Sketch-Based User Authentication With a Novel String Edit Distance Model

Abstract

The vast majority of user authentication in digital applications is based on alphanumeric passwords. Yet, due to severe problems that might arise with this approach, various efforts have been made in the last decade to replace this authentication paradigm. One candidate for the prospective paradigm shift might be found in the field of graphical passwords. The present paper introduces a novel framework for user authentication based on freehand sketches. The basic idea is that during the registration phase a user draws an arbitrary sketch in a specific drawing canvas (rather than typing a password). Registered users can then be authenticated whenever they are able to reproduce their personal sketch with sufficient precision. The major challenge of such a system is twofold. First, it has to provide a certain degree of error-tolerance such that the authentication of genuine users can be smoothly accomplished. Second, the system should detect even subtle forgeries and reject possible intruders. The main contributions of this paper are as follows. First, we formally represent the underlying sketches by means of strings and present a general authentication algorithm that is based on structural pattern recognition. Second, we present a novel cost model that is particularly useful in conjunction with string matching. Third, by means of an exhaustive empirical investigation using both random and skilled forgeries (stemming from several hundreds of users) we empirically confirm the feasibility of this particular authentication framework in a real-world scenario.