Smartwatch User Authentication by Sensing Tapping Rhythms and Using One-Class DBSCAN

As important sensors in smart sensing systems, smartwatches are becoming more and more popular. Authentication can help protect the security and privacy of users. In addition to the classic authentication methods, behavioral factors can be used as robust measures for this purpose. This study proposes a lightweight authentication method for smartwatches based on edge computing, which identifies users by their tapping rhythms. Based on the DBSCAN clustering algorithm, a new classification method called One-Class DBSCAN is presented. It first seeks core objects and then leverages them to perform user authentication. We conducted extensive experiments on 6110 real data samples collected from more than 600 users. The results show that our method achieved the lowest Equal Error Rate (EER) of only 0.92%, which was lower than those of other state-of-the-art methods. In addition, a statistical method for detecting the security level of a tapping rhythm is proposed. It can prevent users from setting a simple tapping rhythm password, and thus improve the security of smartwatches.

[1]  Vasaki Ponnusamy,et al.  Mobile Authentication Using Tapping Behavior , 2019 .

[2]  Gary M. Weiss,et al.  Activity recognition using cell phone accelerometers , 2011, SKDD.

[3]  Ashwin Ashok,et al.  Whose move is it anyway? Authenticating smart wearable devices using unique head movement patterns , 2016, 2016 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[4]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[5]  Zheng Song,et al.  An anti-fake iris authentication mechanism for smart glasses , 2013, 2013 3rd International Conference on Consumer Electronics, Communications and Networks.

[6]  Mengjun Xie,et al.  MotionAuth: Motion-based authentication for wrist worn smart devices , 2015, 2015 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops).

[7]  Hans-Peter Kriegel,et al.  A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[8]  Mahadev Satyanarayanan,et al.  The Emergence of Edge Computing , 2017, Computer.

[9]  Daqing Zhang,et al.  Gesture Recognition with a 3-D Accelerometer , 2009, UIC.

[10]  Zhao Wang,et al.  Handwaving Authentication: Unlocking Your Smartwatch Through Handwaving Biometrics , 2017, CCBR.

[11]  Zhao Wang,et al.  Waving Gesture Analysis for User Authentication in the Mobile Environment , 2020, IEEE Network.

[12]  Jiaping Yu,et al.  Survey on IMD and Wearable Devices Security Threats and Protection Methods , 2018, ICCCS.

[13]  Roman L. Lysecky,et al.  Security challenges for medical devices , 2015, Commun. ACM.

[14]  David J. Crandall,et al.  Privacy behaviors of lifeloggers using wearable cameras , 2014, UbiComp.

[15]  Dawn Xiaodong Song,et al.  Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication , 2012, IEEE Transactions on Information Forensics and Security.

[16]  Ian Oakley,et al.  ECG based user authentication for wearable devices using short time Fourier transform , 2016, 2016 39th International Conference on Telecommunications and Signal Processing (TSP).

[17]  Lei Yang,et al.  Beat-PIN: A User Authentication Mechanism for Wearable Devices Through Secret Beats , 2018, AsiaCCS.

[18]  Shahrokh Valaee,et al.  A Novel Accelerometer-based Gesture Recognition System by , 2010 .

[19]  David A. Landgrebe,et al.  A survey of decision tree classifier methodology , 1991, IEEE Trans. Syst. Man Cybern..

[20]  Zhi-Hua Zhou,et al.  Isolation Forest , 2008, 2008 Eighth IEEE International Conference on Data Mining.

[21]  Heinrich Hußmann,et al.  Touch me once and i know it's you!: implicit authentication based on touch screen patterns , 2012, CHI.

[22]  Xiao Chen,et al.  Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection , 2018, IEEE Transactions on Information Forensics and Security.

[23]  Weisong Shi,et al.  The Promise of Edge Computing , 2016, Computer.

[24]  Ahmed Sabbir Arif,et al.  Woodpecker: Secret Back-of-Device Tap Rhythms to Authenticate Mobile Users , 2020, 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[25]  D. Pregibon Logistic Regression Diagnostics , 1981 .

[26]  Prasant Mohapatra,et al.  WearIA: Wearable device implicit authentication based on activity information , 2017, 2017 IEEE 18th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[27]  Dustin van der Haar,et al.  CaNViS: A cardiac and neurological-based verification system that uses wearable sensors , 2015, 2015 Third International Conference on Digital Information, Networking, and Wireless Communications (DINWC).

[28]  Jiang Zhu,et al.  KeySens: Passive User Authentication through Micro-behavior Modeling of Soft Keyboard Interaction , 2013, MobiCASE.

[29]  Dorin Comaniciu,et al.  Mean Shift: A Robust Approach Toward Feature Space Analysis , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[30]  Sheng Wen,et al.  Software Vulnerability Detection Using Deep Neural Networks: A Survey , 2020, Proceedings of the IEEE.

[31]  Mahbub Hassan,et al.  A Survey of Wearable Devices and Challenges , 2017, IEEE Communications Surveys & Tutorials.

[32]  Jie Yang,et al.  Smartphone based user verification leveraging gait recognition for mobile healthcare systems , 2013, 2013 IEEE International Conference on Sensing, Communications and Networking (SECON).

[33]  Ryan J. Halter,et al.  A wearable system that knows who wears it , 2014, MobiSys.

[34]  Lin Zhong,et al.  uWave: Accelerometer-based personalized gesture recognition and its applications , 2009, 2009 IEEE International Conference on Pervasive Computing and Communications.

[35]  David Kotz,et al.  ZEBRA: Zero-Effort Bilateral Recurring Authentication , 2014, IEEE Symposium on Security and Privacy.

[36]  Jugal K. Kalita,et al.  Authentication of Smartphone Users Using Behavioral Biometrics , 2016, IEEE Communications Surveys & Tutorials.

[37]  Kang Ryoung Park,et al.  Iris Recognition in Wearable Computer , 2004, ICBA.

[38]  Sergio Luján-Mora,et al.  Wearable Technology, Privacy Issues , 2018, ICITS.

[39]  Qian Zhang,et al.  VibID: User Identification through Bio-Vibrometry , 2016, 2016 15th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN).

[40]  Nitesh Saxena,et al.  An Offensive and Defensive Exposition of Wearable Computing , 2017, ACM Comput. Surv..

[41]  Mohammad Sayad Haghighi,et al.  A Computationally Intelligent Hierarchical Authentication and Key Establishment Framework for the Internet of Things , 2020, IEEE Internet of Things Magazine.