User-generated free-form gestures for authentication: Security and memorability

Michael Sherman, Gradeigh Clark, Yulong Yang, Shridatt Sugrim, Arttu Modig, Janne Lindqvist, Antti Oulasvirta, Teemu Roos

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference contributionScientificvertaisarvioitu

62 Sitaatiot (Scopus)

Abstrakti

This paper studies the security and memorability of free-form multitouch gestures for mobile authentication. Towards this end, we collected a dataset with a generate-test-retest paradigm where participants (N=63) generated free-form gestures, repeated them, and were later retested for memory. Half of the participants decided to generate one-finger gestures, and the other half generated multi-finger gestures. Although there has been recent work on template-based gestures, there are yet no metrics to analyze security of either template or free-form gestures. For example, entropy-based metrics used for text-based passwords are not suitable for capturing the security and memorability of free-form gestures. Hence, we modify a recently proposed metric for analyzing information capacity of continuous full-body movements for this purpose. Our metric computed estimated mutual information in repeated sets of gestures. Surprisingly, one-finger gestures had higher average mutual information. Gestures with many hard angles and turns had the highest mutual information. The best-remembered gestures included signatures and simple angular shapes. We also implemented a multitouch recognizer to evaluate the practicality of free-form gestures in a real authentication system and how they perform against shoulder surfing attacks. We discuss strategies for generating secure and memorable free-form gestures. We conclude that free-form gestures present a robust method for mobile authentication.

AlkuperäiskieliEnglanti
OtsikkoMobiSys 2014 - Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services
KustantajaAssociation for Computing Machinery (ACM)
Sivut176-189
Sivumäärä14
ISBN (painettu)9781450327930
DOI - pysyväislinkit
TilaJulkaistu - 2014
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaInternational Conference on Mobile Systems, Applications, and Services - Bretton Woods, Yhdysvallat
Kesto: 16 kesäkuuta 201419 kesäkuuta 2014
Konferenssinumero: 12

Conference

ConferenceInternational Conference on Mobile Systems, Applications, and Services
LyhennettäMobiSys
MaaYhdysvallat
KaupunkiBretton Woods
Ajanjakso16/06/201419/06/2014

Sormenjälki Sukella tutkimusaiheisiin 'User-generated free-form gestures for authentication: Security and memorability'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä