfaces). Touchscreen is the dominant human-to-smartphone interface.

  7. 2. Touch-based Authentication Approach

  8. 2. Touch-based Authentication Approach Touch-based Authentication Statistical Pattern Recognition: Touch Data Training Phase Feature Extraction Model Training Labeled Users Models Touch Data Authentication Phase Unknown User Feature Extraction Classification Result

  9. 2. Touch-based Authentication Approach Touch Data 480 X (0,0) General touch data is a sequence of: [Time, Position-X, Position-Y, Size, Pressure] 800 Y

  10. 2. Touch-based Authentication Approach How to Extract Features? Touch data are generated by diverse UI operations: Separation of concern Keystroke Slide Handwriting Pinch

  11. 2. Touch-based Authentication Approach Feature Extraction Some UI Operations related to traditional research area: Top Margin Distance Size Bottom Margin Distance Dwell Time, Pressure, Size Flight Time Keystroke Handwriting

  12. 2. Touch-based Authentication Approach Feature Extraction Cont’d Trajectory Features: position, length, direction Other UI Operations are relatively new: Direction 1st Trajectory Stop Point Start Distance 2ndTrajectory FC Radius Start Point Pinch (49 features) Slide (37 features) Dynamics: pressure, size, velocity Statistical Features: average, standard deviation

  13. 3. Experimental Study

  14. 3. Experimental Study Experimental Data Data acquisition experiment in lab (Aug, 2013): • 32 participants • 21 days Data Collection Tool with Specified Tasks

  15. 3. Experimental Study Biometric Properties* • Universality: every person has the characteristic • Collectability: the characteristic can be collected in numbers • Distinctiveness: each two person should be sufficiently different • Permanence: the characteristic should be stable over a period of time * A.K.Jainet al., An introduction to biometric recognition, 2004

  16. 3. Experimental Study Discrimination Model N Classes • To evaluate • Distinctiveness & • Permanence User-1 User-2 User-3 … User-4 User-n Discriminate When N grows, discrimination becomes less accurate. Unknown User (one of the N users)

  17. 3. Experimental Study Distinctiveness Performance SVM-rbf Kernel + 10 fold cross validation All can achieve:80%

  18. 3. Experimental Study Permanence Performance Not Stable used for training

  19. 3. Experimental Study Permanence Performance Using an Adaptive Approach Improved Train models in an accumulative mode

  20. 3. Experimental Study Authentication Model Two Classes Real Case: We do not know the real attacker. Training Phase: We use some users to mock an attacker Valid User Attacker Authentication the valid user or other person excluding those for mocking the attacker Unknown User

  21. 3. Experimental Study Authentication Performance Average Error Rate = (FAR + FRR)/2 0.75% 5.3% 8.67% 3.33%

  22. 3. Experimental Study Using Consecutive Operations 0.88% 0% Slide Keystroke 5.62% 0% Handwriting Pinch

  23. Conclusion • Touch biometrics is: • Distinctive • Not stable -> Adaptive approach • Promising authentication accuracy

  24. Future Work • Improve accuracy (e.g., via more features, trying other classifiers) • Develop touch-based authentication software • Best practice (e.g., adaptive method, combination of consecutive operations) • Approach to handle noise and new input • Performance issues (e.g., speed, overhead) • Conduct experimental study outside of the lab

  25. Thank You! Questions? Project Website: http://www.cudroid.com/urmajesty

  26. Other Possible Ways • System-based statistical approach • E.g., some performance data collected when running an app. • Statistical-based approach have been proved to be more effective approach in natural language processing than grammatical analysis-based approach • Other sensors Face Recognition Infrared

More Related