User authentication and identification from user interface interactions on touch-enabled devices. Sharma, V. & Enbody, R., J. In Proceedings of the ACM Conference on Wireless Network Security (WiSec), 2017. ![User authentication and identification from user interface interactions on touch-enabled devices [link]](https://bibbase.org/img/filetypes/link.svg "link")
Website abstract bibtex We investigate if a mobile application running on a touch-enabled device can continuously and unobtrusively authenticate and identify its users based only on their interactions with the user interface of the application. A unique advantage that this modality provides over other implicit modalities on mobile devices is that every user who uses the mobile application is automatically enrolled into the classification system via the touch-based interface, thereby guaranteeing that an attacker cannot avoid the classification system. Using different types of input controls available on the Android platform, we collected interactions from 42 users in five sessions. We created base classifiers from each type of input control and combined them into an ensemble classifier to authenticate and identify users. We found that a Support Vector Machine-based ensemble classifier achieves a mean equal error rate of 7% for user authentication and a median accuracy of 93% for user identification. We found that Support Vector Machine-based ensemble classifiers outperform other techniques in both cases. While the ensemble classifier performance for authentication and identification is not found to be sufficient for it to replace current primary authentication mechanisms used in mobile applications, its truly continuous nature provides motivation for it to be used in conjunction with primary authentication mechanisms. UI interaction-based authentication and identification is independent of swipe gesture-based and keystroke-based authentication, allowing it to be combined with those modalities, while remaining resilient to attacks against those modalities.
@inProceedings{
title = {User authentication and identification from user interface interactions on touch-enabled devices},
type = {inProceedings},
year = {2017},
identifiers = {[object Object]},
keywords = {authentication,behavioral,biometric,smartphone,touchscreen},
websites = {https://www.semanticscholar.org/paper/8a6ff0cf70e0db7a68f169f4dd10e4eb695d7d85},
id = {c81e1187-43bd-3c76-a192-a8441e33f61f},
created = {2018-07-12T21:32:22.845Z},
file_attached = {false},
profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
last_modified = {2018-07-12T21:32:22.845Z},
read = {false},
starred = {false},
authored = {false},
confirmed = {true},
hidden = {false},
citation_key = {sharma:touch-authentication17},
source_type = {inproceedings},
private_publication = {false},
abstract = {We investigate if a mobile application running on a touch-enabled device can continuously and unobtrusively authenticate and identify its users based only on their interactions with the user interface of the application. A unique advantage that this modality provides over other implicit modalities on mobile devices is that every user who uses the mobile application is automatically enrolled into the classification system via the touch-based interface, thereby guaranteeing that an attacker cannot avoid the classification system. Using different types of input controls available on the Android platform, we collected interactions from 42 users in five sessions. We created base classifiers from each type of input control and combined them into an ensemble classifier to authenticate and identify users. We found that a Support Vector Machine-based ensemble classifier achieves a mean equal error rate of 7% for user authentication and a median accuracy of 93% for user identification. We found that Support Vector Machine-based ensemble classifiers outperform other techniques in both cases. While the ensemble classifier performance for authentication and identification is not found to be sufficient for it to replace current primary authentication mechanisms used in mobile applications, its truly continuous nature provides motivation for it to be used in conjunction with primary authentication mechanisms. UI interaction-based authentication and identification is independent of swipe gesture-based and keystroke-based authentication, allowing it to be combined with those modalities, while remaining resilient to attacks against those modalities.},
bibtype = {inProceedings},
author = {Sharma, Vaibhav and Enbody, Richard J},
booktitle = {Proceedings of the ACM Conference on Wireless Network Security (WiSec)}
}
Downloads: 0
{"_id":"5Nx8Lf4Ah89keSy25","bibbaseid":"sharma-enbody-userauthenticationandidentificationfromuserinterfaceinteractionsontouchenableddevices-2017","downloads":0,"creationDate":"2019-02-15T15:15:01.437Z","title":"User authentication and identification from user interface interactions on touch-enabled devices","author_short":["Sharma, V.","Enbody, R., J."],"year":2017,"bibtype":"inProceedings","biburl":null,"bibdata":{"title":"User authentication and identification from user interface interactions on touch-enabled devices","type":"inProceedings","year":"2017","identifiers":"[object Object]","keywords":"authentication,behavioral,biometric,smartphone,touchscreen","websites":"https://www.semanticscholar.org/paper/8a6ff0cf70e0db7a68f169f4dd10e4eb695d7d85","id":"c81e1187-43bd-3c76-a192-a8441e33f61f","created":"2018-07-12T21:32:22.845Z","file_attached":false,"profile_id":"f954d000-ce94-3da6-bd26-b983145a920f","group_id":"b0b145a3-980e-3ad7-a16f-c93918c606ed","last_modified":"2018-07-12T21:32:22.845Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"citation_key":"sharma:touch-authentication17","source_type":"inproceedings","private_publication":false,"abstract":"We investigate if a mobile application running on a touch-enabled device can continuously and unobtrusively authenticate and identify its users based only on their interactions with the user interface of the application. A unique advantage that this modality provides over other implicit modalities on mobile devices is that every user who uses the mobile application is automatically enrolled into the classification system via the touch-based interface, thereby guaranteeing that an attacker cannot avoid the classification system. Using different types of input controls available on the Android platform, we collected interactions from 42 users in five sessions. We created base classifiers from each type of input control and combined them into an ensemble classifier to authenticate and identify users. We found that a Support Vector Machine-based ensemble classifier achieves a mean equal error rate of 7% for user authentication and a median accuracy of 93% for user identification. We found that Support Vector Machine-based ensemble classifiers outperform other techniques in both cases. While the ensemble classifier performance for authentication and identification is not found to be sufficient for it to replace current primary authentication mechanisms used in mobile applications, its truly continuous nature provides motivation for it to be used in conjunction with primary authentication mechanisms. UI interaction-based authentication and identification is independent of swipe gesture-based and keystroke-based authentication, allowing it to be combined with those modalities, while remaining resilient to attacks against those modalities.","bibtype":"inProceedings","author":"Sharma, Vaibhav and Enbody, Richard J","booktitle":"Proceedings of the ACM Conference on Wireless Network Security (WiSec)","bibtex":"@inProceedings{\n title = {User authentication and identification from user interface interactions on touch-enabled devices},\n type = {inProceedings},\n year = {2017},\n identifiers = {[object Object]},\n keywords = {authentication,behavioral,biometric,smartphone,touchscreen},\n websites = {https://www.semanticscholar.org/paper/8a6ff0cf70e0db7a68f169f4dd10e4eb695d7d85},\n id = {c81e1187-43bd-3c76-a192-a8441e33f61f},\n created = {2018-07-12T21:32:22.845Z},\n file_attached = {false},\n profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},\n group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},\n last_modified = {2018-07-12T21:32:22.845Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n citation_key = {sharma:touch-authentication17},\n source_type = {inproceedings},\n private_publication = {false},\n abstract = {We investigate if a mobile application running on a touch-enabled device can continuously and unobtrusively authenticate and identify its users based only on their interactions with the user interface of the application. A unique advantage that this modality provides over other implicit modalities on mobile devices is that every user who uses the mobile application is automatically enrolled into the classification system via the touch-based interface, thereby guaranteeing that an attacker cannot avoid the classification system. Using different types of input controls available on the Android platform, we collected interactions from 42 users in five sessions. We created base classifiers from each type of input control and combined them into an ensemble classifier to authenticate and identify users. We found that a Support Vector Machine-based ensemble classifier achieves a mean equal error rate of 7% for user authentication and a median accuracy of 93% for user identification. We found that Support Vector Machine-based ensemble classifiers outperform other techniques in both cases. While the ensemble classifier performance for authentication and identification is not found to be sufficient for it to replace current primary authentication mechanisms used in mobile applications, its truly continuous nature provides motivation for it to be used in conjunction with primary authentication mechanisms. UI interaction-based authentication and identification is independent of swipe gesture-based and keystroke-based authentication, allowing it to be combined with those modalities, while remaining resilient to attacks against those modalities.},\n bibtype = {inProceedings},\n author = {Sharma, Vaibhav and Enbody, Richard J},\n booktitle = {Proceedings of the ACM Conference on Wireless Network Security (WiSec)}\n}","author_short":["Sharma, V.","Enbody, R., J."],"urls":{"Website":"https://www.semanticscholar.org/paper/8a6ff0cf70e0db7a68f169f4dd10e4eb695d7d85"},"bibbaseid":"sharma-enbody-userauthenticationandidentificationfromuserinterfaceinteractionsontouchenableddevices-2017","role":"author","keyword":["authentication","behavioral","biometric","smartphone","touchscreen"],"downloads":0},"search_terms":["user","authentication","identification","user","interface","interactions","touch","enabled","devices","sharma","enbody"],"keywords":["authentication","behavioral","biometric","smartphone","touchscreen"],"authorIDs":[]}