SocialAuth: Designing touch behavioral smartphone user authentication based on social networking applications

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedings – Annual report year: 2019Researchpeer-review

View graph of relations

Modern smartphones expressed an exponential growth and have become a personal assistant in people’s daily lives, i.e., keeping connected with peers. Users are willing to store their personal data even sensitive information on the phones, making these devices an attractive target for cyber-criminals. Due to the limitations of traditional authentication methods like Personal Identification Number (PIN), research has been moved to the design of touch behavioral authentication on smartphones. However, how to design a robust behavioral authentication in a long-term period remains a challenge due to behavioral inconsistency. In this work, we advocate that touch gestures could become more consistent when users interact with specific applications. In this work, we focus on social networking applications and design a touch behavioral authentication scheme called SocialAuth. In the evaluation, we conduct a user study with 50 participants and demonstrate that touch behavioral deviation under our scheme could be significantly decreased and kept relatively stable even after a long-term period, i.e., a single SVM classifier could achieve an average error rate of about 3.1% and 3.7% before and after two weeks, respectively.

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings
EditorsGurpreet Dhillon, André Zúquete, Fredrik Karlsson, Karin Hedström
Number of pages14
PublisherSpringer
Publication date1 Jan 2019
Pages180-193
ISBN (Print)9783030223113
DOIs
Publication statusPublished - 1 Jan 2019
Event34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019 - Lisbon, Portugal
Duration: 25 Jun 201927 Jun 2019

Conference

Conference34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019
CountryPortugal
CityLisbon
Period25/06/201927/06/2019
SeriesIFIP Advances in Information and Communication Technology
Volume562
ISSN1868-4238
CitationsWeb of Science® Times Cited: No match on DOI

    Research areas

  • Behavioral user authentication, Machine learning, Smartphone security, Social networking, Touch gestures, Usable security

ID: 189967523