Biometric User Authentication on Mobile Devices through Gameplay REU fellow: Kirsten Giesbrecht 1, Faculty mentor: Dr. Jonathan Voris 2 Affiliation: 1.Centre.

Slides:

Advertisements

Similar presentations

Touch-Screen Mobile- Device Data Collection for Biometrics Studies W. Ciaurro, B. Major, D. Martinez, D. Panchal, G. Perez, M. Rana, R. Rana, R. Reyes,

Advertisements

The purpose of this PowerPoint presentation, is to help the user make the connection between a smart device (iPhone or Droid) and software games written.

Objectives Overview Define an operating system

The purpose of this PowerPoint presentation, is to help the user make the connection between a SmartPhone (iPhone or Droid) and software games written.

Department of Labor HSPD-12

Chameleon: A Novel System for Defending Eavesdropping of Secret Information Saiyma Sarmin Department of Computer.

Top of Content Box Line Subtitle Line Title Line Right Margin Line Wearables: Panacea or Pandora’s Box – A Security Perspective Gary Davis | Chief Consumer.

Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures – You can see it but you can not do it Arjmand Samuel Microsoft Research Muhammad Shahzad.

Student Name: Group.  Developed by Microsoft  Alliance with Nokia in 2011  4 main functions:  Outlook Mobile  Windows Media Player for Windows Mobile.

Disclaimer © 2015 John Straumann. All rights reserved. “Score It! Golf” and other product names are or may be registered trademarks and/or trademarks in.

This course is designed to give you a basic introduction to the ins and outs of using tablet and smartphone technology. By and large, you will learn the.

2015 GenCyber Cybersecurity Workshop Mobile Phone SecurityJuly 10, 2015 Design and User Acceptability Testing of Secure Mobile Phone Authentication Mechanism.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

Exploring the Basics of Windows 8

Operating Systems Chapter 4.

Presentation By Deepak Katta

RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

MPE+ Access Data Evasi0n iPhone 4s/5 Nexus 4 Market Share Information.

A Feasible IMD Communication Protocol: Security without Obscurity REU fellow(s):, Jason Wang 1, Keyon Mohebzad 2, Luke Johnson 3, Faculty mentor: N. Sertac.

July 25, 2010 SensorKDD Activity Recognition Using Cell Phone Accelerometers Jennifer Kwapisz, Gary Weiss, Samuel Moore Department of Computer &

September Activity Recognition and Biometric Identification Using Cell Phone Accelerometers WISDM Project Department of Computer & Info. Science.

Chapter 10: Move! Creating Animation

The University of Akron Dept of Business Technology Computer Information Systems DBMS Functions 2440: 180 Database Concepts Instructor: Enoch E. Damson.

Holistic Mobile Game Development with Unity 2015 Taylor & Francis. All rights Reserved.

 Computer News  Windows 8  Your Computer Problems  Website &  

User Authentication Using a Haptic Stylus REU fellow(s): Janina Grayson 1 Adam Scrivener 2 Faculty mentor: Paolo Gasti, PhD 1, Kiran Balagani, PhD 1 Graduate.

Biometric System Design for Handheld Devices Team 4 Naif Alotaibi, Rich Barilla, Francisco Betances, Aditya Chohan, Alexandra Garcia, Alexander Gazarov,

BY CHEN YEAH TECK Image-Based Authentication for Mobile Phones: Performance and User Opinions Source: Slippery Brick (2006)

Dayton Williams 19 September easy steps, in a step-by-step process, to add Dragonflies or Through the Grief eBooks to Play Books for the purpose.

Permission-based Malware Detection in Android Devices REU fellow: Nadeen Saleh 1, Faculty mentor: Dr. Wenjia Li 2 Affiliation: 1. Florida Atlantic University,

A Unifying Approach to the Design of a Secure Database Operating System Written By: David L. Spooner Ehud Gudes.

Larry Shi Computer Science Department Graduate Research Mini Talk.

Usage Documentation.  Room Scheduling  Retrieve Room Schedules  Schedule Ad-Hoc Meetings  E-Lock Access  Use your phone to unlock a room  Request.

Lesson 1-Logging On to the System. Overview Importance of UNIX/Linux. Logging on to the system.

Operating Systems for Wireless Mobile Devices Dr. Tal Lavian UC Berkeley Engineering, CET Why does.

Hand Scanning for Entering the Building  Hand scanning will keep intruders out and improve the security between the bank and their clients.  This reliable.

© 2015 albert-learning.com Android Operating System ANDROID OPERATING SYSTEM.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Analyzing the Security Infrastructure of the Android Operating System REU TEAM :: Derek Morris Jr., Derrick Baines, Ashley Brown, Raquel Lawrence.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Android Boot Camp.

Web: ~ laoudias/pages/platform.htmlhttp://www2.ucy.ac.cy/ ~ laoudias/pages/platform.html

CSCE 201 Identification and Authentication Fall 2015.

IPad Basics Steve Kruse 2014 Summer Tech Training.

Android Boot Camp for Developers Using Java, Comprehensive: A Guide to Creating Your First Android Apps Chapter 10: Move! Creating Animation 1 Android.

30 Apps for Librarians Sana Moulder & Bryson Kopf.

The types of computers and their functionalities.

Mobile Authentication Swadhin Pradhan Group Presentation.

Mobile Device Security Threats Christina Blakley Host Computer Security.

Current Concerns and the Promise of Grip Gestures Phani Soumya Inguva, Urban Jaklin, Krishna Sindhuja Kalusani, Christian Merchant.

Enhancing PIN entry security against Shoulder-Surfing attacks Amir Tayyebi Moghaddam Master of Industrial Design Candidate 2013 Primary Advisor Dr. Young.

By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.

Android and IOS Permissions Why are they here and what do they want from me?

3 Ways to Transfer Calendar from Android to Android Gihosoft Studio

An Introduction to Biometrics

Operating Systems Salihu Ibrahim Dasuki (PhD) CSC102 INTRODUCTION TO COMPUTER SCIENCE.

A Study of the Channel Mismatch Problem in a Multimodal Face-Voice Biometric Access System FALLON SARATOVSKY, TODD EDWARDS, RICH KUITERS, HUGH ENG, AND.

DISCOVERING COMPUTERS 2018 Digital Technology, Data, and Devices

Computer-User-Input Behavioral Biometrics Dr. Charles C

Computer-User-Input Behavioral Biometrics The Biometrics we focus on at Pace University Dr. Charles C. Tappert Seidenberg School of CSIS, Pace University.

University of Texas Mobile Library Search Application Architecture

Introduction to Mobile Devices

Google 2 Step Verification Backup Codes Google 2 Steps Verification Backup Codes is very important to get access Gmail account. Backup codes is usually.

Internet of Things (IoT)

Follow My Voice: The Future of PHR Authentication

Keystroke Biometric Authentication on Smartphones Using Short Numeric Input Greg: Our project covers the topic of Keystroke Biometric Authentication, which.

Anindya Maiti, Murtuza Jadliwala, Jibo He Igor Bilogrevic

A Framework of Remote Biometric Authentication on the Open Network

Faculty of Science IT Department Lecturer: Raz Dara MA.

ConText By: Team Flirt.

Figure 2: Tasks and the corresponding features explored in the study.

Presentation transcript:

Biometric User Authentication on Mobile Devices through Gameplay REU fellow: Kirsten Giesbrecht 1, Faculty mentor: Dr. Jonathan Voris 2 Affiliation: 1.Centre College 2. School of Engineering and Computing Sciences, NYIT NYIT Research Experience for Undergraduates (REU) May 26 – July 30, 2015 User Authentication Alphanumeric Passcodes Easily Forgotten Visual Passcodes Smudge Attacks or Shoulder Surfing Biometric Features Physical- fingerprints Behavioral- pressure, location, duration of touch Difficult to replicate, used for identification Related Research: 77% accuracy in a long-term study using a visual password pattern 100% accuracy in authenticating smartphone owner after 6 swipes in another study Users identified through gameplay using biometric features extracted from mouse clicks on desktop computers Biometric features extracted through gameplay on touch screens of mobile devices for user authentication has not been tested Future Work Create a new game if data analysis indicates that the biometric features are reliable in identification Edit the android kernel and insert the new game into it, replacing the original unlocking mechanism. References: 1.Shi, E., Niu, Y., Jakobsson, M., & Chow, R. (2011). Implicit authentication through learning user behavior. In Information security (pp ). Springer Berlin Heidelberg. 2.Xu, H., Zhou, Y., & Lyu, M. R. (2014, July). Towards Continuous and Passive Authentication via Touch Biometrics: An Experimental Study on Smartphones. In Symposium On Usable Privacy and Security, SOUPS (Vol. 14, pp ). 3.Sitova, Z., Sedenka, J., Yang, Q., Peng, G., Zhou, G., Gasti, P., & Balagani, K. (2015). HMOG: A New Biometric Modality for Continuous Authentication of Smartphone Users. arXiv preprint arXiv: De Luca, A., Hang, A., Brudy, F., Lindner, C., & Hussmann, H. (2012, May). Touch me once and i know it's you!: implicit authentication based on touch screen patterns. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp ). ACM. 5.Angulo, J., & Wästlund, E. (2012). Exploring touch-screen biometrics for user identification on smart phones. In Privacy and Identity Management for Life (pp ). Springer Berlin Heidelberg. 6.Bo, C., Zhang, L., Li, X. Y., Huang, Q., & Wang, Y. (2013, September). Silentsense: silent user identification via touch and movement behavioral biometrics. In Proceedings of the 19th annual international conference on Mobile computing & networking (pp ). ACM. 7.Kaminsky, R., Enev, M., & Andersen, E. (2008). Identifying game players with mouse biometrics. University of Washington, Tech. Rep. 8.Tapellini, D. (2014, May 1). Smart phone thefts rose to 3.1 million in Retrieved June 30, Figure B. Portion of file written by the background application containing biometric features extracted a user while plays Flappy Bird on Motorola Moto G. Figure A. Application displays biometric features extracted from touch operations Acknowledgements The project is funded by the National Science Foundation REU program at the New York Institute of Technology, grant CNS Discussion 34% of users don’t use any locking mechanism on their phones Biometric user authentication framed in a game eliminates: Memorizing a passcode Shoulder surfing or smudge attacks Game framing adds entertainment, an incentive to lock phones GameAction Temple RunSwipe, tilt phone Fruit NinjaSwipe Angry BirdsSwipe, drag Flow FreeSwipe, drag Candy CrushSwipe Flappy BirdTap Methods The researchers propose designing a short game users play to unlock a smartphone, replacing passcodes. Passively authorize users from biometric features extracted from: Swipe or Tap Extracting features: Initial time/ duration Pressure Size location (x,y) Major axis Testing on rooted Samsung Galaxy S III and Motorola Moto G. Table 1. Games available on the Google Play store are tested to investigate if they serve as reliable methods for extracted reliable and unique biometric features 1. Application written in Android Studio is used to display biometric features from touch operations within App ( Fig. A) 2. Background application written for rooted phones writes a file of recorded biometric features from touch data as the user operates the mobile device (Fig. B) 3. Six games from the Google Play store are selected to be tested (Table 1, Fig. C) 4. Researchers are testing the games, playing each game for 15 minutes as the background application records biometric features and writes the file 5. The data collected will be analyzed in Weka. If the results indicate that the features are a reliable form of identification, a new game will be created (Fig. D) 6. The new game will be inserted into the Android kernel, replacing the conventional unlocking mechanisms. As the user plays the game, biometric features from their touch operations will be recorded and analyzed. The user will only gain access to to the mobile device if the features indicate that they are the intended user (Fig. E) Figure C. Candy Crush, Angry Birds, and Temple Run are tested from the Google Play store. The new game may consist of simple movements similar to these games Figure D. Example of data to be analyzed in Weka Figure E. A short and simple game will be used to unlock the phone. For example, the game could involve matching, such as SET