Skip to main content
SpringerLink
Log in

Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones

  • Conference paper
Information Security and Cryptology (Inscrypt 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7763))

Included in the following conference series:

Abstract

Nowadays, touchscreen mobile phones make up a larger and larger share in the mobile market. Users also often use their mobile phones (e.g., Android phones) to store personal and sensitive data. It is therefore important to safeguard mobile phones by authenticating legitimate users and detecting impostors. In this paper, we propose a novel user authentication scheme based on touch dynamics that uses a set of behavioral features related to touch dynamics for accurate user authentication. In particular, we construct and select 21 features that can be used for user authentication. To evaluate the performance of our scheme, we collect and analyze touch gesture data of 20 Android phone users by comparing several known machine learning classifiers. The experimental results show that a neural network classifier is well-suited to authenticate different users with an average error rate of about 7.8% for our selected features. Finally, we optimize the neural network classifier by using Particle Swarm Optimization (PSO) to deal with variations in users’ usage patterns. Experimental results show that the average error rate of our optimized scheme is only about 3%, achieved solely by analyzing the touch behavior of users on an Android phone.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ahmed, A.A.E., Traore, I.: A New Biometric Technology based on Mouse Dynamics. IEEE Transactions on Dependable and Secure Computing 4(3), 165–179 (2007)

    Article  Google Scholar 

  2. Bergadano, F., Gunetti, D., Picardi, C.: User Authentication through Keystroke Dynamics. ACM Transactions on Information and System Security 5(4), 367–397 (2002)

    Article  Google Scholar 

  3. Bishop, C.: Improving the Generalization Properties of Radial Basis Function Neural Networks. Neural Computation 3(4), 579–588 (1991)

    Article  Google Scholar 

  4. Bleha, S., Slivinsky, C., Hussien, B.: Computer-access Security Systems Using Keystroke Dynamics. IEEE Transactions on Pattern Analysis and Machine Intelligence 12(12), 1217–1222 (1990)

    Article  Google Scholar 

  5. Clarke, N.L., Furnell, S.M.: Telephones -A Survey of Attitudes and Practices. Computers & Security 24(7), 519–527 (2005)

    Article  Google Scholar 

  6. Clarke, N.L., Furnell, S.M.: Authenticating Mobile Phone Users Using Keystroke Analysis. International Journal of Information Security 6(1), 1–14 (2007)

    Article  Google Scholar 

  7. Cleary, J.G., Trigg, L.E.: K*: An Instance-based Learner Using an Entropic Distance Measure. In: Proceedings of the 12th International Conference on Machine Learning, pp. 108–114. Morgan Kaufmann (1995)

    Google Scholar 

  8. Dai, J., Zhou, J.: Multifeature-based high-Resolution Palmprint Recognition. IEEE Transactions on Pattern Analysis and Machine Intelligence 33(5), 945–957 (2011)

    Article  Google Scholar 

  9. De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touch Me Once and I Know It’s You!: Implicit Authentication based on Touch Screen Patterns. In: Proceedings of the 2012 ACM Annual Conference on Human Factors in Computing Systems (CHI), pp. 987–996. ACM, New York (2012)

    Chapter  Google Scholar 

  10. Denning, D.E.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering 13(2), 222–232 (1987)

    Article  Google Scholar 

  11. Fahlman, S.E.: An Empirical Study of Learning Speed in Back-propagation Networks. Technical Report CMU-CS-88-162, Carnegie Mellon University, Pittsburgh, PA 15213 (1988)

    Google Scholar 

  12. Fiorella, D., Sanna, A., Lamberti, F.: Multi-touch User Interface Evaluation for 3D Object Manipulation on Mobile Devices. Journal on Multimodal User Interfaces 4(1), 3–10 (2010)

    Article  Google Scholar 

  13. Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The Design and Analysis of Graphical Passwords. In: Proceedings of the 8th USENIX Security Symposium, pp. 1–15. USENIX Association (1999)

    Google Scholar 

  14. Jorgensen, Z., Yu, T.: On Mouse Dynamics as a Behavioral Biometric for Authentication. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), New York, USA, pp. 476–482 (2011)

    Google Scholar 

  15. Karatzouni, S., Clarke, N.: Keystroke Analysis for Thumb-based Keyboards on Mobile Devices. In: Venter, H., Elofif, M., Labuschagne, L., Elofif, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments. IFIP, vol. 232, pp. 253–263. Springer, Boston (2007)

    Chapter  Google Scholar 

  16. Karlson, A.K., Brush, A.B., Schechter, S.: Can I Borrow Your Phone?: Understanding Concerns When Sharing Mobile Phones. In: Proceedings of the 27th International Conference on Human Factors in Computing Systems (CHI), pp. 1647–1650. ACM, New York (2009)

    Chapter  Google Scholar 

  17. Kennedy, J., Eberhart, R.: Particle Swarm Optimization. In: Proceedings of the 1995 IEEE International Conference on Neural Networks, pp. 1942–1948 (1995)

    Google Scholar 

  18. Kim, D., Dunphy, P., Briggs, P., Hook, J., Nicholson, J.W., Nicholson, J., Olivier, P.: Multi-Touch Authentication on Tabletops. In: Proceedings of the 28th International Conference on Human Factors in Computing Systems (CHI), pp. 1093–1102. ACM, New York (2010)

    Chapter  Google Scholar 

  19. Köse, C., İkibaş, C.: A Personal Identification System using Retinal Vasculature in Retinal Fundus Images. Expert Systems with Applications 38(11), 13670–13681 (2011)

    Google Scholar 

  20. Leggett, J., Williams, G., Usnick, M., Longnecker, M.: Dynamic Identity Verification via Keystroke Characteristics. International Journal of Man-Machine Studies 35(6), 859–870 (1991)

    Article  Google Scholar 

  21. Lemos, R.: Passwords: the Weakest Link? Hackers can Crack most in less than a Minute (May 2002), http://news.com/2009-1001-916719.html

  22. Liu, Y., Zheng, Q., Shi, Z., Chen, J.: Training Radial Basis Function Networks with Particle Swarms. In: Yin, F.-L., Wang, J., Guo, C. (eds.) ISNN 2004. LNCS, vol. 3173, pp. 317–322. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Maio, D., Maltoni, D., Wayman, J.L., Jain, A.K.: Fvc2000: Fingerprint Verification Competition. IEEE Transactions on Pattern Analysis and Machine Intelligence 24(3), 402–412 (2002)

    Article  Google Scholar 

  24. Maiorana, E., Campisi, P., González-Carballo, N., Neri, A.: Keystroke Dynamics Authentication for Mobile Phones. In: Proceedings of the 2011 ACM Symposium on Applied Computing (SAC), pp. 21–26. ACM, New York (2011)

    Chapter  Google Scholar 

  25. Matyás Jr., V., Riha, Z.: Toward Reliable User Authentication through Biometrics. IEEE Security and Privacy 1(3), 45–49 (2003)

    Article  Google Scholar 

  26. McAfee and Carnegie Mellon University. Mobility and Security: Dazzling Opportunities, profound challenges (May 2011), http://www.mcafee.com/mobilesecurityreport

  27. McHugh, J.: Intrusion and Intrusion Detection. International Journal of Information Security 1(1), 14–35 (2001)

    MATH  Google Scholar 

  28. Millennial Media. Mobile mix: The mobile device index (2011), http://www.millennialmedia.com/research

  29. N. Mobile and NCSA. Report on Consumer Behaviors and Perceptions of Mobile Security (January 2012), http://docs.nq.com/NQ_Mobile_Security_Survey_Jan2012.pdf

  30. Monrose, F., Reiter, M.K., Wetzel, S.: Password Hardening based on Keystroke Dynamics. International Journal of Information Security 1(2), 69–83 (2002)

    Article  MATH  Google Scholar 

  31. Monrose, F., Rubin, A.: Authentication via Keystroke Dynamics. In: Proceedings of the 4th ACM Conference on Computer and Communications Security (CCS), pp. 48–56. ACM, New York (1997)

    Google Scholar 

  32. Monrose, F., Rubin, A.: Keystroke Dynamics as a Biometric for Authentication. Future Generation Computer Systems 16(4), 351–359 (2000)

    Article  Google Scholar 

  33. Nakkabi, Y., Traoré, I., Ahmed, A.A.E.: Improving Mouse Dynamics Biometric Performance using Variance Reduction via Extractors with Separate Features. IEEE Transactions on Systems, Man, and Cybernetics, Part A 40(6), 1345–1353 (2010)

    Article  Google Scholar 

  34. Nauman, M., Ali, T., Rauf, A.: Using Trusted Computing for Privacy Preserving Keystroke-based Authentication in Smartphones. Telecommunication Systems, 1–13 (2011)

    Google Scholar 

  35. Numabe, Y., Nonaka, H., Yoshikawa, T.: Finger Identification for Touch Panel Operation using Tapping Fluctuation. In: Proceedings of the IEEE 13th International Symposium on Consumer Electronics, pp. 899–902 (May 2009)

    Google Scholar 

  36. Orr, M.J.L.: Introduction to Radial Basis Function Networks (1996)

    Google Scholar 

  37. Paola, J.D., Schowengerdt, R.A.: A Detailed Comparison of Backpropagation Neural Network and Maximum-likelihood Classifiers for Urban Land Use Classification. IEEE Transactions on Geoscience and Remote Sensing 33(4), 981–996 (1995)

    Article  Google Scholar 

  38. Pusara, M., Brodley, C.E.: User Re-Authentication via Mouse Movements. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC), pp. 1–8. ACM, New York (2004)

    Chapter  Google Scholar 

  39. Qasem, S.N., Shamsuddin, S.M.: Hybrid Learning Enhancement of RBF Network based on Particle Swarm Optimization. In: Yu, W., He, H., Zhang, N. (eds.) ISNN 2009, Part III. LNCS, vol. 5553, pp. 19–29. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  40. Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers Inc., San Francisco (1993)

    Google Scholar 

  41. Quinlan, J.R.: Improved Use of Continuous Attributes in C4.5. Journal of Artificial Intelligence Research 4(1), 77–90 (1996)

    MATH  Google Scholar 

  42. Rennie, J.D.M., Shih, L., Teevan, J., Karger, D.R.: Tackling the Poor Assumptions of Naive Bayes Text Classifiers. In: Proceedings of the 20th International Conference on Machine Learning, pp. 616–623 (2003)

    Google Scholar 

  43. Rish, I.: An Empirical Study of the Naive Bayes Classifier. In: Proceedings of IJCAI 2001 Workshop on Empirical Methods in AI, pp. 41–46 (2001)

    Google Scholar 

  44. Robinson, J.A., Liang, V.W., Chambers, J.A.M., MacKenzie, C.L.: Computer User Verification using Login String Keystroke Dynamics. IEEE Transactions on Systems, Man, and Cybernetics, Part A 28(2), 236–241 (1998)

    Article  Google Scholar 

  45. Schmid, N.A., Ketkar, M.V., Singh, H., Cukic, B.: Performance Analysis of Iris-based Identification System at the Matching Score Level. IEEE Transactions on Information Forensics and Security 1(2), 154–168 (2006)

    Article  Google Scholar 

  46. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google Android: A Comprehensive Security Assessment. IEEE Security Privacy 8(2), 35–44 (2010)

    Article  Google Scholar 

  47. Tari, F., Ozok, A.A., Holden, S.H.: A Comparison of Perceived and Real Shoulder-Surfing Risks between Alphanumeric and Graphical Passwords. In: Proceedings of the 2nd Symposium on Usable Privacy and Security (SOUPS), pp. 56–66. ACM, New York (2006)

    Chapter  Google Scholar 

  48. The University of Waikato. WEKA-Waikato Environment for Knowledge Analysis, http://www.cs.waikato.ac.nz/ml/weka/

  49. Wallace, R., McLaren, M., McCool, C., Marcel, S.: Cross-pollination of Normalisation Techniques from Speaker to Face Authentication using Gaussian Mixture Models. IEEE Transactions on Information Forensics and Security 7(2), 553–562 (2012)

    Article  Google Scholar 

  50. Weiss, R., De Luca, A.: Passshapes: Utilizing Stroke based Authentication to Increase Password Memorability. In: Proceedings of the 5th Nordic Conference on Human-Computer Interaction: Building Bridges (NordiCHI), pp. 383–392. ACM, New York (2008)

    Chapter  Google Scholar 

  51. Yao, X.: Evolving Artificial Neural Networks. Proceedings of the IEEE 87(9), 1423–1447 (1999)

    Article  Google Scholar 

  52. Zahid, S., Shahzad, M., Khayam, S.A., Farooq, M.: Keystroke-Based User Identification on Smart Phones. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 224–243. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  53. Zheng, N., Paloski, A., Wang, H.: An Efficient User Verification System via Mouse Movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), pp. 139–150. ACM, New York (2011)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, College of Science and Engineering, City University of Hong Kong, Hong Kong, China

    Yuxin Meng, Duncan S. Wong, Roman Schlegel & Lam-for Kwok

Authors
  1. Yuxin Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Duncan S. Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roman Schlegel
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lam-for Kwok
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Fundamental Problems of Technology, Wrocław University of Technology, Wybrzeże Wyspiańskiego 27, 50-370, Wrocław, Poland

    Mirosław Kutyłowski

  2. Computer Science Department, Columbia University and Google Inc., Amsterdam Avenue 1214, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Meng, Y., Wong, D.S., Schlegel, R., Kwok, Lf. (2013). Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones. In: Kutyłowski, M., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2012. Lecture Notes in Computer Science, vol 7763. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38519-3_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38519-3_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38518-6

  • Online ISBN: 978-3-642-38519-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation