Touch paper presentation-tarek

transcript

IMPLICIT AUTHENTICATION SYSTEM FOR SMARTPHONES USERS BASED

ON TOUCH DATA

Presented by

Tarek Gaber Faculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt

IT4Invocation, VSB-TUO, Czech Republic

Co-authored by Reham Amin, Tarek Gaber, and Ghada ElTaweel

Faculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt

ECC 2015: June 29 - July 1, Ostrava, Czech Republic

OUTLINES

Introduction

The problem

Research Aim

Proposed Solution

Results and discussion

Conclusion and Future work

INTRODUCTION

Smartphones are currently used for:

• Sensitive and private information E.g.:

• Bank credential• Confidential emails• Other privacy issues

Gartner Says 30% of Organizations Will Use Biometric Authentication for Mobile Devices by 2016

Does traditional biometric authentication suitable for the smartphones?

THE PROBLEM Smartphones are usually protected using unlock pattern which is subject to:

• Shoulder-surfing attack• Password remembering problem.

• Owner forgets his/her phone• any bystander can pick up the

smartphone, and sends SMS of business secrets to a competitor, and places it back

Resulted in identity theft and privacy violation

SOLUTION

Provides authentication system based on touch behavior of users

• The style of a user’s typing on phone.

• Such touch data are available in most smartphones

• Authenticates user without using any external hardware.

CHARACTERISTICS OF TOUCH DATA

It is biometrics, • so unique to an individual and difficult to imitate.

Non-visual cues for tapping behavior • So, it countermeasures the shoulder-surfing or smudge attacks

Last but not the least, such mechanism require no extra hardware and done implicitly.

PROPOSED MODELTheoretical framework

DATA COLLECTION: MOBILE APP

DATA COLLECTION: PARTICIPANTS

FEATURE EXTRACTION

Four features were considered • Size• Pressure• Time• XY Position

The above features are recorded while touching any key

• During the raw touch events(Up, Down and Move).

SAMPLE OF COLLECTED DATA

OWNER IDENTIFICATION

This was done through the classification phase

• SVM and KNN were used to differentiate between the Mobile's owner and the impostor.

RESULTS AND DISCUSSION

KNN classier using the Euclidean Distance was better than SVM.

Features of touch data were able to distinguish stroke behavior among users (discriminating users).

• Users with few times touching the soft keyboard (i.e. only 7 taps) can still be a rich source of data to distinguish among owner and impostor.

CONCLUSION AND FUTURE WORK

Implicit authentication could be a good solution to the problem of password or unhook pattern of smartphones

System for authenticating smartphone's users based on touch behavior was proposed

A dataset was collected from participates from different background and ages.

Users were classified using SVM with its 4 kernel functions and KNN classifiers.

It was found that KNN is better than the SVM with its 4 kernel functions .

FUTURE WORK

For the future work, we plan to • Collect more data by increasing the number of participates

• Try other classifiers, e.g. Random Linear Oracle.

Thanks For any question, contact:

eng.reham_amin@yahoo.com

Touch paper presentation-tarek

Documents