Security Enhanced Rhythm Authentication using Relative Finger-Tip Positions

Authors

  • N. Wongnarukane Department of Computer Science, Graduate School of Applied Statistics National Institute of Development Administration, Bangkok, Thailand
  • P. Kuacharoen Department of Computer Science, Graduate School of Applied Statistics National Institute of Development Administration, Bangkok, Thailand

Keywords:

Rhythm Authentication, Multi-touch, Biometric Authentication, Keystroke,

Abstract

The rhythm authentication algorithm uses the concept of a traditional keystroke authentication and a multitouch technology based on a touchable device. Three measurements are used in the rhythm authentication method which consists of holding times, latency times, and the number of fingers per beat. These measurements are compared with the user templates. The user is authenticated if a percentage of error is in a predetermined range. However, using only three measurements is not enough. If the attacker is familiar with the victim, the rhythm authentication can be attacked by shoulder surfing or eavesdropping. Additionally, only a percentage of similarity between the user template in database and user’s input for classifying is not a reliable algorithm. In this research, we propose a security-enhanced rhythm authentication using relative finger-tip positions and the KNN algorithm for classification to prevent shoulder-surfing attacks.

References

N. Wongnarukane and P. Kuacharoen, “Rhythm Authentication Using Multi-touch Technology: A New Method of Biometric Authentication,” Lecture Notes in Computer Science (LNCS) Springer, Cham., 2017, pp. 390-399.

X. Huang, G. Lund and A. Sapeluk, “Development of a typing behaviour recognition mechanism on Android”, In 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, June 2012.

M. Antal, Z.S. László and L. Izabella, “Keystroke dynamics on android platform,” in Procedia Technology, 2015.

S. Azenkot, K. Rector, R. Ladner and J. Wobbrock, “PassChords: secure multi-touch authentication for blind people,” in Proc. of the 14th international ACM SIGACCESS conference on Computers and accessibility, October, 2012.

V. Roth, P. Schmidt and B. Güldenring, “The IR ring: authenticating users' touches on a multi-touch display,” in Proc. of the 23nd annual ACM symposium on User interface software and technology, October, 2010.

D. Marques, T. Guerreiro, L. Duarte and L. Carriço, “Under the table: tap authentication for smartphones,” in Proc. of the 27th International BCS Human Computer Interaction Conference, September, 2013.

A. De Luca, E. Von Zezschwitz, N.D.H Nguyen, M.E. Maurer, E. Rubegni, M.P. Scipioni and M. Langheinrich, “Back-of-device authentication on smartphones,” in Proc. of the SIGCHI Conference on Human Factors in Computing Systems, April, 2013.

L.A. Leiva and A. Català, “BoD taps: an improved back-of-device authentication technique on smartphones,” in Proc. of the 16th international conference on Human-computer interaction with mobile devices & services, September, 2014.

T. Takada and Y. Kokubun, “Extended pin authentication scheme allowing multi-touch key input,” in Proc. of International Conference on Advances in Mobile Computing & Multimedia, December, 2013.

D. T. Larose, “Discovering Knowledge in Data: An Introduction to Data Mining,” John Wiley & Sons, Inc., Hoboken, NJ, USA., 2004.

D. Zhang and V. Kanhangad, “Hand Geometry Recognition,” Encyclopedia of Cryptography and Security Springer US, 2011, pp. 529-531.

Downloads

Published

2018-07-04

How to Cite

Wongnarukane, N., & Kuacharoen, P. (2018). Security Enhanced Rhythm Authentication using Relative Finger-Tip Positions. Journal of Telecommunication, Electronic and Computer Engineering (JTEC), 10(2-5), 9–13. Retrieved from https://jtec.utem.edu.my/jtec/article/view/4341

Issue

Vol. 10 No. 2-5: Embracing The 4th Industrial Revolution: Innovation in Telecommunication, Electronic & Computer Engineering I

Section

Articles

License

TRANSFER OF COPYRIGHT AGREEMENT

The manuscript is herewith submitted for publication in the Journal of Telecommunication, Electronic and Computer Engineering (JTEC). It has not been published before, and it is not under consideration for publication in any other journals. It contains no material that is scandalous, obscene, libelous or otherwise contrary to law. When the manuscript is accepted for publication, I, as the author, hereby agree to transfer to JTEC, all rights including those pertaining to electronic forms and transmissions, under existing copyright laws, except for the following, which the author(s) specifically retain(s):

  1. All proprietary right other than copyright, such as patent rights
  2. The right to make further copies of all or part of the published article for my use in classroom teaching
  3. The right to reuse all or part of this manuscript in a compilation of my own works or in a textbook of which I am the author; and
  4. The right to make copies of the published work for internal distribution within the institution that employs me

I agree that copies made under these circumstances will continue to carry the copyright notice that appears in the original published work. I agree to inform my co-authors, if any, of the above terms. I certify that I have obtained written permission for the use of text, tables, and/or illustrations from any copyrighted source(s), and I agree to supply such written permission(s) to JTEC upon request.