Abstract
Smartphones have become ubiquitous in our daily lives; they are used for a wide range of tasks and store increasing amounts of personal data. To minimize risk and prevent misuse of this data by unauthorized users, access must be restricted to verified users. Current classification-based methods for gesture-based user verification only consider single gestures, and not sequences. In this paper, we present a method which utilizes information from sequences of touchscreen gestures, and the context in which the gestures were made using only basic touch features. To evaluate our approach, we built an application which records all the necessary data from the device (touch and contextual sensors which do not consume significant battery life). Using XGBoost on the collected data, we were able to classify between a legitimate user and the population of illegitimate users (imposters) with an average equal error rate (EER) of 4.78% and an average area under the curve (AUC) of 98.15%. Our method demonstrates that by considering only basic touch features and utilizing sequences of gestures, as opposed to individual gestures, the accuracy of the verification process improves significantly.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Lookout Blog: Phone Theft in America: What really happens when your phone gets grabbed (2014). https://blog.lookout.com/blog/2014/05/07/phone-theft-in-america/
Lee, A.: A Thief Snatched My iPhone (2014). http://readwrite.com/2014/06/23/iphone-smartphone-theft-crime/
Consumer Report: Smart phone thefts rose to 3.1 million in 2013 (2014). http://www.consumerreports.org/cro/news/2014/04/smart-phone-thefts-rose-to-3-1-million-last-year/index.htm
Clarke, N.L., Furnell, S.M.: Authentication of users on mobile telephones - a survey of attitudes and practices. Comput. Secur. 24(7), 519–527 (2005)
Vance, A.: If your password is 123456, just make it hackme. N.Y. Times 20, A1 (2010)
Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. In: USENIX Conference on Offensive Technology, pp. 1–7 (2010)
Feng, T., Liu, Z., Kwon, K.A., Shi, W., Carbunar, B., Jiang, Y., Nguyen, N.: Continuous mobile authentication using touchscreen gestures. In: 2012 IEEE International Conference on Technologies for Homeland Security, HST 2012, pp. 451–456 (2012)
Frank, M., et al.: Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans. Inf. Forensics Secur. 8(1), 136–148 (2013)
Murmuria, R., Stavrou, A., Barbará, D., Fleck, D.: Continuous authentication on mobile devices using power consumption, touch gestures and physical movement of users. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 405–424. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26362-5_19
Ben Kimon, L., et al.: User verification on mobile devices using sequences of touch gestures. In: Proceedings of the 25th Conference on User Modeling, Adaptation and Personalization. ACM (2017)
Patel, V.M., Chellappa, R., Chandra, D., Barbello, B.: Continuous user authentication on mobile devices: recent progress and remaining challenges. IEEE Sig. Process. Mag. 33(4), 49–61 (2016)
Feng, T., Yang, J., Yan, Z., Tapia, E.M., Shi, W.: TIPS: context-aware implicit user identification using touch screen in uncontrolled environments. In: Proceedings of the 15th Workshop on Mobile Computing Systems and Applications, pp. 9:1–9:6 (2014)
Zhao, X., Feng, T., Shi, W.: Continuous mobile authentication using a novel graphic touch gesture feature. In: IEEE 6th International Conference on Biometrics: Theory, Applications and Systems, BTAS 2013 (2013)
Zhao, X., Feng, T., Shi, W., Kakadiaris, I.A.: Mobile user authentication using statistical touch dynamics images. IEEE Trans. Inf. Forensics Secur. 9(11), 1780–1789 (2014)
Shi, W., Yang, J., Jiang, Y., Yang, F., Xiong, Y.: SenGuard: passive user identification on smartphones using multiple sensors. In: International Conference on Wireless and Mobile Computing, Networking and Communications, pp. 141–148 (2011)
Huang, J., Ling, C.X.: Using AUC and accuracy in evaluating learning algorithms. IEEE Trans. Knowl. Data Eng. 17(3), 299–310 (2005)
Rokach, L., Maimom, O.: Data mining with decision trees: theory and applications (2007)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Kimon, L.B., Mirsky, Y., Rokach, L., Shapira, B. (2018). Utilizing Sequences of Touch Gestures for User Verification on Mobile Devices. In: Phung, D., Tseng, V., Webb, G., Ho, B., Ganji, M., Rashidi, L. (eds) Advances in Knowledge Discovery and Data Mining. PAKDD 2018. Lecture Notes in Computer Science(), vol 10939. Springer, Cham. https://doi.org/10.1007/978-3-319-93040-4_64
Download citation
DOI: https://doi.org/10.1007/978-3-319-93040-4_64
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93039-8
Online ISBN: 978-3-319-93040-4
eBook Packages: Computer ScienceComputer Science (R0)