Upload
vsb-tecchnical-university-of-ostrava-ostrava-czech-republic
View
137
Download
0
Embed Size (px)
Citation preview
IMPLICIT AUTHENTICATION SYSTEM FOR SMARTPHONES USERS BASED
ON TOUCH DATA
Presented by
Tarek Gaber Faculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt
IT4Invocation, VSB-TUO, Czech Republic
Co-authored by Reham Amin, Tarek Gaber, and Ghada ElTaweel
Faculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
OUTLINES
Introduction
The problem
Research Aim
Proposed Solution
Results and discussion
Conclusion and Future work
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
INTRODUCTION
Smartphones are currently used for:
• Sensitive and private information E.g.:
• Bank credential• Confidential emails• Other privacy issues
Gartner Says 30% of Organizations Will Use Biometric Authentication for Mobile Devices by 2016
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
Does traditional biometric authentication suitable for the smartphones?
THE PROBLEM Smartphones are usually protected using unlock pattern which is subject to:
• Shoulder-surfing attack• Password remembering problem.
• Owner forgets his/her phone• any bystander can pick up the
smartphone, and sends SMS of business secrets to a competitor, and places it back
Resulted in identity theft and privacy violation
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
SOLUTION
Provides authentication system based on touch behavior of users
• The style of a user’s typing on phone.
• Such touch data are available in most smartphones
• Authenticates user without using any external hardware.
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
CHARACTERISTICS OF TOUCH DATA
It is biometrics, • so unique to an individual and difficult to imitate.
•
Non-visual cues for tapping behavior • So, it countermeasures the shoulder-surfing or smudge attacks
Last but not the least, such mechanism require no extra hardware and done implicitly.
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
PROPOSED MODELTheoretical framework
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
DATA COLLECTION: MOBILE APP
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
DATA COLLECTION: PARTICIPANTS
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
FEATURE EXTRACTION
Four features were considered • Size• Pressure• Time• XY Position
The above features are recorded while touching any key
• During the raw touch events(Up, Down and Move).
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
SAMPLE OF COLLECTED DATA
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
OWNER IDENTIFICATION
This was done through the classification phase
• SVM and KNN were used to differentiate between the Mobile's owner and the impostor.
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
RESULTS AND DISCUSSION
KNN classier using the Euclidean Distance was better than SVM.
Features of touch data were able to distinguish stroke behavior among users (discriminating users).
• Users with few times touching the soft keyboard (i.e. only 7 taps) can still be a rich source of data to distinguish among owner and impostor.
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
CONCLUSION AND FUTURE WORK
Implicit authentication could be a good solution to the problem of password or unhook pattern of smartphones
System for authenticating smartphone's users based on touch behavior was proposed
A dataset was collected from participates from different background and ages.
Users were classified using SVM with its 4 kernel functions and KNN classifiers.
It was found that KNN is better than the SVM with its 4 kernel functions .
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
FUTURE WORK
For the future work, we plan to • Collect more data by increasing the number of participates
• Try other classifiers, e.g. Random Linear Oracle.
ECC 2015: June 29 - July 1, Ostrava, Czech Republic
Thanks For any question, contact:
ECC 2015: June 29 - July 1, Ostrava, Czech Republic