10,073 research outputs found
MobiBits: Multimodal Mobile Biometric Database
This paper presents a novel database comprising representations of five
different biometric characteristics, collected in a mobile, unconstrained or
semi-constrained setting with three different mobile devices, including
characteristics previously unavailable in existing datasets, namely hand
images, thermal hand images, and thermal face images, all acquired with a
mobile, off-the-shelf device. In addition to this collection of data we perform
an extensive set of experiments providing insight on benchmark recognition
performance that can be achieved with these data, carried out with existing
commercial and academic biometric solutions. This is the first known to us
mobile biometric database introducing samples of biometric traits such as
thermal hand images and thermal face images. We hope that this contribution
will make a valuable addition to the already existing databases and enable new
experiments and studies in the field of mobile authentication. The MobiBits
database is made publicly available to the research community at no cost for
non-commercial purposes.Comment: Submitted for the BIOSIG2018 conference on June 18, 2018. Accepted
for publication on July 20, 201
A robustness verification system for mobile phone authentication based on gestures using Linear Discriminant Analysis
This article evaluates an authentication technique for mobiles based on gestures. Users create a remindful identifying gesture to be considered as their in-air signature. This work analyzes a database of 120 gestures of different vulnerability, obtaining an Equal Error Rate (EER) of 9.19% when robustness of gestures is not verified. Most of the errors in this EER come from very simple and easily forgeable gestures that should be discarded at enrollment phase. Therefore, an in-air signature robustness verification system using Linear Discriminant Analysis is proposed to infer automatically whether the gesture is secure or not. Different configurations have been tested obtaining a lowest EER of 4.01% when 45.02% of gestures were discarded, and an optimal compromise of EER of 4.82% when 19.19% of gestures were automatically rejected
Q&A Platforms Evaluated Using Butler University Q&A Intelligence Index
A new study using the Butler University Q&A Intelligence Index measures how various mobile Q&A platforms deliver quality, accurate answers in a timely manner to a broad variety of questions. Based on the results of our analysis, ChaCha led all Q&A platforms on mobile devices.
Results of the study are based upon review of a large set of responses from each of the major Q&A platforms, coupled with a comparison of disparate Q&A platforms that serve answers in different ways. Our methodology included the creation of a new metric, termed the Butler University Q&A Intelligence Index, which measures the likelihood that a user can expect to receive a correct answer in a timely manner to any random question asked using natural language. We asked questions via mobile services and randomized the questions to cover both popular and long-tail knowledge requests
Sequential Keystroke Behavioral Biometrics for Mobile User Identification via Multi-view Deep Learning
With the rapid growth in smartphone usage, more organizations begin to focus
on providing better services for mobile users. User identification can help
these organizations to identify their customers and then cater services that
have been customized for them. Currently, the use of cookies is the most common
form to identify users. However, cookies are not easily transportable (e.g.,
when a user uses a different login account, cookies do not follow the user).
This limitation motivates the need to use behavior biometric for user
identification. In this paper, we propose DEEPSERVICE, a new technique that can
identify mobile users based on user's keystroke information captured by a
special keyboard or web browser. Our evaluation results indicate that
DEEPSERVICE is highly accurate in identifying mobile users (over 93% accuracy).
The technique is also efficient and only takes less than 1 ms to perform
identification.Comment: 2017 Joint European Conference on Machine Learning and Knowledge
Discovery in Database
Secure Pick Up: Implicit Authentication When You Start Using the Smartphone
We propose Secure Pick Up (SPU), a convenient, lightweight, in-device,
non-intrusive and automatic-learning system for smartphone user authentication.
Operating in the background, our system implicitly observes users' phone
pick-up movements, the way they bend their arms when they pick up a smartphone
to interact with the device, to authenticate the users.
Our SPU outperforms the state-of-the-art implicit authentication mechanisms
in three main aspects: 1) SPU automatically learns the user's behavioral
pattern without requiring a large amount of training data (especially those of
other users) as previous methods did, making it more deployable. Towards this
end, we propose a weighted multi-dimensional Dynamic Time Warping (DTW)
algorithm to effectively quantify similarities between users' pick-up
movements; 2) SPU does not rely on a remote server for providing further
computational power, making SPU efficient and usable even without network
access; and 3) our system can adaptively update a user's authentication model
to accommodate user's behavioral drift over time with negligible overhead.
Through extensive experiments on real world datasets, we demonstrate that SPU
can achieve authentication accuracy up to 96.3% with a very low latency of 2.4
milliseconds. It reduces the number of times a user has to do explicit
authentication by 32.9%, while effectively defending against various attacks.Comment: Published on ACM Symposium on Access Control Models and Technologies
(SACMAT) 201
Implicit Smartphone User Authentication with Sensors and Contextual Machine Learning
Authentication of smartphone users is important because a lot of sensitive
data is stored in the smartphone and the smartphone is also used to access
various cloud data and services. However, smartphones are easily stolen or
co-opted by an attacker. Beyond the initial login, it is highly desirable to
re-authenticate end-users who are continuing to access security-critical
services and data. Hence, this paper proposes a novel authentication system for
implicit, continuous authentication of the smartphone user based on behavioral
characteristics, by leveraging the sensors already ubiquitously built into
smartphones. We propose novel context-based authentication models to
differentiate the legitimate smartphone owner versus other users. We
systematically show how to achieve high authentication accuracy with different
design alternatives in sensor and feature selection, machine learning
techniques, context detection and multiple devices. Our system can achieve
excellent authentication performance with 98.1% accuracy with negligible system
overhead and less than 2.4% battery consumption.Comment: Published on the IEEE/IFIP International Conference on Dependable
Systems and Networks (DSN) 2017. arXiv admin note: substantial text overlap
with arXiv:1703.0352
Usability and Trust in Information Systems
The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness
- âŠ