SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications

Weizhi Meng; Wenjuan Li; Lijun Jiang; Jianying Zhou

doi:10.1007/978-3-030-22312-0_13

SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications

Weizhi Meng, Wenjuan Li, Lijun Jiang, Jianying Zhou

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

9 Citations (Scopus)

Abstract

Modern smartphones expressed an exponential growth and have become a personal assistant in people’s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1% and 3.7% before and after two weeks, respectively.

Original language	English
Title of host publication	ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings
Editors	Gurpreet Dhillon, Fredrik Karlsson, Karin Hedström, André Zúquete
Publisher	Springer New York LLC
Pages	180-193
Number of pages	14
ISBN (Print)	9783030223113
DOIs	https://doi.org/10.1007/978-3-030-22312-0_13
Publication status	Published - 2019
Externally published	Yes
Event	34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019 - Lisbon, Portugal Duration: 25 Jun 2019 → 27 Jun 2019

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	562
ISSN (Print)	1868-4238
ISSN (Electronic)	1868-422X

Conference

Conference	34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019
Country/Territory	Portugal
City	Lisbon
Period	25/06/19 → 27/06/19

Keywords

Behavioral user authentication
Machine learning
Smartphone security
Social networking
Touch gestures
Usable security

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications
Information Systems and Management

More information

10.1007/978-3-030-22312-0_13

Cite this

Meng, W., Li, W., Jiang, L., & Zhou, J. (2019). SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications. In G. Dhillon, F. Karlsson, K. Hedström, & A. Zúquete (Eds.), ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings (pp. 180-193). (IFIP Advances in Information and Communication Technology; Vol. 562). Springer New York LLC. https://doi.org/10.1007/978-3-030-22312-0_13

Meng, Weizhi ; Li, Wenjuan ; Jiang, Lijun et al. / SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications. ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings. editor / Gurpreet Dhillon ; Fredrik Karlsson ; Karin Hedström ; André Zúquete. Springer New York LLC, 2019. pp. 180-193 (IFIP Advances in Information and Communication Technology).

@inproceedings{cb261d47840241e3878b2086dff081a5,

title = "SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications",

abstract = "Modern smartphones expressed an exponential growth and have become a personal assistant in people{\textquoteright}s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1\% and 3.7\% before and after two weeks, respectively.",

keywords = "Behavioral user authentication, Machine learning, Smartphone security, Social networking, Touch gestures, Usable security",

author = "Weizhi Meng and Wenjuan Li and Lijun Jiang and Jianying Zhou",

note = "Funding Information: Acknowledgments. We would like to thank all anonymous reviewers for their helpful comments, and Jianying Zhou was supported by SUTD start-up research grant SRG-ISTD-2017-124. Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2019.; 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019 ; Conference date: 25-06-2019 Through 27-06-2019",

year = "2019",

doi = "10.1007/978-3-030-22312-0\_13",

language = "English",

isbn = "9783030223113",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer New York LLC",

pages = "180--193",

editor = "Gurpreet Dhillon and Fredrik Karlsson and Karin Hedstr{\"o}m and Andr{\'e} Z{\'u}quete",

booktitle = "ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings",

address = "United States",

}

Meng, W, Li, W, Jiang, L & Zhou, J 2019, SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications. in G Dhillon, F Karlsson, K Hedström & A Zúquete (eds), ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings. IFIP Advances in Information and Communication Technology, vol. 562, Springer New York LLC, pp. 180-193, 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019, Lisbon, Portugal, 25/06/19. https://doi.org/10.1007/978-3-030-22312-0_13

SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications. / Meng, Weizhi; Li, Wenjuan; Jiang, Lijun et al.
ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings. ed. / Gurpreet Dhillon; Fredrik Karlsson; Karin Hedström; André Zúquete. Springer New York LLC, 2019. p. 180-193 (IFIP Advances in Information and Communication Technology; Vol. 562).

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications

AU - Meng, Weizhi

AU - Li, Wenjuan

AU - Jiang, Lijun

AU - Zhou, Jianying

N1 - Funding Information: Acknowledgments. We would like to thank all anonymous reviewers for their helpful comments, and Jianying Zhou was supported by SUTD start-up research grant SRG-ISTD-2017-124. Publisher Copyright: © IFIP International Federation for Information Processing 2019.

PY - 2019

Y1 - 2019

N2 - Modern smartphones expressed an exponential growth and have become a personal assistant in people’s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1% and 3.7% before and after two weeks, respectively.

AB - Modern smartphones expressed an exponential growth and have become a personal assistant in people’s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1% and 3.7% before and after two weeks, respectively.

KW - Behavioral user authentication

KW - Machine learning

KW - Smartphone security

KW - Social networking

KW - Touch gestures

KW - Usable security

UR - https://www.scopus.com/pages/publications/85068208647

U2 - 10.1007/978-3-030-22312-0_13

DO - 10.1007/978-3-030-22312-0_13

M3 - Conference article published in proceeding or book

AN - SCOPUS:85068208647

SN - 9783030223113

T3 - IFIP Advances in Information and Communication Technology

SP - 180

EP - 193

BT - ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings

A2 - Dhillon, Gurpreet

A2 - Karlsson, Fredrik

A2 - Hedström, Karin

A2 - Zúquete, André

PB - Springer New York LLC

T2 - 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019

Y2 - 25 June 2019 through 27 June 2019

ER -

Meng W, Li W, Jiang L, Zhou J. SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications. In Dhillon G, Karlsson F, Hedström K, Zúquete A, editors, ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings. Springer New York LLC. 2019. p. 180-193. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-030-22312-0_13

SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this