Keystroke dynamics-based authentication for mobile devices

Recently, mobile devices are used in financial applications such as banking and stock trading. However, unlike desktops and notebook computers, a 4-digit personal identification number (PIN) is often adopted as the only security mechanism for mobile devices. Because of their limited length, PINs are vulnerable to shoulder surfing and systematic trial-and-error attacks. This paper reports the effectiveness of user authentication using keystroke dynamics-based authentication (KDA) on mobile devices. We found that a KDA system can be effective for mobile devices in terms of authentication accuracy. Use of artificial rhythms leads to even better authentication performance.     

Active authentication for mobile devices utilising behaviour profiling

With nearly 6 billion subscribers around the world, mobile devices have become an indispensable component in modern society. The majority of these devices rely upon passwords and personal identification numbers as a form of user authentication, and the weakness of these point-of-entry techniques is widely documented. Active authentication is designed to overcome this problem by utilising biometric techniques to continuously assess user identity. This paper describes a feasibility study into a behaviour profiling technique that utilises historical application usage to verify mobile users in a continuous manner. By utilising a combination of a rule-based classifier, a dynamic profiling technique and a smoothing function, the best experimental result for a users overall application usage was an equal error rate of 9.8 %. Based upon this result, the paper proceeds to propose a novel behaviour profiling framework that enables a user’s identity to be verified through their application usage in a continuous and transparent manner. In order to balance the trade-off between security and usability, the framework is designed in a modular way that will not reject user access based upon a single application activity but a number of consecutive abnormal application usages. The proposed framework is then evaluated through simulation with results of 11.45 and 4.17 % for the false rejection rate and false acceptance rate, respectively. In comparison with point-of-entry-based approaches, behaviour profiling provides a significant improvement in both the security afforded to the device and user convenience.     

Model for adaptable context-based biometric authentication for mobile devices

It becomes possible to take advantage of seamless biometric authentication on mobile devices due to increasing quality and quantity of built-in sensors, increasing processing power of the devices, and wireless connectivity. However, practical effectiveness of the biometric authentication application depends on user’s environment conditions that can decrease the accuracy of biometrics recognition or make the acquisition process undesirable for mobile user in a given moment, i.e., effectiveness depends on usage context. In this paper, context-based biometric authentication model for mobile devices is proposed. It enables determining the most accurate authentication method at the moment along with the most accurate form of interacting with a user w.r.t. authentication process. The generic model designed and verified with proof-of-concept implementation constitutes a foundation for building further adaptable and extensible multi-factor context-dependent systems for mobile authentication.     

Evaluation of feature values of surface electromyograms for user authentication on mobile devices

At the present time, mobile devices, such as tablet-type PCs and smart phones, have widely penetrated into our daily lives. Therefore, an authentication method that prevents shoulder surfing is needed. We are investigating a new user authentication method for mobile devices that use surface electromyogram (s-EMG) signals, not screen touching. The s-EMG signals, which are generated by the electrical activity of muscle fibers during contraction, are detected over the skin surface. Muscle movement can be differentiated by analyzing the s-EMG. In this paper, a method that uses a list of gestures as a password is proposed. And also, results of experiments are presented that was carried out to investigate the performance of the method extracting feature values from s-EMG signals (using the Fourier transform) adopted in this research. \(Myo^{TM}\), which is the candidate of s-EMG measurement device used in a prototype system for future substantiative experiments, was used in the experiment together with the s-EMG measuring device used in the previous research to investigate its performance.     

A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices

Since touch screen handheld mobile devices have become widely used, people are able to access various data and information anywhere and anytime. Most user authentication methods for these mobile devices use PIN-based (Personal Identification Number) authentication, since they do not employ a standard QWERTY keyboard for conveniently entering text-based passwords. However, PINs provide a small password space size, which is vulnerable to attacks. Many studies have employed the KDA (Keystroke Dynamic-based Authentication) system, which is based on keystroke time features to enhance the security of PIN-based authentication. Unfortunately, unlike the text-based password KDA systems in QWERTY keyboards, different keypad sizes or layouts of mobile devices affect the PIN-based KDA system utility. This paper proposes a new graphical-based password KDA system for touch screen handheld mobile devices. The graphical password enlarges the password space size and promotes the KDA utility in touch screen handheld mobile devices. In addition, this paper explores a pressure feature, which is easy to use in touch screen handheld mobile devices, and applies it in the proposed system. The experiment results show: (1) EER is 12.2% in the graphical-based password KDA proposed system. Compared with related schemes in mobile devices, this effectively promotes KDA system utility; (2) EER is reduced to 6.9% when the pressure feature is used in the proposed system. The accuracy of authenticating keystroke time and pressure features is not affected by inconsistent keypads since the graphical passwords are entered via an identical size (50 mm × 60 mm) human–computer interface for satisfying the lowest touch screen size and a GUI of this size is displayed on all mobile devices.     

An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem

Recently, remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most remote user authentication schemes on ECC are based on public-key cryptosystem, in which the public key in the system requires the associated certificate to prove its validity. Thus, the user needs to perform additional computations to verify the certificate in these schemes. In addition, we find these schemes do not provide mutual authentication or a session key agreement between the user and the remote server. Therefore, we propose an ID-based remote mutual authentication with key agreement scheme on ECC in this paper. Based upon the ID-based concept, the proposed scheme does not require public keys for users such that the additional computations for certificates can be reduced. Moreover, the proposed scheme not only provides mutual authentication but also supports a session key agreement between the user and the server. Compared with the related works, the proposed scheme is more efficient and practical for mobile devices.     

An optimized authentication protocol for mobile networks

Practical secure communication of mobile systems with low communication cost has become one of the major research directions. An established public key infrastructure (PKI) provides key management and key distribution mechanisms, which can lead to authentication and secure communication. Adding public key cryptography to Kerberos provides a nice congruence to public key protocols, which can obviate the human users’ burden to manage strong passwords. This paper emphasizes on authentication as a considerable issue related to security. Additionally, an efficient and secure hybrid authentication protocol for large mobile network is proposed. Its infrastructure accommodates explosive growth of the large mobile network. It reduces the communication cost for providing secure network access in inter-domain communication. This method is based on symmetric cryptosystem, PKI, challenge–response and hash chaining.     

A distributed mobile database implementation on Pocket PC mobile devices communicating over Bluetooth

This paper describes a distributed database system implementation built on top of stand-alone mobile databases found on mobile devices. At the heart of the architecture are elected devices that take on the role of data directories which collect the schema of the databases and become the contact points for all nodes that wish to submit queries against the distributed database. The system is implemented on Pocket PCs that run the Microsoft WinCE operating system and communicate using Bluetooth, thus limiting the architecture to eight devices, which is a restriction imposed by piconets. Sample databases were configured on the devices that ran the SQL Server CE database engine, and a list of 170 sample queries of varying complexities were designed to conduct performance evaluation. This evaluation involved measurement of query response time, generated traffic, and device energy consumption. The obtained results indicated the feasibility of the system and its potential for providing mobile users with a framework for aggregating disparate data that are stored in mobile databases in the wireless ad hoc network.     

Speech recognition for mobile devices

This article presents an overview of different approaches for providing automatic speech recognition (ASR) technology to mobile users. Three principal system architectures with respect to the employment of a wireless communication link are analyzed: Embedded Speech Recognition Systems, Network Speech Recognition (NSR) and Distributed Speech Recognition (DSR). An overview of the solutions having been standardized so far as well as a critical analysis of the latest developments in the field of speech recognition in mobile environments is given. Open issues, pros and cons of the different methodologies and techniques are highlighted. Special emphasis is placed on the constraints and limitations ASR applications are confronted with under different architectures.     

The yoking-proof-based authentication protocol for cloud-assisted wearable devices

Along with the development of IoT applications, wearable devices are becoming popular for monitoring user data to provide intelligent service support. The wearable devices confront severe security issues compared with traditional short-range communications. Due to the limitations of computation capabilities and communication resources, it brings more challenges to design security solutions for the resource-constrained wearable devices in IoT applications. In this work, a yoking-proof-based authentication protocol (YPAP) is proposed for cloud-assisted wearable devices. In the YPAP, a physical unclonable function and lightweight cryptographic operators are jointly applied to realize mutual authentication between a smart phone and two wearable devices, and yoking-proofs are established for the cloud server to perform simultaneous verification. Meanwhile, Rubin logic-based security formal analysis is performed to prove that the YPAP has theoretical design correctness. It indicates that the proposed YPAP is flexible for lightweight wearable devices in IoT applications.     

High-performance code optimizations for mobile devices

The Journal of Supercomputing - Mobile devices have seen their performance increased in latest years due to improvements on System on Chip technologies. These shared memory systems now integrate...     

Super-resolution image reconstruction for mobile devices

With advanced mobile devices, the mobile applications of the high-definition display attract a lot of attentions nowadays. The existing image super-resolution methods are computationally inefficient for the high-definition display on the mobile devices. In this paper, we point out that the above critical issue deteriorates the display quality of the high-definition mobile devices. We propose an efficient and effective algorithm to reconstruct the high-resolution images for the mobile devices. Our algorithm outperforms previous approaches in not only smaller running time but also the higher quality of the super-resolution image reconstruction for the mobile devices.     

Interactive multi-frame reconstruction for mobile devices

The small size of handheld devices, their video capabilities and multiple cameras are under-exploited assets. Properly combined, the features can be used for creating novel applications that are ideal for pocket-sized devices, but may not be useful in laptop computers, such as interactively capturing and analyzing images on the fly. In this paper we consider building mosaic images of printed documents and natural scenes from low resolution video frames. High interactivity is provided by giving a real-time feedback on the video quality, while simultaneously guiding the user’s actions. In our contribution, we analyze and compare means to reach interactivity and performance with sensor signal processing and GPU assistance. The viability of the concept is demonstrated on a mobile phone. The achieved usability benefits suggest that combining interactive imaging and energy efficient high performance computing could enable new mobile applications and user interactions.     

A novel transparent user authentication approach for mobile applications

ABSTRACT

With the rapid growth of smartphones and tablets in our daily lives, securing the sensitive data stored upon them makes authentication of paramount importance. Current authentication approaches do not re-authenticate in order to re-validate the user’s identity after accessing a mobile phone. Accordingly, there is a security benefit if authentication can be applied continually and transparently (i.e., without obstructing the user’s activities) to authenticate legitimate users, which is maintained beyond the point of entry. To this end, this paper suggests a novel transparent user authentication method for mobile applications by applying biometric authentication on each service within a single application in a secure and usable manner based on the risk level. A study involving data collected from 76 users over a one-month period using 12 mobile applications was undertaken to examine the proposed approach. The experimental results show that this approach achieved desirable outcomes for applying a transparent authentication system at an intra-process level, with an average of 6% intrusive authentication requests. Interestingly, when the participants were divided into three levels of usage (high, medium and low), the average intrusive authentication request was 3% which indicates a clear enhancement and suggests that the system would add a further level of security without imposing significant inconvenience upon the user.     

Practical blacklist-based anonymous authentication scheme for mobile crowd sensing

Mobile crowd sensing (MCS) represents one of the most promising approaches for improving life quality of individuals with sensing and computing devices. MCS is playing a more and more important role in various fields of service, such as traffic monitoring and commercial advertisement. Security and privacy of communication in MCS attract increasing attention from the academia and industry since the sensing data are usually sensitive for users. Some users worry about the leakage of their private information when they share their data to the third parties. To address this issue, in this paper, we propose a practical blacklist-based anonymous authentication scheme in which users can enjoy an anonymous environment and share their information without worrying about any information leakage. Security analysis shows that our scheme can achieve anonymity, blacklistability, nonrepudiation and unlinkability. Performance evaluation demonstrates that our scheme is more efficient in terms of computation overhead compared with the existing works.     

A self-verification authentication mechanism for mobile satellite communication systems

In order to provide an opportunity to make personal communication as broad as possible, mobile satellite communication systems have recently drawn much attention. However, any communication system raises two major challenging issues: (1) how to determine whether actors are whom they claim to be; and (2) how to protect data against unauthorized disclosure. Although the secret-key cryptosystem (SKC) and the public-key cryptosystem (PKC) have been developed to provide well-defined security services to address these issues each has serous drawbacks while SKC-based authentication schemes have the common demerit that the server which maintains the secret-key table becomes an attractive target for numerous intrusions, PKC-based schemes suffer from the expensive complexity of the public-key infrastructure (PKI) and a high computation overhead. Therefore, in this paper, a self-verification authentication mechanism with lower computation and key management cost is introduced.     

A hybrid user authentication protocol for mobile IPTV service

IPTV, a technological convergence that combines communication and broadcasting technologies, delivers customized, interactive TV content and other multimedia information over wired and wireless connections. Providing secure access to IPTV services calls for authentication, without proper and secure authentication mechanisms, an individual impersonating a subscriber could steal a service. This paper proposes a new authentication protocol to authenticate IPTV users. The authors based the proposed protocol, a hybrid authentication protocol providing lightweight, personalized user authentication, on RFID (radio-frequency identification) and USIM (Universal Subscriber Identity Module) technologies. In the proposed protocol, USIM performs highly personalized authentication, and the authenticated subscriber’s RFID tags can have a temporary authority to execute authentication. These RFID tags become Agent Tags authorized to authenticate subscribers. Agent Tags identify and authenticate themselves to RFID readers in the set-top box, thus, simplifying the authentication process.     

基于IBE策略的物联网终端设备间的身份认证方案

随着物联网终端设备间直接通信的需求不断增大,为解决物联网终端设备间安全通信和隐私保护问题,终端设备间认证技术成为人们关注的一个热点,业界诸多学者已经对此展开相关研究并提出多种物联网终端设备间的认证机制。但是,上述机制在安全强度及抵抗攻击效果方面尚存在不足。为解决此问题,该文提出一种基于IBE策略的物联网终端设备身份认证方案,实现终端设备之间匿名双向认证,同时使用椭圆曲线加密算法保证认证过程中信息传输的安全性。通过安全性理论分析和性能分析表明,该方案可很好地抵抗重放攻击、中间人攻击和篡改攻击等已知攻击且具有较低的计算开销。