TY - GEN
T1 - SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications
AU - Meng, Weizhi
AU - Li, Wenjuan
AU - Jiang, Lijun
AU - Zhou, Jianying
N1 - Funding Information:
Acknowledgments. We would like to thank all anonymous reviewers for their helpful comments, and Jianying Zhou was supported by SUTD start-up research grant SRG-ISTD-2017-124.
Publisher Copyright:
© IFIP International Federation for Information Processing 2019.
PY - 2019
Y1 - 2019
N2 - Modern smartphones expressed an exponential growth and have become a personal assistant in people’s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1% and 3.7% before and after two weeks, respectively.
AB - Modern smartphones expressed an exponential growth and have become a personal assistant in people’s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1% and 3.7% before and after two weeks, respectively.
KW - Behavioral user authentication
KW - Machine learning
KW - Smartphone security
KW - Social networking
KW - Touch gestures
KW - Usable security
UR - http://www.scopus.com/inward/record.url?scp=85068208647&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-22312-0_13
DO - 10.1007/978-3-030-22312-0_13
M3 - Conference article published in proceeding or book
AN - SCOPUS:85068208647
SN - 9783030223113
T3 - IFIP Advances in Information and Communication Technology
SP - 180
EP - 193
BT - ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings
A2 - Dhillon, Gurpreet
A2 - Karlsson, Fredrik
A2 - Hedström, Karin
A2 - Zúquete, André
PB - Springer New York LLC
T2 - 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019
Y2 - 25 June 2019 through 27 June 2019
ER -