TY - GEN
T1 - Sensor-based user authentication
AU - Wang, He
AU - Lymberopoulos, Dimitrios
AU - Liu, Jie
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2015.
PY - 2015
Y1 - 2015
N2 - We study the feasibility of leveraging the sensors embedded on mobile devices to enable a user authentication mechanism that is easy for users to perform, but hard for attackers to bypass. The proposed approach lies on the fact that users perform gestures in a unique way that depends on how they hold the phone, and on their hand’s geometry, size, and flexibility. Based on this observation, we introduce two new unlock gestures that have been designed to enable the phone’s embedded sensors to properly capture the geometry and biokinetics of the user’s hand during the gesture. The touch sensor extracts the geometry and timing of the user hand, while the accelerometer and gyro sensors record the displacement and rotation of the mobile device during the gesture. When combined, a sensor fingerprint for the user is generated. In this approach, potential attackers need to simultaneously reproduce the touch, accelerometer, and gyro sensor signatures to falsely authenticate. Using 5000 gestures recorded over two user studies involving a total of 70 subjects, our results indicate that sensor fingerprints can accurately differentiate users while achieving less than 2.5% false accept and false reject rates. Attackers that directly observe the true user authenticating on a device, can successfully bypass authentication only 3% of the time.
AB - We study the feasibility of leveraging the sensors embedded on mobile devices to enable a user authentication mechanism that is easy for users to perform, but hard for attackers to bypass. The proposed approach lies on the fact that users perform gestures in a unique way that depends on how they hold the phone, and on their hand’s geometry, size, and flexibility. Based on this observation, we introduce two new unlock gestures that have been designed to enable the phone’s embedded sensors to properly capture the geometry and biokinetics of the user’s hand during the gesture. The touch sensor extracts the geometry and timing of the user hand, while the accelerometer and gyro sensors record the displacement and rotation of the mobile device during the gesture. When combined, a sensor fingerprint for the user is generated. In this approach, potential attackers need to simultaneously reproduce the touch, accelerometer, and gyro sensor signatures to falsely authenticate. Using 5000 gestures recorded over two user studies involving a total of 70 subjects, our results indicate that sensor fingerprints can accurately differentiate users while achieving less than 2.5% false accept and false reject rates. Attackers that directly observe the true user authenticating on a device, can successfully bypass authentication only 3% of the time.
UR - https://www.scopus.com/pages/publications/84922198225
U2 - 10.1007/978-3-319-15582-1_11
DO - 10.1007/978-3-319-15582-1_11
M3 - 会议稿件
AN - SCOPUS:84922198225
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 168
EP - 185
BT - Wireless Sensor Networks - 12th European Conference, EWSN 2015, Proceedings
A2 - Abdelzaher, Tarek
A2 - Pereira, Nuno
A2 - Tovar, Eduardo
PB - Springer Verlag
T2 - 12th European Conference on Wireless Sensor Networks, EWSN 2015
Y2 - 9 February 2015 through 11 February 2015
ER -