Affiliation:
1. Samsung Research, Seoul, Republic of Korea
2. Ulsan National Institute of Science and Technology, Ulsan, Republic of Korea
Abstract
PIN and pattern lock are difficult to accurately enter on small watch screens, and are vulnerable against guessing attacks. To address these problems, this paper proposes a novel implicit biometric scheme based on through-wrist acoustic responses. A cue signal is played on a surface transducer mounted on the dorsal wrist and the acoustic response recorded by a contact microphone on the volar wrist. We build classifiers using these recordings for each of three simple hand poses (relax, fist and open), and use an ensemble approach to make final authentication decisions. In an initial single session study (N=25), we achieve an Equal Error Rate (EER) of 0.01%, substantially outperforming prior on-wrist biometric solutions. A subsequent five recall-session study (N=20) shows reduced performance with 5.06% EER. We attribute this to increased variability in how participants perform hand poses over time. However, after retraining classifiers performance improved substantially, ultimately achieving 0.79% EER. We observed most variability with the relax pose. Consequently, we achieve the most reliable multi-session performance by combining the fist and open poses: 0.51% EER. Further studies elaborate on these basic results. A usability evaluation reveals users experience low workload as well as reporting high SUS scores and fluctuating levels of perceived exertion: moderate during initial enrollment dropping to slight during authentication. A final study examining performance in various poses and in the presence of noise demonstrates the system is robust to such disturbances and likely to work well in wide range of real-world contexts.
Funder
Korea Institute for Advancement of Technology
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Networks and Communications,Hardware and Architecture,Human-Computer Interaction
Reference54 articles.
1. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords
2. Joseph Bonneau , Sören Preibusch , and Ross J. Anderson . 2012. A Birthday Present Every Eleven Wallets? The Security of Customer-Chosen Banking PINs . In Proceedings of International Conference on Financial Cryptography and Data Security (FC). Springer Berlin Heidelberg , Berlin, Heidelberg, 538--552. Joseph Bonneau, Sören Preibusch, and Ross J. Anderson. 2012. A Birthday Present Every Eleven Wallets? The Security of Customer-Chosen Banking PINs. In Proceedings of International Conference on Financial Cryptography and Data Security (FC). Springer Berlin Heidelberg, Berlin, Heidelberg, 538--552.
3. Boosting the Guessing Attack Performance on Android Lock Patterns with Smudge Attacks
Cited by
7 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. EchoWrist: Continuous Hand Pose Tracking and Hand-Object Interaction Recognition Using Low-Power Active Acoustic Sensing On a Wristband;Proceedings of the CHI Conference on Human Factors in Computing Systems;2024-05-11
2. EyeEcho: Continuous and Low-power Facial Expression Tracking on Glasses;Proceedings of the CHI Conference on Human Factors in Computing Systems;2024-05-11
3. SkullID: Through-Skull Sound Conduction based Authentication for Smartglasses;Proceedings of the CHI Conference on Human Factors in Computing Systems;2024-05-11
4. SonarAuth: Using Around Device Sensing to Improve Smartwatch Behavioral Biometrics;Adjunct Proceedings of the 2023 ACM International Joint Conference on Pervasive and Ubiquitous Computing & the 2023 ACM International Symposium on Wearable Computing;2023-10-08
5. VibPath;Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies;2023-09-27