This paper introduces DialerAuth - a mechanism which leverages the way a smartphone user taps/enters any “text-independent" 10-digit number (replicating the dialing process) and the hand’s micro-movements she makes while doing so. DialerAuth authenticates the user on the basis of timing differences in the entered 10-digit strokes. DialerAuth provides enhanced security by leveraging the transparent and unobservable layer based on another modality - user’s hand micro-movements. Furthermore, Dialerauth increases the usability and acceptability by utilizing the users’ familiarity with the dialing process and the flexibility of choosing any combination of 10-digit number. We implemented DialerAuth for both data collection and proof-of-concept real-time analysis. We collected, in total ≈10500 legitimate samples involving 97 users, through an extensive unsupervised field experiment, to evaluate the effectiveness of DialerAuth. Analysis using one-class Multilayer Perceptron (MLP) shows a TAR of 85.77% in identifying the genuine users. Security analysis involving ≈240 adversarial attempts proved DialerAuth as significantly resilient against random and mimic attacks. A usability study based on System Usability Scale (SUS) reflects a positive feedback on user acceptance (SUS score = 73.29).
Dialerauth: A motion-assisted touch-based smartphone user authentication scheme / Buriro, Attaullah; Gupta, Sandeep; Crispo, Bruno; Del Frari, Filippo. - 2018-:(2018), pp. 267-276. ((Intervento presentato al convegno 8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018 tenutosi a Tempe, AZ USA nel 19th - 21st March, 2018 [10.1145/3176258.3176318].
Titolo: | Dialerauth: A motion-assisted touch-based smartphone user authentication scheme | |
Autori: | Buriro, Attaullah; Gupta, Sandeep; Crispo, Bruno; Del Frari, Filippo | |
Autori Unitn: | ||
Titolo del volume contenente il saggio: | CODASPY 2018 - Proceedings of the 8th ACM Conference on Data and Application Security and Privacy | |
Luogo di edizione: | New York, NY, USA | |
Casa editrice: | Association for Computing Machinery, Inc | |
Anno di pubblicazione: | 2018 | |
Codice identificativo Scopus: | 2-s2.0-85052022924 | |
Codice identificativo WOS: | WOS:000492951400037 | |
ISBN: | 9781450356329 | |
Handle: | http://hdl.handle.net/11572/212254 | |
Citazione: | Dialerauth: A motion-assisted touch-based smartphone user authentication scheme / Buriro, Attaullah; Gupta, Sandeep; Crispo, Bruno; Del Frari, Filippo. - 2018-:(2018), pp. 267-276. ((Intervento presentato al convegno 8th ACM Conference on Data and Application Security and Privacy, CODASPY 2018 tenutosi a Tempe, AZ USA nel 19th - 21st March, 2018 [10.1145/3176258.3176318]. | |
Appare nelle tipologie: | 04.1 Saggio in atti di convegno (Paper in Proceedings) |
File in questo prodotto:
File | Descrizione | Tipologia | Licenza | |
---|---|---|---|---|
p267-buriro.pdf | Versione editoriale (Publisher’s layout) | Tutti i diritti riservati (All rights reserved) | Administrator |