research-article

TouchPass: towards behavior-irrelevant on-touch user authentication on smartphones leveraging vibrations

Authors:

Minglu LiAuthors Info & Claims

MobiCom '20: Proceedings of the 26th Annual International Conference on Mobile Computing and Networking

Article No.: 24, Pages 1 - 13

https://doi.org/10.1145/3372224.3380901

Published: 17 April 2020 Publication History

Abstract

With increasing private and sensitive data stored in mobile devices, secure and effective mobile-based user authentication schemes are desired. As the most natural way to contact with mobile devices, finger touches have shown potentials for user authentication. Most existing approaches utilize finger touches as behavioral biometrics for identifying individuals, which are vulnerable to spoofer attacks. To resist attacks for on-touch user authentication on mobile devices, this paper exploits physical characters of touching fingers by investigating active vibration signal transmission through fingers, and we find that physical characters of touching fingers present unique patterns on active vibration signals for different individuals. Based on the observation, we propose a behavior-irrelevant on-touch user authentication system, TouchPass, which leverages active vibration signals on smartphones to extract only physical characters of touching fingers for user identification. TouchPass first extracts features that mix physical characters of touching fingers and behavior biometrics of touching behaviors from vibration signals generated and received by smartphones. Then, we design a Siamese network-based architecture with a specific training sample selection strategy to reconstruct the extracted signal features to behavior-irrelevant features and further build a behavior-irrelevant on-touch user authentication scheme leveraging knowledge distillation. Our extensive experiments validate that TouchPass can accurately authenticate users and defend various attacks.

References

[1]

C. Bo, L. Zhang, X.-Y. Li, Q. Huang, and Y. Wang. Silentsense: silent user identification via touch and movement behavioral biometrics. In Proc. MobiCom'13, pages 187--190. ACM, 2013.

Digital Library

[2]

W. Chen, M. Guan, Y. Huang, L. Wang, R. Ruby, W. Hu, and K. Wu. Vitype: A cost efficient on-body typing system through vibration. In Proc.SECON'18. IEEE, 2018.

Digital Library

[3]

W. C. Chen, L. Chen, Y. Huang, X. Zhang, et al. Taprint: Secure text input for commodity smart wristbands. In Proc. MobiCom'19(Preprint), 2019.

[4]

D. G. Childers, D. P. Skinner, and R. C. Kemerait. The cepstrum: A guide to processing. Proceedings of the IEEE, 65(10):1428--1443, 1977.

[5]

S. Chopra, R. Hadsell, Y. LeCun, et al. Learning a similarity metric discriminatively, with application to face verification. In Proc.CVPR (1)'05. IEEE, 2005.

Digital Library

[6]

I. Daubechies. The wavelet transform, time-frequency localization and signal analysis. IEEE transactions on information theory, 36(5):961--1005, 1990.

Digital Library

[7]

A. De Luca, A. Hang, F. Brudy, C. Lindner, and H. Hussmann. Touch me once and i know it's you!: implicit authentication based on touch screen patterns. In proc. CHI'12, pages 987--996. ACM, 2012.

[8]

N. Dehak, P. J. Kenny, R. Dehak, P. Dumouchel, and P. Ouellet. Front-end factor analysis for speaker verification. IEEE Transactions on Audio, Speech, and Language Processing, 19(4):788--798, 2011.

Digital Library

[9]

T. Feng, Z. Liu, K.-A. Kwon, W. Shi, B. Carbunar, Y. Jiang, and N. Nguyen. Continuous mobile authentication using touchscreen gestures. In Proc. HST'12, pages 451--456. IEEE, 2012.

[10]

T. Feng, J. Yang, Z. Yan, E. M. Tapia, and W. Shi. Tips: Context-aware implicit user identification using touch screen in uncontrolled environments. In Proc. HotMobile'14, page 9. ACM, 2014.

[11]

M. Frank, R. Biedert, E. Ma, I. Martinovic, and D. Song. Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE transactions on information forensics and security, 8(1):136--148, 2013.

Digital Library

[12]

A. P. French. Vibrations and waves. CRC press, 2017.

[13]

G. Hinton, O. Vinyals, and J. Dean. Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531, 2015.

[14]

M. Inalpolat and A. Kahraman. A theoretical and experimental investigation of modulation sidebands of planetary gear sets. Journal of sound and vibration, 323(3--5):677--696, 2009.

[15]

S. Ioffe and C. Szegedy. Batch normalization: Accelerating deep network training by reducing internal covariate shift. arXiv preprint arXiv:1502.03167, 2015.

Digital Library

[16]

ITRC. Lost electronic devices can lead to data breaches. [online]. avaliable: https://www.idtheftcenter.org/lost-electronic-devices-can-lead-to-data-breaches/, 2015.

[17]

A. K. Jain, S. Prabhakar, L. Hong, and S. Pankanti. Filterbank-based fingerprint matching. IEEE transactions on Image Processing, 9(5):846--859, 2000.

Digital Library

[18]

H. Khan, U. Hengartner, and D. Vogel. Targeted mimicry attacks on touch input based implicit authentication schemes. In Proc. MobiSys'16, pages 387--398. ACM, 2016.

Digital Library

[19]

G. Koch, R. Zemel, and R. Salakhutdinov. Siamese neural networks for one-shot image recognition. In Proc.ICML'15, 2015.

[20]

A. Krizhevsky, I. Sutskever, and G. E. Hinton. Imagenet classification with deep convolutional neural networks. In Advances in neural information processing systems, pages 1097--1105, 2012.

Digital Library

[21]

A. Kumar and A. Passi. Comparison and combination of iris matchers for reliable personal authentication. Pattern recognition, 43:1016--1026, 2010.

Digital Library

[22]

G. Laput, R. Xiao, and C. Harrison. Viband: High-fidelity bio-acoustic sensing using commodity smartwatch accelerometers. In Proc.UIST'16. ACM, 2016.

Digital Library

[23]

L. Li, X. Zhao, and G. Xue. Unobservable re-authentication for smartphones. In Proc. NDSS'13, volume 56, pages 57--59, 2013.

[24]

J. Liu, Y. Chen, M. Gruteser, and Y. Wang. Vibsense: Sensing touches on ubiquitous surfaces through vibration. In Proc. SECON'17. IEEE, 2017.

Digital Library

[25]

J. Liu, C. Wang, Y. Chen, and N. Saxena. Vibwrite: Towards finger-input authentication on ubiquitous surfaces via physical vibration. In Proc.CCS'17. ACM, 2017.

Digital Library

[26]

L. v. d. Maaten and G. Hinton. Visualizing data using t-sne. Journal of machine learning research, 9(Nov):2579--2605, 2008.

[27]

R. Martin. Noise power spectral density estimation based on optimal smoothing and minimum statistics. IEEE Transactions on speech and audio processing, 9(5):504--512, 2001.

[28]

W. Meng, W. Li, L. Jiang, and L. Meng. On multiple password interference of touch screen patterns and text passwords. In Proc. CHI'16, pages 4818--4822. ACM, 2016.

Digital Library

[29]

R. Morris and K. Thompson. Password security: A case history. Communications of the ACM, 22(11):594--597, 1979.

Digital Library

[30]

V. Romanuke. Appropriate number and allocation of relus in convolutional neural networks. Naukovi Visti NTUU KPI, (1):69--78, 2017.

[31]

N. Roy and R. R. Choudhury. Ripple {II}: Faster communication through physical vibration. In Proc. NSDI'16, pages 671--684, 2016.

[32]

N. Roy, M. Gowda, and R. R. Choudhury. Ripple: Communicating through physical vibration. In Proc. NSDI'15. USENIX, 2015.

[33]

A. Serwadda and V. V. Phoha. When kids' toys breach mobile phone security. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 599--610. ACM, 2013.

Digital Library

[34]

W. E. Siri. The gross composition of the body. In Advances in biological and medical physics, volume 4, pages 239--280. Elsevier, 1956.

[35]

I. Song, H.-J. Kim, and P. B. Jeon. Deep learning for real-time robust facial expression recognition on a smartphone. In Proc. ICCE'14, pages 564--567. IEEE, 2014.

[36]

Y. Song, Z. Cai, and Z.-L. Zhang. Multi-touch authentication using hand geometry and behavioral information. In 2017 IEEE Symposium on Security and Privacy (SP), pages 357--372. IEEE, 2017.

[37]

M. Spoonauer. iphone x face id slower than touch id. [online]. avaliable: https://www.tomsguide.com/us/iphone-x-face-id-speed-up,news-26060.html, 2017.

[38]

X. Suo, Y. Zhu, and G. S. Owen. Graphical passwords: A survey. In Proc. ACSAC'05, pages 10--pp. IEEE, 2005.

[39]

F. Tari, A. A. Ozok, and S. H. Holden. A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords. In Proc.SOUPS'06. ACM, 2006.

Digital Library

[40]

A. Waibel, T. Hanazawa, G. Hinton, K. Shikano, and K. J. Lang. Phoneme recognition using time-delay neural networks. Backpropagation: Theory, Architectures and Applications, pages 35--61, 1995.

[41]

P. Welch. The use of fast fourier transform for the estimation of power spectra: a method based on time averaging over short, modified periodograms. IEEE Transactions on audio and electroacoustics, 15(2):70--73, 1967.

[42]

H. Wen, J. Ramos Rojas, and A. K. Dey. Serendipity: Finger gesture recognition using an off-the-shelf smartwatch. In Proc.CHI'16. ACM, 2016.

Digital Library

[43]

L. Yang, W. Wang, and Q. Zhang. Vibid: user identification through bio-vibrometry. In Proc. IPSN'16, page 11. IEEE Press, 2016.

[44]

L. Zhang, S. Tan, J. Yang, and Y. Chen. Voicelive: A phoneme localization based liveness detection for voice authentication on smartphones. In Proc. CCS'16, pages 1080--1091. ACM, 2016.

Digital Library

Cited By

Xu ZJin WYao CLiu XMa SLiu YQin ZVakilinia ILiu D(2024)EM-Rhythm: An Authentication Method for Heterogeneous IoT DevicesACM Transactions on Sensor Networks10.1145/3700441Online publication date: 16-Oct-2024
https://doi.org/10.1145/3700441
He ZChen JWu CHe KDu RJia JGu YSun X(2024)HCR-Auth: Reliable Bone Conduction Earphone Authentication with Head Contact ResponseProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36997808:4(1-27)Online publication date: 21-Nov-2024
https://dl.acm.org/doi/10.1145/3699780
Sun TZhao YXie WLi JMa YZhang J(2024)EyeGesener: Eye Gesture Listener for Smart Glasses Interaction Using Acoustic SensingProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36785418:3(1-28)Online publication date: 9-Sep-2024
https://dl.acm.org/doi/10.1145/3678541
Show More Cited By

Index Terms

TouchPass: towards behavior-irrelevant on-touch user authentication on smartphones leveraging vibrations
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

VibHead: An Authentication Scheme for Smart Headsets through Vibration
Recent years have witnessed the fast penetration of Virtual Reality (VR) and Augmented Reality (AR) systems into our daily life, the security and privacy issues of the VR/AR applications have been attracting considerable attention. Most VR/AR systems ...
A survey of attacks on iris biometric systems

Biometric recognition has several applications that provide reliable solutions to the user authentication problem. Its widespread use and popularity is itself making it prone to several vulnerabilities. Iris is emerging as one of the most popular and ...
Using Pupil Light Reflex for Fast Biometric Authentication
ACM TURC '20: Proceedings of the ACM Turing Celebration Conference - China

The prevalence of using biometric for user authentication has attracted much attention. On the other hand, mobile devices such as smart glasses and VR headsets have gained great popularity among recent years. It is desirable to integrate authentication ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiCom '20: Proceedings of the 26th Annual International Conference on Mobile Computing and Networking

April 2020

621 pages

ISBN:9781450370851

DOI:10.1145/3372224

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 April 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Natural Science Foundation of China

Conference

MobiCom '20

Sponsor:

SIGMOBILE

MobiCom '20: The 26th Annual International Conference on Mobile Computing and Networking

September 21 - 25, 2020

London, United Kingdom

Acceptance Rates

Overall Acceptance Rate 440 of 2,972 submissions, 15%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

68
Total Citations
View Citations
1,683
Total Downloads

Downloads (Last 12 months)157
Downloads (Last 6 weeks)20

Reflects downloads up to 19 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xu ZJin WYao CLiu XMa SLiu YQin ZVakilinia ILiu D(2024)EM-Rhythm: An Authentication Method for Heterogeneous IoT DevicesACM Transactions on Sensor Networks10.1145/3700441Online publication date: 16-Oct-2024
https://doi.org/10.1145/3700441
He ZChen JWu CHe KDu RJia JGu YSun X(2024)HCR-Auth: Reliable Bone Conduction Earphone Authentication with Head Contact ResponseProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36997808:4(1-27)Online publication date: 21-Nov-2024
https://dl.acm.org/doi/10.1145/3699780
Sun TZhao YXie WLi JMa YZhang J(2024)EyeGesener: Eye Gesture Listener for Smart Glasses Interaction Using Acoustic SensingProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36785418:3(1-28)Online publication date: 9-Sep-2024
https://dl.acm.org/doi/10.1145/3678541
Cao YDhekne AAmmar M(2024)SigningRing: Signature-based Authentication using Inertial Sensors on a Ring Form-factorProceedings of the Workshop on Body-Centric Computing Systems10.1145/3662009.3662019(11-16)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3662009.3662019
Chen YYu JChen YKong LZhu YChen YOkoshi TKo JLiKamWa R(2024)RFSpy: Eavesdropping on Online Conversations with Out-of-Vocabulary Words by Sensing Metal Coil Vibration of Headsets Leveraging RFIDProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661887(169-182)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661887
Zhang YTong PLi SXie YLi MOkoshi TKo JLiKamWa R(2024)Face Recognition In Harsh Conditions: An Acoustic Based ApproachProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661855(1-14)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661855
Chen WLin SPeng ZParizi FHeo SPatel SMatusik WZhao WStankovic J(2024)ViObjectProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/36435478:1(1-26)Online publication date: 6-Mar-2024
https://dl.acm.org/doi/10.1145/3643547
Li FZhao JYang HYu DZhou YShen Y(2024)VibHead: An Authentication Scheme for Smart Headsets through VibrationACM Transactions on Sensor Networks10.1145/361443220:4(1-21)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3614432
Wu CCao HXu GZhou CSun JYan RLiu YJiang H(2024)It's All in the Touch: Authenticating Users With HOST Gestures on Multi-Touch Screen DevicesIEEE Transactions on Mobile Computing10.1109/TMC.2024.337101423:10(10016-10030)Online publication date: Oct-2024
https://doi.org/10.1109/TMC.2024.3371014
Jiang HJi PZhang TCao HLiu D(2024)Two-Factor Authentication for Keyless Entry System via Finger-Induced VibrationsIEEE Transactions on Mobile Computing10.1109/TMC.2024.336833123:10(9708-9720)Online publication date: Oct-2024
https://doi.org/10.1109/TMC.2024.3368331
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents