Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems

Can Liu; Gradeigh D. Clark; Janne Lindqvist

doi:10.1145/3025453.3025879

Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems

Can Liu, Gradeigh D. Clark, Janne Lindqvist

Not published at Aalto University

Rutgers, The State University of New Jersey

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

16 Citations (Scopus)

Abstract

Gestures have recently gained interest as a secure and usable authentication method for mobile devices. Gesture authentication relies on recognition, wherein raw data is collected from user input and preprocessed into a more manageable form before applying recognition algorithms. Preprocessing is done to improve recognition accuracy, but little work has been done in justifying its effects on authentication. We examined the effects of three variables: Location, rotation, and scale, on authentication accuracy. We found that an authentication-optimal combination (location invariant, scale variant, and rotation variant) can reduce the error rate by 45.3% on average compared to the recognition-optimal combination (all invariant). We analyzed 13 gesture recognizers and evaluated them with three criteria: authentication accuracy, and resistance against both brute-force and imitation attacks. Our novel multi-expert method (Garda) achieved the lowest error rate (0.015) in authentication accuracy, the lowest error rate (0.040) under imitation attacks, and resisted all brute-force attacks.

Original language	English
Title of host publication	CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems
Subtitle of host publication	Explore, Innovate, Inspire
Publisher	ACM
Pages	374-386
Number of pages	13
ISBN (Electronic)	9781450346559
DOIs	https://doi.org/10.1145/3025453.3025879
Publication status	Published - 2 May 2017
MoE publication type	A4 Conference publication
Event	International Conference on Human-Computer Interaction with Mobile Devices and Services - Vienna, Austria Duration: 4 Sept 2017 → 7 Sept 2017 Conference number: 19 https://mobilehci.acm.org/2017/ http://mobilehci.acm.org/2017/

Publication series

Name	Conference on Human Factors in Computing Systems - Proceedings
Volume	2017-May

Conference

Conference	International Conference on Human-Computer Interaction with Mobile Devices and Services
Abbreviated title	MobileHCI
Country/Territory	Austria
City	Vienna
Period	04/09/2017 → 07/09/2017
Internet address	https://mobilehci.acm.org/2017/ http://mobilehci.acm.org/2017/

Keywords

Authentication
Gesture
Mobile device
Security

Access to Document

10.1145/3025453.3025879

Cite this

Liu, C., Clark, G. D., & Lindqvist, J. (2017). Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems. In CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire (pp. 374-386). (Conference on Human Factors in Computing Systems - Proceedings; Vol. 2017-May). ACM. https://doi.org/10.1145/3025453.3025879

@inproceedings{0fc928da57a74fa183c42981a3321d90,

title = "Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems",

abstract = "Gestures have recently gained interest as a secure and usable authentication method for mobile devices. Gesture authentication relies on recognition, wherein raw data is collected from user input and preprocessed into a more manageable form before applying recognition algorithms. Preprocessing is done to improve recognition accuracy, but little work has been done in justifying its effects on authentication. We examined the effects of three variables: Location, rotation, and scale, on authentication accuracy. We found that an authentication-optimal combination (location invariant, scale variant, and rotation variant) can reduce the error rate by 45.3% on average compared to the recognition-optimal combination (all invariant). We analyzed 13 gesture recognizers and evaluated them with three criteria: authentication accuracy, and resistance against both brute-force and imitation attacks. Our novel multi-expert method (Garda) achieved the lowest error rate (0.015) in authentication accuracy, the lowest error rate (0.040) under imitation attacks, and resisted all brute-force attacks.",

keywords = "Authentication, Gesture, Mobile device, Security",

author = "Can Liu and Clark, {Gradeigh D.} and Janne Lindqvist",

year = "2017",

month = may,

day = "2",

doi = "10.1145/3025453.3025879",

language = "English",

series = "Conference on Human Factors in Computing Systems - Proceedings",

publisher = "ACM",

pages = "374--386",

booktitle = "CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems",

address = "United States",

note = "International Conference on Human-Computer Interaction with Mobile Devices and Services, MobileHCI ; Conference date: 04-09-2017 Through 07-09-2017",

url = "https://mobilehci.acm.org/2017/, http://mobilehci.acm.org/2017/",

}

Liu, C, Clark, GD & Lindqvist, J 2017, Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems. in CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. Conference on Human Factors in Computing Systems - Proceedings, vol. 2017-May, ACM, pp. 374-386, International Conference on Human-Computer Interaction with Mobile Devices and Services, Vienna, Austria, 04/09/2017. https://doi.org/10.1145/3025453.3025879

Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems. / Liu, Can; Clark, Gradeigh D.; Lindqvist, Janne.
CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. ACM, 2017. p. 374-386 (Conference on Human Factors in Computing Systems - Proceedings; Vol. 2017-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Where usability and security go hand-in-hand

T2 - International Conference on Human-Computer Interaction with Mobile Devices and Services

AU - Liu, Can

AU - Clark, Gradeigh D.

AU - Lindqvist, Janne

N1 - Conference code: 19

PY - 2017/5/2

Y1 - 2017/5/2

N2 - Gestures have recently gained interest as a secure and usable authentication method for mobile devices. Gesture authentication relies on recognition, wherein raw data is collected from user input and preprocessed into a more manageable form before applying recognition algorithms. Preprocessing is done to improve recognition accuracy, but little work has been done in justifying its effects on authentication. We examined the effects of three variables: Location, rotation, and scale, on authentication accuracy. We found that an authentication-optimal combination (location invariant, scale variant, and rotation variant) can reduce the error rate by 45.3% on average compared to the recognition-optimal combination (all invariant). We analyzed 13 gesture recognizers and evaluated them with three criteria: authentication accuracy, and resistance against both brute-force and imitation attacks. Our novel multi-expert method (Garda) achieved the lowest error rate (0.015) in authentication accuracy, the lowest error rate (0.040) under imitation attacks, and resisted all brute-force attacks.

AB - Gestures have recently gained interest as a secure and usable authentication method for mobile devices. Gesture authentication relies on recognition, wherein raw data is collected from user input and preprocessed into a more manageable form before applying recognition algorithms. Preprocessing is done to improve recognition accuracy, but little work has been done in justifying its effects on authentication. We examined the effects of three variables: Location, rotation, and scale, on authentication accuracy. We found that an authentication-optimal combination (location invariant, scale variant, and rotation variant) can reduce the error rate by 45.3% on average compared to the recognition-optimal combination (all invariant). We analyzed 13 gesture recognizers and evaluated them with three criteria: authentication accuracy, and resistance against both brute-force and imitation attacks. Our novel multi-expert method (Garda) achieved the lowest error rate (0.015) in authentication accuracy, the lowest error rate (0.040) under imitation attacks, and resisted all brute-force attacks.

KW - Authentication

KW - Gesture

KW - Mobile device

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85030872039&partnerID=8YFLogxK

U2 - 10.1145/3025453.3025879

DO - 10.1145/3025453.3025879

M3 - Conference article in proceedings

AN - SCOPUS:85030872039

T3 - Conference on Human Factors in Computing Systems - Proceedings

SP - 374

EP - 386

BT - CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems

PB - ACM

Y2 - 4 September 2017 through 7 September 2017

ER -

Liu C, Clark GD, Lindqvist J. Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems. In CHI 2017 - Proceedings of the 2017 ACM SIGCHI Conference on Human Factors in Computing Systems: Explore, Innovate, Inspire. ACM. 2017. p. 374-386. (Conference on Human Factors in Computing Systems - Proceedings). doi: 10.1145/3025453.3025879

Where usability and security go hand-in-hand: Robust gesture-based authentication for mobile systems

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this