Abstract
Due to commoditization and convenience, wearable technology are interwoven with our daily life. However, privacy sensitive data stored on those devices such as personal email, message can be easily stolen. Most devices require a PIN input to unlock. However, this mechanism is vulnerable to shoulder surfing attack. Thus many novel authentication approaches have been proposed to solve this problem. And biometric-based methods have been adopted by many researchers because of the efficiency and excellent performance. In this paper, we propose a new biometric-based authentication system. We focus on how the user performs a straight punch gesture subconsciously. By analysis the acceleration data from the smartwatch when user performing the gesture, we are able to profile the user. And we authenticate the user according to the biometrics of this action. This mechanism is light-weighted and do not require user to remember any secret code. We develop an authentication system on Samsung Gear Fit 2 and conducted a real-world experiment on 20 volunteers. And we collected 13000 gesture samples to evaluate our system. Results show that our system can achieve a classification accuracy of at least 95.45%. In attacking scenario, our system can achieve an equal error rate lower than 4%. The maximum number of samples required by a well-trained classifier is 25.
Highlights
Wearable devices have growing popularity in recent days
In this work we identify the user based on the biometrics generated by punch gesture
We propose and implemented a novel authentication system based on biometric of punch gesture
Summary
Wearable devices have growing popularity in recent days. Products such as smartwatch and smartband are inexpensive and provide good usability. Wearable devices are usually equipped with small touchscreen, which is only sufficient to perform PIN input. This scheme is defenseless against shoulder surfing attack. In this work we identify the user based on the biometrics generated by punch gesture. We need to identify the features within the recorded data we should use to distinguish different users To this end, we conduct a close analysis on the collected data to extract useful features for authentication. The attacker may imitate the gesture performed by the legitimate owner to get access to the device. The legitimate owner wearing a device performs a punch gesture while we collect the readings from accelerometer.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
