Tianwen Yu scite author profile

The growing trend of using smartphones as personal computing platforms to access and store private information has stressed the demand for secure and usable authentication mechanisms. This paper investigates the feasibility and applicability of using motion-sensor behavior data for user authentication on smartphones. For each sample of the passcode, sensory data from motion sensors are analyzed to extract descriptive and intensive features for accurate and fine-grained characterization of users’ passcode-input actions. One-class learning methods are applied to the feature space for performing user authentication. Analyses are conducted using data from 48 participants with 129,621 passcode samples across various operational scenarios and different types of smartphones. Extensive experiments are included to examine the efficacy of the proposed approach, which achieves a false-rejection rate of 6.85% and a false-acceptance rate of 5.01%. Additional experiments on usability with respect to passcode length, sensitivity with respect to training sample size, scalability with respect to number of users, and flexibility with respect to screen size were provided to further explore the effectiveness and practicability. The results suggest that sensory data could provide useful authentication information, and this level of performance approaches sufficiency for two-factor authentication on smartphones. Our dataset is publicly available to facilitate future research.

show abstract

Touch-interaction behavior for continuous user authentication on smartphones

Shen

Zhang

Cai

et al. 2015

View full text Add to dashboard Cite

On motion sensors as source for user input inference in smartphones

Shen

Pei

et al. 2015

View full text Add to dashboard Cite

A wealth of sensors on smartphone has greatly enriched people's life, but these sensors also brought potential security problems since they allow third-party applications to monitor the motion changes of smartphones. This paper presents an empirical study of analyzing the characteristics of accelerometer and magnetometer data collected from third-party applications to infer user inputs on smartphone. Specifically, an installed application was run as a background process to monitor the data of motion sensors. Accelerometer data was analyzed to detect the occurrence of touch tap actions. Then the accelerometer data and magnetometer data were combined together to build a model for inferring the tap position on touchscreen. Along with common layouts of keyboard or number pad, one can easily obtain users' inputs. Results indicated that users' inputs could be accurately inferred from the data of motion sensors, with the accuracies of 100% and 80% for tap-action detection and input inference in some cases. We conclude that readings from motion sensor are a powerful side channel for inferring user inputs, and could provide extra avenues for attackers.

show abstract

Big-data analysis of multi-source logs for anomaly detection on network-based system

Jia

Shen²,

Xiao

et al. 2017

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Tianwen Yu

User practice in password security: An empirical study of real-life passwords in the wild

Performance Analysis of Motion-Sensor Behavior for User Authentication on Smartphones

Touch-interaction behavior for continuous user authentication on smartphones

On motion sensors as source for user input inference in smartphones

Big-data analysis of multi-source logs for anomaly detection on network-based system

Contact Info

Product

Resources

About