Empirical Evaluation of Rhythm-Based Authentication Method for Mobile Devices

  • Takahiro Hori
  • Yoshihiro Kita
  • Kentaroh Toyoda
  • Naonobu Okazaki
  • Mirang Park
Conference paper
First Online:
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 7)

Abstract

Mobile devices require a screen lock method for authentication. Although conventional screen locks are typically based on pattern, PIN code or password authentication, they are vulnerable to shoulder-surfing attacks and video recording attacks. To avoid such vulnerability, a rhythm-based authentication (RA) method that leverages the timing of screen taps has been proposed as an authentication factor. This method uses features, such as tap pressure, distance between taps, and tap timing, for authentication. However, this method requires a server for a user to be authenticated. In this paper, we propose an improved RA method that can be applied in a mobile device by using a Random Forest classifier. We conducted a series of experiments to clarify (i) importance of the features (ii) classification accuracy, and (iii) required number of taps. The proposed RA method was tested by 24 participants. After carefully choosing features, we show that when the number of taps is five, the accuracy is 94.16%, which is an improvement of 1.79%.

This is a preview of subscription content, log in to check access.

References

  1. 1.
    Alzubaidi, A., Kalita, J.: Authentication of smartphone users using behavioral biometrics. IEEE Commun. Surv. Tutor. 18(3), 1998–2026 (2016)CrossRefGoogle Scholar
  2. 2.
    Araújo, L.C., Sucupira, L.H., Lizarraga, M.G., Ling, L.L., Yabu-Uti, J.B.T.: User authentication through typing biometrics features. IEEE Trans. Signal Process. 53(2), 851–855 (2005)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)CrossRefMATHGoogle Scholar
  4. 4.
    Cao, K., Jain, A.K.: Hacking mobile phones using 2D printed fingerprints (2016). Accessed 27 Mar 2017Google Scholar
  5. 5.
    Chang, T., Peng, C., Tsai, C., Chen, Y., Cheng, P.: Personalized rhythm click based authentication system improvement using a statistical classifier. In: IEEE International Conference on Information Communication and Management (ICICM), pp. 39–43 (2012)Google Scholar
  6. 6.
    Chang, T.Y., Tsai, C.J., Yang, Y.J., Cheng, P.C.: User authentication using rhythm click characteristics for non-keyboard devices. In: International Conference on Asia Agriculture and Animal IPCBEE, pp 167–171 (2011)Google Scholar
  7. 7.
    Crawford, H.: Keystroke dynamics: characteristics and opportunities. In: Privacy Security and Trust (PST), pp. 205–212 (2010)Google Scholar
  8. 8.
    De Luca, A., Harbach, M., von Zezschwitz, E., Maurer, M.E., Slawik, B.E., Hussmann, H., Smith, M.: Now you see me, now you don’t: protecting smartphone authentication from shoulder surfers. In: ACM SIGCHI Conference on Human Factors in Computing Systems, pp. 2937–2946 (2014)Google Scholar
  9. 9.
    Goode, A.: Bring your own finger-how mobile is bringing biometrics to consumers. Biomet. Technol. Today 2014(5), 5–9 (2014)CrossRefGoogle Scholar
  10. 10.
    IPA: Minimum information security controls guide for organizations - IPA (2012). https://www.ipa.go.jp/security/keihatsu/shiori/management/01_guidebook_en.pdf. Accessed 21 Mar 2017
  11. 11.
    Jain, A.K., Ross, A., Prabhakar, S.: An introduction to biometric recognition. IEEE Trans. Circuits Syst. Video Technol. 14(1), 4–20 (2004)CrossRefGoogle Scholar
  12. 12.
    Kita, Y., Aburada, K., Park, M., Okazaki, N.: Proposal of a puzzle authentication method with shoulder-surfing attack resistance and high-usability. IEICE Commun. Express 4(3), 95–98 (2015)CrossRefGoogle Scholar
  13. 13.
    Kita, Y., Kamizato, K., Park, M., Okazaki, N.: Proposal of rhythm authentication method using users classification by self-organizing map. In: The 18th International Conference on Network-Based Infomation System (NBiS2015) (2015)Google Scholar
  14. 14.
    Kohonen, T.: The self-organizing map. Neurocomputing 21(1), 1–6 (1998)CrossRefMATHGoogle Scholar
  15. 15.
    Liaw, A., Wiener, M.: Classocatopm and regrwssion by randomforest. Newslett. R Proj. (R News) 2(3), 18–22 (2002)Google Scholar
  16. 16.
    Rogowski, M., Saeed, K., Rybnik, M., Tabedzki, M., Adamski, M.: User authentication for mobile devices. In: Computer Information Systems and Industrial Management, pp. 47–58 (2013)Google Scholar
  17. 17.
    Takada, T.: FakePointer: an authentication scheme for a better security against a peeping attack by a video camera. In: International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies (UBICOMM) (2008)Google Scholar
  18. 18.
    Teh, P.S., Yue, S., Teoh, A.B.: Feature fusion approach on keystroke dynamics efficiency enhancement. Int. J. Cyber-Secur. Digit. Foren. (IJCSDF) 1(1), 20–31 (2012)Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Takahiro Hori
    • 1
  • Yoshihiro Kita
    • 2
  • Kentaroh Toyoda
    • 3
  • Naonobu Okazaki
    • 4
  • Mirang Park
    • 1
  1. 1.Kanagawa Institute of TechnologyAtsugiJapan
  2. 2.Tokyo University of TechnologyHachiojiJapan
  3. 3.Graduate School of Keio UniversityKohoku-ku, YokohamaJapan
  4. 4.University of MiyazakiMiyazakiJapan

Personalised recommendations