Advertisement

Abstract

The convergence of our increasing reliance on mobile devices to access online services and the increasing number of online services bring to light usability and security problems in password entry. We propose using gestures with taps to the screen as an alternative to passwords. We test the recall and forgery of gesture authentication and show, using dynamic time warping, that even simple gestures are repeatable by their creators yet hard to forge by attackers when taps are added.

Keywords

mobile authentication gestures android security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Weka machine learning project, http://www.cs.waikato.ac.nz/~ml/weka
  2. 2.
    Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 40–46 (1999)CrossRefGoogle Scholar
  3. 3.
    Chong, M.K., Marsden, G.: Exploring the Use of Discrete Gestures for Authentication. In: Gross, T., Gulliksen, J., Kotzé, P., Oestreicher, L., Palanque, P., Prates, R.O., Winckler, M. (eds.) INTERACT 2009. LNCS, vol. 5727, pp. 205–213. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Czeskis, A., Koscher, K., Smith, J., Kohno, T.: Rfids and secret handshakes: defending against ghost-and-leech attacks and unauthorized reads with context-aware communications. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 479–490. ACM, New York (2008)CrossRefGoogle Scholar
  5. 5.
    Farella, E., O’Modhrain, S., Benini, L., Riccó, B.: Gesture Signature for Ambient Intelligence Applications: A Feasibility Study. In: Fishkin, K.P., Schiele, B., Nixon, P., Quigley, A. (eds.) PERVASIVE 2006. LNCS, vol. 3968, pp. 288–304. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Gafurov, D., Helkala, K., Søndrol, T.: Biometric gait authentication using accelerometer sensor. Journal of Computers 1(7) (2006)Google Scholar
  7. 7.
    Gafurov, D., Snekkkenes, E.: Arm swing as a weak biometric for unobtrusive user authentication. In: International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 1080–1087 (2008)Google Scholar
  8. 8.
    Giorgino, T.: Computing and visualizing dynamic time warping alignments in r: The dtw package. Journal of Statistical Software 31(7), 1–24 (2009)CrossRefGoogle Scholar
  9. 9.
    Jain, A., Bolle, R., Pankanti, S. (eds.): Biometrics: Personal Identification in Networked Society. Kluwer Academic Publishers (1999)Google Scholar
  10. 10.
    Jakobsson, M., Shi, E., Golle, P., Chow, R.: Implicit authentication for mobile devices. In: 4th USENIX Workshop on Hot Topics in Security, HotSec 2009 (2009)Google Scholar
  11. 11.
    Karlof, C., Goto, B., Wagner, D.: Conditioned-safe ceremonies and a user study of an application to web authentication. In: Sixteenth Annual Network and Distributed Systems Security Symposium (2009)Google Scholar
  12. 12.
    Kunze, K.: Context logger, http://contextlogger.blogspot.com/
  13. 13.
    Lei, H., Govindaraju, V.: A comparative study on the consistency of features in on-line signature verification. Pattern Recogn. Lett. 26(15), 2483–2489 (2005)CrossRefGoogle Scholar
  14. 14.
    Liu, J., Wang, Z., Zhong, L., Wickramasuriya, J., Vasudevan, V.: uWave: Accelerometer-based personalized gesture recognition and its applications. In: IEEE Int. Conf. Pervasive Computing and Communication (PerCom) (March 2009)Google Scholar
  15. 15.
    Liu, J., Zhong, L., Wickramasuriya, J., Vasudevan, V.: User evaluation of lightweight user authentication with a single tri-axis accelerometer. In: Proceedings of the 11th International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI 2009, pp. 15:1–15:10. ACM, New York (2009)Google Scholar
  16. 16.
    Mäntyjärvi, J., Lindholm, M., Vildjiounaite, E., Mäkelä, S., Ailisto, H.: Identifying users of portable devices from gait pattern with accelerometers. In: Proceedings of IEEE Interational Conference on Acoustics, Speech, and Signal Processing, ICASSP 2005 (2005)Google Scholar
  17. 17.
    Nalwa, V.S.: Automatic On-line Signature Verification. In: Chin, R., Pong, T.-C. (eds.) ACCV 1998. LNCS, vol. 1351, pp. 10–15. Springer, Heidelberg (1997)Google Scholar
  18. 18.
    Patel, S., Pierce, J., Abowd, G.: A gesture-based authentication scheme for untrusted public terminals. In: ACM Symposium on User Interface Software and Technology, pp. 157–160. ACM Press (2004)Google Scholar
  19. 19.
    Poppinga, B., Schlömer, T.: wiigee: A Java based gesture recognition library for the wii remote, http://wiigee.sourceforge.net/
  20. 20.
    Pylvänäinen, T.: Accelerometer Based Gesture Recognition Using Continuous HMMs. In: Marques, J.S., Pérez de la Blanca, N., Pina, P. (eds.) IbPRIA 2005, Part I. LNCS, vol. 3522, pp. 639–646. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Ravi, N., Dandekar, N., Mysore, P., Littman, M.: Activity recognition from accelerometer data. In: American Association for Artificial Intelligence (2005)Google Scholar
  22. 22.
    Schlömer, T., Poppinga, B., Henze, N., Boll, S.: Gesture recognition with a wii controller. In: TEI 2008: Proceedings of the 2nd International Conference on Tangible and Embedded Interaction, pp. 11–14. ACM, New York (2008)Google Scholar
  23. 23.
    Wobbrock, J.O.: Tapsongs: tapping rhythm-based passwords on a single binary sensor. In: Proceedings of the 22nd Annual ACM Symposium on User Interface Software and Technology, UIST 2009, pp. 93–96. ACM, New York (2009)Google Scholar
  24. 24.
    Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: Empirical results. IEEE Security and Privacy 2(5), 25–31 (2004)CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2012

Authors and Affiliations

  • Yuan Niu
    • 1
  • Hao Chen
    • 1
  1. 1.University of California at DavisDavisUSA

Personalised recommendations