Abdul Serwadda scite author profile

Touch-based verification-the use of touch gestures (e.g., swiping, zooming, etc.) to authenticate users of touch screen devices-has recently been widely evaluated for its potential to serve as a second layer of defense to the PIN lock mechanism. In all performance evaluations of touch-based authentication systems however, researchers have assumed naïve (zero-effort) forgeries in which the attacker makes no effort to mimic a given gesture pattern.In this paper we demonstrate that a simple "Lego" robot driven by input gleaned from general population swiping statistics can generate forgeries that achieve alarmingly high penetration rates against touch-based authentication systems. Using the best classification algorithms in touch-based authentication, we rigorously explore the effect of the attack, finding that it increases the Equal Error Rates of the classifiers by between 339% and 1004% depending on parameters such as the failure-to-enroll threshold and the type of touch stroke generated by the robot. The paper calls into question the zero-effort impostor testing approach used to benchmark the performance of touch-based authentication systems.

show abstract

Continuous authentication of smartphone users by fusing typing, swiping, and phone movement patterns

Kumar

Phoha

Serwadda

2016

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Abdul Serwadda

Which verifiers work?: A benchmark evaluation of touch-based authentication algorithms

Beware, Your Hands Reveal Your Secrets!

Context-Aware Active Authentication Using Smartphone Accelerometer Measurements

When kids' toys breach mobile phone security

Continuous authentication of smartphone users by fusing typing, swiping, and phone movement patterns

Contact Info

Product

Resources

About