Abstract
Graphic-pattern-based implicit authentication has been successfully exploited to elevate the security of smartphones. On-screen pressure is one of the key features in such an approach since it can reveal users' touch pattern. However, state-of-the-art approaches rely on a system API to obtain on-screen pressure, which is not adequately accurate and cannot meet the demands of robust implicit authentication. To bridge this gap, we propose PresSafe, a novel implicit authentication system that utilizes the smartphone's built-in barometer sensor to measure pressure during the unlocking process, and to utilize the pressure data in authentication. A key technical challenge in utilizing barometer sensing, however, is to understand the user activity through measured pressure. To overcome this challenge, PresSafe leverages barometer data along with data from other conventional but heterogeneous ambient sensors to produce accurate and robust user activity descriptions. PresSafe utilizes a transfer-learning-based hybrid workflow to integrate user activity representation learning with a lightweight classical authentication algorithm to obtain a unified model. This approach offloads the computational cost from the terminal and addresses privacy concerns. To ensure applicability of our approach despite data heterogeneity and insufficient training data, we utilize a channel-adaptive data processing mechanism. Extensive experiments utilizing more than 70000 records from 23 volunteers in six different locations show that PresSafe achieves an FAR of 0.45%, an FRR of 0.49%, and an EER of 0.47%, which clearly demonstrate its superiority over several existing solutions.
| Original language | English |
|---|---|
| Pages (from-to) | 285-302 |
| Number of pages | 18 |
| Journal | IEEE Internet of Things Journal |
| Volume | 10 |
| Issue number | 1 |
| Early online date | 17 Aug 2022 |
| DOIs | |
| Publication status | Published - 1 Jan 2023 |
Bibliographical note
© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Copyright © and Moral Rights are retained by the author(s) and/ or other copyright owners. A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. This item cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder(s). The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holders.
This document is the author’s post-print version, incorporating any revisions agreed during the peer-review process. Some differences between the published version and this version may remain and you are advised to consult the published version if you wish to cite from it.
Keywords
- Authentication
- Barometers
- Behavioral sciences
- Biometrics (access control)
- Feature extraction
- Implicit authentication
- Security
- Smart phones
- barometer
- heterogenous data
- pressure sensing
- representation learning
- smartphone
- transfer learning
ASJC Scopus subject areas
- Signal Processing
- Information Systems
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications