Design and Evaluation of Accelerometer Based User Authentication Methods

• Main Author: Haitham, Seror
• Format: Others
• Language: English
• Published: Linköpings universitet, Informationskodning 2017
• Subjects: Authentication; Smartphone security; Shoulder surfing; Accelerometer; Natural Sciences; Naturvetenskap
• Online Access: http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-142036

Smartphone's are extremely popular and in high demand nowadays. They are easy to handle and very intuitive compared with old phones for end users. Approximately two billion people use Smartphones all over the world, so it is clear that these phones are very popular. One of the major issues of these smart phones is theft. What happens if someone steals your phone? Why should we try to secure our phones? The reason is that, even if the phone is stolen, the thief should not be able to open and use it through unlocking easily. People are generally careless while typing their password/pin code or drawing a pattern while others are watching. Maybe someone can see it just by standing next to or behind the person who is typing the pin or drawing the pattern. This scenario of getting the information is called shoulder surfing. Another scenario is to use a hidden camera, so-called Record monitoring. Shoulder surfing can be used by an attacker/observer to get passwords or PINs. Shoulder surfing is very easy to perform by just looking over the shoulder when a user is typing the PIN or drawing the unlock pattern. Record monitoring needs more preparation, but is not much more complicated to perform. Sometimes it also happens that the phone gets stolen and by seeing fingerprints or smudge patterns on the phone, the attacker can unlock it. These above two are general security threats for smart phone users. This thesis introduces some different approaches to overcome the above mentioned security threats in Smartphones. The basic aim is to make it more difficult to perform shoulder surfing or record monitoring, and these will not be easy to perform by the observer after switching to the new techniques introduced in the thesis. In this thesis, the usability of each method developed will be described and also future use of these approaches. There are a number of techniques by which a user can protect the phone from observation attacks. Some of these will be considered, and a user interface evaluation will be performed in the later phase of development. I will also consider some important aspects while developing the methods such as -user friendliness, Good UI concepts etc. I will also evaluate the actual security added by the methods, and the overall user impression. Two separate user studies have been performed, first one with students from the Computer Science department, and then one with students from other departments. The results indicate that students from Computer Science are more attracted to the new security solution than students from other departments.