Privacy: Gone with the Typing! Identifying Web Users by Their Typing Patterns

Chairunnanda, Prima; Pham, Nam; Hengartner, Urs

doi:10.1109/passat/socialcom.2011.197

Cited by 23 publications

(20 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Related to the work reported in [5], our results imply that, regardless of the users' choices of patterns for authenticating to different service providers, attackers would have a bigger probability to uncover the identity of pseudonymous users based on the biometrics of their secret lock patterns drawn at different websites, assuming that a website can get a hold of users' biometric data. Therefore, using lock patterns as a remote authentication method could result in linkability attacks and user profiling even when using different pseudonyms and patterns as passwords at different services' sites.…”

Section: Implications and Discussionsupporting

confidence: 62%

“…Although these events allow users to browse the Internet in a more user-friendly manner by dragging their finger around to pan a webpage or elements contained within a webpage, this implies that, by implementing these events, any common website 4 U-PrIM (Usable Privacy-enhancing Identity Management for smart applications) http://www.kau.se/en/computer-science/research/research-projects/u-prim 5 An example of the touch and drag events for Firefox on Android devices can be found at http://www.quirksmode.org/m/tests/drag.html (Accessed: 2011-10-27).…”

Section: Implications and Discussionmentioning

confidence: 99%

“…This probability of linking and profiling users could increase if users' pseudonyms can be identified based on their lock pattern behavior when authenticating into different services. Yet another study has shown that users' identities can be reconstructed from their typing patterns while browsing online [5]. In our paper, we consider if similar issues can arise when employing the biometrics of lock patterns for authentication.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Exploring Touch-Screen Biometrics for User Identification on Smart Phones

Angulo

Wästlund

2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Abstract. The use of mobile smart devices for storing sensitive information and accessing online services is increasing. At the same time, methods for authenticating users into their devices and online services that are not only secure, but also privacy and user-friendly are needed. In this paper, we present our initial explorations of the use of lock pattern dynamics as a secure and user-friendly two-factor authentication method. We developed an application for the Android mobile platform to collect data on the way individuals draw lock patterns on a touchscreen. Using a Random Forest machine learning classifier this method achieves an average Equal Error Rate (EER) of approximately 10.39%, meaning that lock patterns biometrics can be used for identifying users towards their device, but could also pose a threat to privacy if the users' biometric information is handled outside their control.

show abstract

Section: Implications and Discussionsupporting

confidence: 62%

Section: Implications and Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Exploring Touch-Screen Biometrics for User Identification on Smart Phones

Angulo

Wästlund

2012

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…[Cai et al, 2011] suggests people to people recommendations for friendships' acceptance by relying on collaborative filtering techniques. In [Chairunnanda et al, 2011], users are suggested to be identified from their typing patterns; whereas chatting patterns are exploited for users' identification in [Roffo et al, 2013]. More recently, [Goga et al, 2013] suggests identifying users across networks based on geo-location and time-stamp information attached to their posts and on their writing styles.…”

Section: Related Workmentioning

confidence: 99%

“…For example, some of them identify users by utilizing their sensitive information such as geo-locations they usually visit and time-stamps of the information they share [Goga et al, 2013]. In [Chairunnanda et al, 2011], authors use typing patterns to identify users, whereas chatting patterns are exploited in [Roffo et al, 2013]. Additionally, other validation approaches have suggested to rely on human feedback.…”

Section: Introductionmentioning

confidence: 99%

CADIVa: cooperative and adaptive decentralized identity validation model for social networks

Soliman

Bahri

Girdzijauskas

et al. 2016

Soc. Netw. Anal. Min.

View full text Add to dashboard Cite

Online Social Networks (OSNs) have successfully changed the way people interact. Online interactions among people span geographical boundaries and interweave with different human-life activities. However, current OSNs identification schemes lack guarantees on quantifying the trustworthiness of online identities of users joining them. Therefore, driven from the need to empower users with an identity validation scheme, we introduce a novel model, Cooperative and Adaptive Decentralized Identity Validation CADIVa, that allows OSN users to assign trust levels to whomever they interact with. CADIVa exploits association rule mining approach to extract the identity correlations among profile attributes in every individual community in a social network. CADIVa is a fully decentralized and adaptive model that exploits fully decentralized learning and cooperative approaches not only to preserve users privacy, but also to increase the system reliability and to make it resilient to mono-failure. CADIVa follows the ensemble learning paradigm to preserve users privacy and employs gossip protocols to achieve efficient and low-overhead communication. We provide two different implementation scenarios of CADIVa. Results confirm CADIVa's ability to provide finegrained community-aware identity validation with average improvement up to 36% and 50% compared to the semi-centralized or global approaches, respectively.

show abstract