Implicit Continuous User Authentication Using Swipe Actions on Mobile Touch Screen with ANN Classifier

Abstract

Smart phones became the most trusted companion of men and women. Today a smart phone has all the important data within the phone memory or in the cloud which is directly accessible by the device. The sensitivity of these data varies from person to person. Commonly, the security of a smart phone lies with normal entry point authentication methods such as PIN and graphical passwords. These methods can be breached by shoulder surfing, smudge attack, etc. But the main point is that the device is not checking the genuineness of the user after the entry point authentication. Most users prefer simple GUI passwords or PIN or no password at all (Bonneau J, The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: 2012 IEEE symposium on security and privacy, San Francisco, CA, pp 538–552, 2012). So a smart phone after the primary authentication can become a threat to losing sensitive and private data. In this work, we present an implicit continuous active authentication mechanism that will check the genuineness of the current user without any direct input. We would be using the touch screen swipe patterns that are being generated when reading a page or viewing the images in gallery of the phone. We are using the artificial neural network to recognize the genuine user. Result shows the proposed mechanism has an accuracy of 93.9% and an EER of 7%, and it is not a burden to the user as he is not supposed to make any deliberate inputs, the data generated from the normal usage is taken for authentication.