Draw It As Shown: Behavioral Pattern Lock for Mobile User Authentication

Ku, Yeeun; Park, Leo Hyun; Shin, Sooyeon; Kwon, Taekyoung

doi:10.1109/access.2019.2918647

Cited by 35 publications

(26 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Unlike these studies, the Quad Swipe Pattern is designed to be used as a gateway security protocol rather than a continuous authentication protocol. We find three works, specifically, Ku et al [19], Haberfeld et al [20], and Shahzad et al [26] who explore point-of-entry authentication using touch gestures like ours and eliminate the need for memorizing password, PIN, or passcode. Ku et al [19] explore open lock patterns, Haberfeld et al [20] explore open passcodes, and Shahzad et al [26] explore custom gestures.…”

Section: Our Studymentioning

confidence: 98%

See 1 more Smart Citation

Quad Swipe Pattern: A New Point-of-Entry Security Measure for Smartphone Users

Brown

Hossain²,

Lancor

2021

IEEE Access

View full text Add to dashboard Cite

In this paper, we develop a new point-of-entry security measure for smartphone users. We devise a concept, the "Quad Swipe Pattern", which includes four swipes from a user in four directions and utilizes the user's swipe behavior for authentication. The Quad Swipe Pattern overcomes several shortcomings present in current point-of-entry security measures. We performed several experiments to demonstrate the effectiveness of the Quad Swipe Pattern in smartphone user authentication. We evaluated the Quad Swipe Pattern using five machine learning classifiers, three datasets of different sizes, and five different fingers. In addition, we studied how fusion of information from multiple fingers and multiple classifiers can improve the performance of Quad Swipe Pattern. All of our experimental results show significant promise of the Quad Swipe Pattern as a new point-of-entry security measure for smartphones. With a Neural Network model, the Quad Swipe Pattern achieves the Accuracy of 99.7%, False Acceptance Rate of 0.4%, and False Rejection Rate of 0%. With Support Vector Machine, the Quad Swipe Pattern achieves the Accuracy of 99.5%, False Acceptance Rate of 0.4%, and False Rejection Rate of 1.7%. With fusion of two best fingers, the Quad Swipe Pattern demonstrates an excellent performance of a zero Equal Error Rate.

show abstract

Section: Our Studymentioning

confidence: 98%

“…Ku et al [19] explored open lock patterns for smartphone user authentication. With an open lock pattern, the pattern is displayed and the user log in by dragging his/her fingers over a 3 × 3 grid of dots following the displayed pattern.…”

Section: Related Literaturementioning

confidence: 99%

Quad Swipe Pattern: A New Point-of-Entry Security Measure for Smartphone Users

Brown

Hossain²,

Lancor

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Several papers studied user identification on mobile devices based on motion sensor data [26][27][28][29][30][31][32][33][34][35]. Within the wide range of explored approaches, there are studies that perform user recognition based on voice and accelerometer signals [34], as well as studies that perform human movement tracking based on motion sensors [32].…”

Section: Authentication Based On Motion Sensorsmentioning

confidence: 99%

Improving the Authentication with Built-In Camera Protocol Using Built-In Motion Sensors: A Deep Learning Solution

Benegui

Ionescu

2021

Mathematics

View full text Add to dashboard Cite

In this paper, we propose an enhanced version of the Authentication with Built-in Camera (ABC) protocol by employing a deep learning solution based on built-in motion sensors. The standard ABC protocol identifies mobile devices based on the photo-response non-uniformity (PRNU) of the camera sensor, while also considering QR-code-based meta-information. During registration, users are required to capture photos using their smartphone camera. The photos are sent to a server that computes the camera fingerprint, storing it as an authentication trait. During authentication, the user is required to take two photos that contain two QR codes presented on a screen. The presented QR code images also contain a unique probe signal, similar to a camera fingerprint, generated by the protocol. During verification, the server computes the fingerprint of the received photos and authenticates the user if (i) the probe signal is present, (ii) the metadata embedded in the QR codes is correct and (iii) the camera fingerprint is identified correctly. However, the protocol is vulnerable to forgery attacks when the attacker can compute the camera fingerprint from external photos, as shown in our preliminary work. Hence, attackers can easily remove their PRNU from the authentication photos without completely altering the probe signal, resulting in attacks that bypass the defense systems of the ABC protocol. In this context, we propose an enhancement to the ABC protocol, using motion sensor data as an additional and passive authentication layer. Smartphones can be identified through their motion sensor data, which, unlike photos, is never posted by users on social media platforms, thus being more secure than using photographs alone. To this end, we transform motion signals into embedding vectors produced by deep neural networks, applying Support Vector Machines for the smartphone identification task. Our change to the ABC protocol results in a multi-modal protocol that lowers the false acceptance rate for the attack proposed in our previous work to a percentage as low as 0.07%. In this paper, we present the attack that makes ABC vulnerable, as well as our multi-modal ABC protocol along with relevant experiments and results.

show abstract

“…A complete analysis of our proposed biometric system is carried out regarding the discriminative power of each handwritten digit and the robustness when increasing the length of the password and the number of enrolment samples. Y. Ku et al [39] in this paper presents a novel mechanism based on the pattern lock, in which behavioral biometrics are employed to address these problems. basic idea starts from turning the lock pattern into public knowledge rather than a secret and leveraging touch dynamics.…”

Section: B Drawing Password Authenticationmentioning

confidence: 99%

On-Air Hand-Drawn Doodles for IoT Devices Authentication During COVID-19

Elshenaway

Guirguis

2021

IEEE Access

View full text Add to dashboard Cite

In this paper, a new natural human interaction authentication method has been proposed for the Internet of Things (IoT) devices. In this method the user draws doodles on-air for authentication. On-air drawing, refers to virtually drawing free hand-drawn doodles passwords through hand gestures on the air without touching anything which is recommended during COVID-19. This work uses Google Quick Draw doodles dataset for password doodles. The proposed method is based on a usual video camera, two lightweight Convolutional Neural Networks (CNN) and Kalman filter. The first CNN for hand gestures classification to overcome dynamic hand gestures challenges on the air. The second CNN for authentication verification. Kalman filter is used to correct and smooth the drawn line path on the air. To accept the new authentication method, it must achieve two main goals security and usability. The evaluation of the usability was based on ISO 9241-11:2018 standards usability model. The results revealed that the accuracy of the proposed authentication method is 95% and, the efficiency is 94% and user satisfaction is accepted. The evaluation of the security was based on two threats related to IoT devices which are guessing and physical observation. The results showed that the password strength of the proposed authentication method is stronger than the traditional 4-digits PIN password. The proposed authentication method is also resistant to physical observation threats.

show abstract

Draw It As Shown: Behavioral Pattern Lock for Mobile User Authentication

Cited by 35 publications

References 42 publications

Quad Swipe Pattern: A New Point-of-Entry Security Measure for Smartphone Users

Quad Swipe Pattern: A New Point-of-Entry Security Measure for Smartphone Users

Improving the Authentication with Built-In Camera Protocol Using Built-In Motion Sensors: A Deep Learning Solution

On-Air Hand-Drawn Doodles for IoT Devices Authentication During COVID-19

Contact Info

Product

Resources

About