Towards Science of Gesture-Based Authentication

Janne Lindqvist

WINLAB Research Review May 15, 2014

Credit

•  This talk is mostly based on: •  “User-Generated Free-Form Gestures for Authentication:

Security and Memorability” •  Michael Sherman (Rutgers), Gradeigh Clark (Rutgers), Yulong

Yang (Rutgers), Shridatt Sugrim (Rutgers), Arttu Modig (U. Helsinki), Janne Lindqvist (Rutgers), Antti Oulasvirta (MPI Informatics and Saarland University), Teemu Roos (U. Helsinki)

•  To appear in MobiSys’14, June 2014 •  Available at:

http://www.winlab.rutgers.edu/~janne/mobisys14gestures.pdf

Goal

•  Measuring the security and memorability of user-generated free-form gestures

•  No visual reference •  Multitouch: Single or

multiple fingers

But How to Measure?

•  No metrics available •  Previous work

focused on ad hoc metrics: quality of recognizers

Why Yet Another Auth?

Security of Text-Based Passwords

•  NIST standard for estimating the security of text-based passwords is based purely on length

–  Plus magic numbers

•  Assumes randomly chosen string of letters •  Used also to model human-chosen passwords

–  Overestimates the size of the possible password space •  Other methods: password cracking

Intuition for Gesture Security

•  Mutual information I(x ; y) = H(x) – H(x|y)

•  H(x) entropy (“uncertainty” or “surprisingness”) of intended gestures

-> “complexity” of gesture

•  H(x|y) conditional entropy (remaining uncertainty) of intended gesture given observed gesture

-> “accuracy” of gesture

Gestures X and Y

x y

Best Fit Lines for Both Gestures

Best Fit Example

Residuals

Residuals in Time

•  Residuals in time, not necessary aligned

Alignment of Residuals

•  Residuals in time, not necessary aligned •  Stretching or contracting in time with Canonical Time

Warping

Computing Mutual Information

•  Mutual information I(x ; y) = H(x) – H(x|y)

•  Omitted: how multiple fingers are treated (dimension reduction with PCA)

Method 1/4

•  Participants recruited in two batches May 2013 (33) June 2013 (30)

•  63 first session, 57 in second session •  Aged 18 to 65 (M = 27.2, SD = 9.9) •  22 high school, 23 Bachelor’s, 16 graduate degree

and 2 other degrees •  Time gap between 1st and 2nd session varied

– May volunteers: Mean 14.53 days (SD = 5.81 days) –  June volunteers: Mean 29.52 days (SD = 7.57 days)

Method 2/4

•  Data collected w/ Google Nexus 10 tablet, average 200 FPS

•  Gestures preprocessed to 60 FPS

•  Artifacts etc. corrected

Method 3/4

•  Experiment Design •  17 x 2 mixed factor •  Repeated measurement variable of gesture

repetition (17 levels) –  10 creation (Generate) – 2 repetitions (Recall1 after distraction) – 5 repetitions (Recall2 in second session)

•  Between-subject variable of time gap between two sessions (2 levels)

Method 4/4

•  Procedure •  1st session

–  Gesture Creation (Generate): 1+9 repetitions –  NASA-TLX –  Distraction (Mental rotation, Count down from 20) –  Gesture Recall 1: 2 repetitions –  Demographic questions

•  2nd sessions –  Gesture Recall 2 –  NASA-TLX –  Short survey

Results: Factors Affecting Security

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

0

0.5

1

1.5

2

2.5

3

3.5

Repetition

Duration

(s)

Session 1 Session 2

Single FingerMulti Finger

Results: Factors Affecting Security

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

05

10152025303540

Repetition

MeanI(B

its)

Session 1 Session 2

Results: Factors Affecting Security

0 1 2 3 4 5 6

0

50

100

150

Gesture Duration (S)

MeanI(B

its) Mean I vs Duration

Linear Fit, r2=0.053

Overall Look

0 10 20 30 40 50 60 70 80 90 100 110 120130 140

0

5

10

15

Mean I (Bits)

Cou

nt

Best and Worst Gestures

0

500

1000

1500

2000

2500

I = 142.53 I = 110.54 I = 94.51

0 500 1000 15000

500

1000

1500

2000

2500

I = 1.69

YPosition(P

ixels)

0 500 1000 1500

I = 4.26

X Position (Pixels)0 500 1000 1500

I = 4.57

Finger 1

Finger 2

Fingers Used

1 2 3 40

10

20

30

40

Fingers Used

MeanI(B

its)

1 2 3 40

10

20

30

40

Fingers UsedCou

nt

GenerateRecall2

Memorability vs. Interval

5 10 15 20 25 30 35 40 45

0

0.5

1

1.5

Interval between sessions (Days)

Ratio

ofI

Results: Subjective Task Load Assesment

0

10

20

30

MentalPhysical

Temporal

PerformanceEffort

Frustration

Items of TLX form

Mea

n sc

ore

Sessions12

•  Statistically significant difference w/ Wilcoxon signed-rank test for all items except Frustration

•  Indicates recall less workload than creation

Practical Authentication System Implementation: ROC

0 0.2 0.4 0.6 0.8 10

0.5

1

FPR

TP

R

n=2n=4n=6n=8n=10

0 0.2 0.4 0.6 0.8 10

0.5

1

FPR

TP

R

n=2n=4n=6n=8n=10

Shoulder Surfing Trial

Discussion

•  Security high enough w/ most passwords •  Multifinger gestures???

– Participants overestimated added security? •  Unlike text-based passwords length, duration

not important – Gestures <2s average MI less than 2% of MI of all

•  Memorability: few repetitions needed for a stable password

Towards?

•  Predictability of model? – Shoulder surfing attacks

•  Impact of policies to gesture generation?

•  Incorporating visually cued gestures (graphical password) to the model

•  And lots more

Finally

Thank you!

janne@winlab.rutgers.edu