Pattern lock has been widely used in smartphones as a simple and effective authentication mechanism, which however is shown to be vulnerable to various attacks. In this paper, we design a novel authentication system for more secure pattern unlocking on smartphones. The basic idea is to utilize various behavior information of the user during pattern unlocking as additional authentication fingerprints, so that even if the pattern password is leaked to an attacker, the system remains safe and protected. To accommodate a variety of user contexts by our system, a context-aware module is proposed to distinguish any of such contexts (e.g., body postures when drawing the pattern) and use it to guide the authentication. Moreover, we design a polyline weighted strategy with overlapping based on the consistency of pattern lock, which analyzes the behavior information of the user during the unlock process in a fine-grained manner and takes an overall consideration the results of different polylines. Based on 14,850 samples collected from 77 participants, we have extensively evaluated the proposed system. The results demonstrate that it outperforms state-of-the-art implicit authentication based pattern lock approaches, and that each key module in our system is effective.
|Number of pages
|Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies
|Published - 29 Mar 2021
FunderThis work was supported by the National Natural Science Foundation of China under Grant No.61872027, No.U20A20182 and the Open Research Fund of the State Key Laboratory of Integrated Services Networks(No.ISN21-16).
- implicit authentication
- pattern lock
ASJC Scopus subject areas
- Human-Computer Interaction
- Hardware and Architecture
- Computer Networks and Communications