Understanding Keystroke Dynamics for Smartphone Users Authentication and Keystroke Dynamics on Smartphones Built-In Motion Sensors

Personal Identification Numbers (PINs) and pattern drawing have been used as common authentication methods especially on smartphones. Such methods, however, are very vulnerable to the shoulder surfing attack. Thus, keystroke dynamics that authenticate legitimate users based on their typing manner have been studied for years. However, many of the studies have focused on PC keyboard keystrokes. More studies on mobile and smartphones keystroke dynamics are warranted; as smartphones make progress in both hardware and software, features from smartphones have been diversified. In this paper, using various features including keystroke data such as time interval and motion data such as accelerometers and rotation values, we evaluate features with motion data and without motion data. We also compare 5 formulas for motion data, respectively. We also demonstrate that opposite gender match between a legitimate user and impostors has influence on authenticating by our experiment results.

[1]  Sebastian Möller,et al.  On the need for different security methods on mobile phones , 2011, Mobile HCI.

[2]  Margit Antal,et al.  Keystroke Dynamics on Android Platform , 2015 .

[3]  Adhi Prasetio,et al.  An evaluation of authentication methods for smartphone based on users’ preferences , 2016 .

[4]  Cheng-Jung Tsai,et al.  A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices , 2012, J. Syst. Softw..

[5]  Florian Alt,et al.  Improving Accuracy, Applicability and Usability of Keystroke Biometrics on Mobile Touchscreen Devices , 2015, CHI.

[6]  Mauro Conti,et al.  I Sensed It Was You: Authenticating Mobile Users with Sensor-Enhanced Keystroke Dynamics , 2014, DIMVA.

[7]  Haruhiko Nishimura,et al.  Flick input authentication in Japanese free text entry on smartphones , 2014, 2014 Proceedings of the SICE Annual Conference (SICE).

[8]  Zhi Xu,et al.  TapLogger: inferring user inputs on smartphone touchscreens using on-board motion sensors , 2012, WISEC '12.

[9]  Ning Zhang,et al.  TDAS: a touch dynamics based multi-factor authentication solution for mobile devices , 2016, Int. J. Pervasive Comput. Commun..

[10]  P. Bhattarakosol,et al.  Authenticating User Using Keystroke Dynamics and Finger Pressure , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[11]  Matthias Trojahn BIOMETRIC AUTHENTICATION THROUGH A VIRTUAL KEYBOARD FOR SMARTPHONES , 2012 .

[12]  Javier Guerra-Casanova,et al.  Supervised classification methods applied to keystroke dynamics through mobile devices , 2014, 2014 International Carnahan Conference on Security Technology (ICCST).

[13]  Raymond J Staron,et al.  Personal Attributes Authentication Techniques. , 1977 .

[14]  Cheng-Jung Tsai,et al.  A changeable personal identification number-based keystroke dynamics authentication system on smart phones , 2016, Secur. Commun. Networks.

[15]  Zhide Chen,et al.  An Implicit Identity Authentication System Considering Changes of Gesture Based on Keystroke Behaviors , 2015, Int. J. Distributed Sens. Networks.

[16]  Hai Huang,et al.  You Are How You Touch: User Verification on Smartphones via Tapping Behaviors , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[17]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[18]  William F. Bond,et al.  Touch-based Static Authentication Using a Virtual Grid , 2015, IH&MMSec.

[19]  Sudhir Dhage,et al.  Mobile authentication using keystroke dynamics , 2015, 2015 International Conference on Communication, Information & Computing Technology (ICCICT).

[20]  Norman Shapiro,et al.  Authentication by Keystroke Timing: Some Preliminary Results , 1980 .

[21]  David Umphress,et al.  Identity Verification Through Keyboard Characteristics , 1985, Int. J. Man Mach. Stud..

[22]  Steven Furnell,et al.  Keystroke dynamics on a mobile handset: a feasibility study , 2003, Inf. Manag. Comput. Secur..