Abstract
Authentication methods using personal identification number (PIN) and unlock patterns are widely used in smartphone user authentication. However, these authentication methods are vulnerable to shoulder-surfing attacks, and PIN authentication, in particular, is poor in terms of security because PINs are short in length with just four to six digits. A wide range of research is currently underway to examine various biometric authentication methods, for example, using the user’s face, fingerprint, or iris information. However, such authentication methods provide PIN-based authentication as a type of backup authentication to prepare for when the maximum set number of authentication failures is exceeded during the authentication process such that the security of biometric authentication equates to the security of PIN-based authentication. In order to overcome this limitation, research has been conducted on keystroke dynamics-based authentication, where users are classified by analyzing their typing patterns while they are entering their PIN. As a result, a wide range of methods for improving the ability to distinguish the normal user from abnormal ones have been proposed, using the typing patterns captured during the user’s PIN input. In this paper, we propose unique keypads that are assigned to and used by only normal users of smartphones to improve the user classification performance capabilities of existing keypads. The proposed keypads are formed by randomly generated numbers based on the Mersenne Twister algorithm. In an attempt to demonstrate the superior classification performance of the proposed unique keypad compared to existing keypads, all tests except for the keypad type were conducted under the same conditions in earlier work, including collection-related features and feature selection methods. Our experimental results show that when the filtering rates are 10%, 20%, 30%, 40%, and 50%, the corresponding equal error rates (EERs) for the proposed keypads are improved by 4.15%, 3.11%, 2.77%, 3.37% and 3.53% on average compared to the classification performance outcomes in earlier work.
Highlights
Smartphones play an important role as IoT devices in our everyday life, and will do as crowdsensing entities for the future of smart cities
As security solutions for smartphones, authentication methods that use a personal identification number (PIN) and unlock patterns are widely employed for smartphone user authentication
By any chance, an intruder knows the user’s PIN, the smartphone in question will permit the intruder access during the PIN input stage. To prevent such attacks by intruders, research has been conducted on keystroke dynamics-based authentication, where users are classified by analyzing their typing patterns as they enter their PIN
Summary
Smartphones play an important role as IoT devices in our everyday life, and will do as crowdsensing entities for the future of smart cities. As security solutions for smartphones, authentication methods that use a personal identification number (PIN) and unlock patterns are widely employed for smartphone user authentication. These authentication methods are vulnerable to shoulder-surfing attacks, and PIN authentication, in particular, is poor in terms of security because PINs are short in length with just four to six digits. Biometric recognition technology refers to methods that allow the smartphone to learn data that is unique to its user, such as the user’s face [1], fingerprint [2], or iris [3] information. By any chance, an intruder knows the user’s PIN, the smartphone in question will permit the intruder access during the PIN input stage
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
