Please hold on: Unobtrusive user authentication using smartphone's built-in sensors

Attaullah Buriro, Bruno Crispo, Yury Zhauniarovich

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

Smartphones provide anytime-anywhere communications and are being increasingly used for a variety of purposes, e.g, sending email, performing online transactions, connecting with friends and acquaintances over social networks. As a result, a considerable amount of sensitive personal information is often generated and stored on smartphones. Thus, smartphone users may face financial as well as sentimental consequences if such information fall in the wrong hands. To address this problem all smartphones provide some form of user authentication, that is the process of verifying the user's identity. Existing authentication mechanisms, such as using 4-digit passcodes or graphical patterns, suffer from multiple limitations-they are neither highly secure nor easy to input. As a results, recent studies found that most smartphone's users do not use any authentication mechanism at all. In this paper, we present a fully unobtrusive user authentication scheme based on micro-movements of the user's hand(s) after the user unlocks her smartphone. The proposed scheme collects data from multiple 3-dimensional smartphone sensors in the background for a specific period of time and profiles a user based on the collected hand(s) movement patterns. Subsequently, the system matches the query pattern with the pre-stored patterns to authenticate the smartphone owner. Our system achieved a True Acceptance Rate (TAR) of 96% at an Equal Error Rate (EER) of 4%, on a dataset of 31 qualified volunteers (53, in total), using Random Forest (RF) classifier. Our scheme can be used as a primary authentication mechanism or can be used as a secondary authentication scheme in conjunction with any of the existing authentication schemes, e.g., passcodes, to improve their security.

Original languageEnglish
Title of host publication2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509055920
DOIs
Publication statusPublished - 13 Jun 2017
Event2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017 - New Delhi, India
Duration: 22 Feb 201724 Feb 2017

Other

Other2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017
CountryIndia
CityNew Delhi
Period22/2/1724/2/17

Fingerprint

Smartphones
Authentication
Sensors
Electronic mail
transaction
social network
communications
Classifiers
acceptance
Communication

ASJC Scopus subject areas

  • Computer Vision and Pattern Recognition
  • Safety Research
  • Public Administration

Cite this

Buriro, A., Crispo, B., & Zhauniarovich, Y. (2017). Please hold on: Unobtrusive user authentication using smartphone's built-in sensors. In 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017 [7947684] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISBA.2017.7947684

Please hold on : Unobtrusive user authentication using smartphone's built-in sensors. / Buriro, Attaullah; Crispo, Bruno; Zhauniarovich, Yury.

2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017. Institute of Electrical and Electronics Engineers Inc., 2017. 7947684.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Buriro, A, Crispo, B & Zhauniarovich, Y 2017, Please hold on: Unobtrusive user authentication using smartphone's built-in sensors. in 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017., 7947684, Institute of Electrical and Electronics Engineers Inc., 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017, New Delhi, India, 22/2/17. https://doi.org/10.1109/ISBA.2017.7947684
Buriro A, Crispo B, Zhauniarovich Y. Please hold on: Unobtrusive user authentication using smartphone's built-in sensors. In 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017. Institute of Electrical and Electronics Engineers Inc. 2017. 7947684 https://doi.org/10.1109/ISBA.2017.7947684
Buriro, Attaullah ; Crispo, Bruno ; Zhauniarovich, Yury. / Please hold on : Unobtrusive user authentication using smartphone's built-in sensors. 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017. Institute of Electrical and Electronics Engineers Inc., 2017.
@inproceedings{1d839790fcef4a06a80c7951d3e3b591,
title = "Please hold on: Unobtrusive user authentication using smartphone's built-in sensors",
abstract = "Smartphones provide anytime-anywhere communications and are being increasingly used for a variety of purposes, e.g, sending email, performing online transactions, connecting with friends and acquaintances over social networks. As a result, a considerable amount of sensitive personal information is often generated and stored on smartphones. Thus, smartphone users may face financial as well as sentimental consequences if such information fall in the wrong hands. To address this problem all smartphones provide some form of user authentication, that is the process of verifying the user's identity. Existing authentication mechanisms, such as using 4-digit passcodes or graphical patterns, suffer from multiple limitations-they are neither highly secure nor easy to input. As a results, recent studies found that most smartphone's users do not use any authentication mechanism at all. In this paper, we present a fully unobtrusive user authentication scheme based on micro-movements of the user's hand(s) after the user unlocks her smartphone. The proposed scheme collects data from multiple 3-dimensional smartphone sensors in the background for a specific period of time and profiles a user based on the collected hand(s) movement patterns. Subsequently, the system matches the query pattern with the pre-stored patterns to authenticate the smartphone owner. Our system achieved a True Acceptance Rate (TAR) of 96{\%} at an Equal Error Rate (EER) of 4{\%}, on a dataset of 31 qualified volunteers (53, in total), using Random Forest (RF) classifier. Our scheme can be used as a primary authentication mechanism or can be used as a secondary authentication scheme in conjunction with any of the existing authentication schemes, e.g., passcodes, to improve their security.",
author = "Attaullah Buriro and Bruno Crispo and Yury Zhauniarovich",
year = "2017",
month = "6",
day = "13",
doi = "10.1109/ISBA.2017.7947684",
language = "English",
booktitle = "2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Please hold on

T2 - Unobtrusive user authentication using smartphone's built-in sensors

AU - Buriro, Attaullah

AU - Crispo, Bruno

AU - Zhauniarovich, Yury

PY - 2017/6/13

Y1 - 2017/6/13

N2 - Smartphones provide anytime-anywhere communications and are being increasingly used for a variety of purposes, e.g, sending email, performing online transactions, connecting with friends and acquaintances over social networks. As a result, a considerable amount of sensitive personal information is often generated and stored on smartphones. Thus, smartphone users may face financial as well as sentimental consequences if such information fall in the wrong hands. To address this problem all smartphones provide some form of user authentication, that is the process of verifying the user's identity. Existing authentication mechanisms, such as using 4-digit passcodes or graphical patterns, suffer from multiple limitations-they are neither highly secure nor easy to input. As a results, recent studies found that most smartphone's users do not use any authentication mechanism at all. In this paper, we present a fully unobtrusive user authentication scheme based on micro-movements of the user's hand(s) after the user unlocks her smartphone. The proposed scheme collects data from multiple 3-dimensional smartphone sensors in the background for a specific period of time and profiles a user based on the collected hand(s) movement patterns. Subsequently, the system matches the query pattern with the pre-stored patterns to authenticate the smartphone owner. Our system achieved a True Acceptance Rate (TAR) of 96% at an Equal Error Rate (EER) of 4%, on a dataset of 31 qualified volunteers (53, in total), using Random Forest (RF) classifier. Our scheme can be used as a primary authentication mechanism or can be used as a secondary authentication scheme in conjunction with any of the existing authentication schemes, e.g., passcodes, to improve their security.

AB - Smartphones provide anytime-anywhere communications and are being increasingly used for a variety of purposes, e.g, sending email, performing online transactions, connecting with friends and acquaintances over social networks. As a result, a considerable amount of sensitive personal information is often generated and stored on smartphones. Thus, smartphone users may face financial as well as sentimental consequences if such information fall in the wrong hands. To address this problem all smartphones provide some form of user authentication, that is the process of verifying the user's identity. Existing authentication mechanisms, such as using 4-digit passcodes or graphical patterns, suffer from multiple limitations-they are neither highly secure nor easy to input. As a results, recent studies found that most smartphone's users do not use any authentication mechanism at all. In this paper, we present a fully unobtrusive user authentication scheme based on micro-movements of the user's hand(s) after the user unlocks her smartphone. The proposed scheme collects data from multiple 3-dimensional smartphone sensors in the background for a specific period of time and profiles a user based on the collected hand(s) movement patterns. Subsequently, the system matches the query pattern with the pre-stored patterns to authenticate the smartphone owner. Our system achieved a True Acceptance Rate (TAR) of 96% at an Equal Error Rate (EER) of 4%, on a dataset of 31 qualified volunteers (53, in total), using Random Forest (RF) classifier. Our scheme can be used as a primary authentication mechanism or can be used as a secondary authentication scheme in conjunction with any of the existing authentication schemes, e.g., passcodes, to improve their security.

UR - http://www.scopus.com/inward/record.url?scp=85022221365&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85022221365&partnerID=8YFLogxK

U2 - 10.1109/ISBA.2017.7947684

DO - 10.1109/ISBA.2017.7947684

M3 - Conference contribution

AN - SCOPUS:85022221365

BT - 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -