TY - GEN
T1 - Secure Pick Up
T2 - 22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017
AU - Lee, Wei Han
AU - Liu, Xiaochen
AU - Shen, Yilin
AU - Jin, Hongxia
AU - Lee, Ruby B.
N1 - Publisher Copyright:
© 2017 Association for Computing Machinery.
PY - 2017/6/7
Y1 - 2017/6/7
N2 - We propose Secure Pick Up (SPU), a convenient, lightweight, indevice, non-intrusive and automatic-learning system for smartphone user authentication. Operating in the background, our system implicitly observes users' phone pick-up movements, the way they bend their arms when they pick up a smartphone to interact with the device, to authenticate the users. Our SPU outperforms the state-of-the-art implicit authentication mechanisms in three main aspects: 1) SPU automatically learns the user's behavioral pattern without requiring a large amount of training data (especially those of other users) as previous methods did, making it more deployable. Towards this end, we propose a weighted multi-dimensional Dynamic Time Warping (DTW) algorithm to effectively quantify similarities between users' pick-up movements; 2) SPU does not rely on a remote server for providing further computational power, making SPU efficient and usable even without network access; and 3) our system can adaptively update a user's authentication model to accommodate user's behavioral drift over time with negligible overhead. Through extensive experiments on real world datasets, we demonstrate that SPU can achieve authentication accuracy up to 96.3% with a very low latency of 2.4 milliseconds. It reduces the number of times a user has to do explicit authentication by 32.9%, while effectively defending against various attacks.
AB - We propose Secure Pick Up (SPU), a convenient, lightweight, indevice, non-intrusive and automatic-learning system for smartphone user authentication. Operating in the background, our system implicitly observes users' phone pick-up movements, the way they bend their arms when they pick up a smartphone to interact with the device, to authenticate the users. Our SPU outperforms the state-of-the-art implicit authentication mechanisms in three main aspects: 1) SPU automatically learns the user's behavioral pattern without requiring a large amount of training data (especially those of other users) as previous methods did, making it more deployable. Towards this end, we propose a weighted multi-dimensional Dynamic Time Warping (DTW) algorithm to effectively quantify similarities between users' pick-up movements; 2) SPU does not rely on a remote server for providing further computational power, making SPU efficient and usable even without network access; and 3) our system can adaptively update a user's authentication model to accommodate user's behavioral drift over time with negligible overhead. Through extensive experiments on real world datasets, we demonstrate that SPU can achieve authentication accuracy up to 96.3% with a very low latency of 2.4 milliseconds. It reduces the number of times a user has to do explicit authentication by 32.9%, while effectively defending against various attacks.
KW - Authentication
KW - Dynamic time warping
KW - Machine learning
KW - Mobile system
KW - Privacy
KW - Security
KW - Smartphone
UR - http://www.scopus.com/inward/record.url?scp=85025472305&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85025472305&partnerID=8YFLogxK
U2 - 10.1145/3078861.3078870
DO - 10.1145/3078861.3078870
M3 - Conference contribution
AN - SCOPUS:85025472305
T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
SP - 67
EP - 78
BT - SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies
PB - Association for Computing Machinery
Y2 - 21 June 2017 through 23 June 2017
ER -