Date post: | 18-Dec-2015 |
Category: |
Documents |
Upload: | audra-oliver |
View: | 213 times |
Download: | 0 times |
Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures – You can see it but you can not do it
Muhammad Shahzad Alex X. LiuDept. of Computer Science and
EngineeringMichigan State University
Arjmand SamuelMicrosoft Research
4
Gesture based Authentication (GEAT) Not What they input but How they input Resilient to
─ Should surfing attack─ Smudge attack
Requires no extra hardware Scientific foundation: human behavior tends to be
consistent in same context.
Muhammad Shahzad
J. A. Ouellete and W. Wood. Habit and intention in everyday life: The multiple processes by which past behavior predicts future behavior. Psychological Bulletin, 124(1):54-74, July 1998.
7
Data Collection Recruited 50 volunteers
─ Ages between 19 and 55─ students, faculty, corporate employees
Gave phones with data collection app to volunteers Data collection app
─ Asked users to perform gestures shown on screen─ Stored the samples in a cloud based storage
Muhammad Shahzad
9
Gesture Features
1. Stroke time2. Inter-stroke time3. Displacement
magnitude4. Displacement direction 5. Velocity magnitude6. Velocity direction7. Device Acceleration S
troke
tim
eIn
ter-
Str
oke
ti
me
Displacement Magnitude
Displacement Direction
Muhammad Shahzad
15
How GEAT works
Collect training samples Generate classification model Securely unlock the phone
Muhammad Shahzad
16
Classification Model Noise removal Features for classification Classifier training and Gesture ranking
Muhammad Shahzad
18
Features for Classification Features used
─ Stroke time─ Inter-stroke time─ Displacement
magnitude─ Displacement direction ─ Velocity magnitude─ Velocity direction─ Device Acceleration
Stroke based
features
Sub-stroke based feature
s
Muhammad Shahzad
20
Classifier training Single class classification Support Vector Distribution Estimation (SVDE)
─ RBF kernel─ Grid search for optimal classifier parameters
Gesture Ranking
Muhammad Shahzad
21
Securely unlocking the device
Accepted AcceptedRejected
Majority Voting Decision: Accepted
Muhammad Shahzad
22
Handling Multiple Behaviors Segregate the samples from different behaviors Generate Minimum Variance Partitions
─ Agglomerative Hierarchical Clustering─ Wards Linkage
Train classifiers for each cluster Test an unknown sample against each cluster
Muhammad Shahzad
24
Accuracy Evaluation
Muhammad Shahzad
Single gesture Three gesturesAvg EER 4.8% with DA 6.8% without DA
Avg EER 1.7% with DA 3.7% without DA
27
Conclusion Proposed a gesture based authentication scheme
─ Improves security and usability─ Resilient to shoulder surfing attacks and smudge attacks─ Handles multiple user behaviors─ Evaluation through simulations and real world
experiments More in the paper
─ Detailed data analysis─ Technical details of
● extracting multiple behaviors● determining duration and locations of sub-strokes● classifier training● more evaluation
Muhammad Shahzad