New system provides security by monitoring how user touches the screen
Passwords, gestures and fingerprint scans are all helpful ways to keep a thief from unlocking and using a cell phone or tablet. Cybersecurity researchers from the Georgia Institute of Technology have gone a step further.
They’ve developed a new security system that continuously monitors how a user taps and swipes a mobile device. If the movements don’t match the owner’s tendencies, the system recognizes the differences and can be programmed to lock the device.
“The system learns a person’s ‘touch signature,’ then constantly compares it to how the current user is interacting with the device,” said Polo Chau, a Georgia Tech College of Computing assistant professor who led the study.
To test the system, Chau and his team set up an electronic form with a list of tasks for 20 participants. They were asked to tap buttons, check boxes and swipe slider bars on a phone and tablet to fill out the form. The system tracked their tendencies and created a profile for each person.
After profiles were stored, the researchers designated one person’s signature as the “owner” of the device and repeated the tests. LatentGesture successfully matched the owner and flagged everyone else as unauthorized users.
“Just like your fingerprint, everyone is unique when they use a touchscreen,” said Chau. “Some people slide the bar with one quick swipe. Others gradually move it across the screen. Everyone taps the screen with different pressures while checking boxes.”
The research team also programmed the system to store five touch signatures on the same device – one “owner” and four authorized users. When someone other than the owner used the tablet, the system identified each with 98 percent accuracy.
“This feature could be used when a child uses her dad’s tablet,” said College of Computing sophomore Premkumar Saravanan. “The system would recognize her touch signature and allow her to use the device. But if she tried to buy an app, the system could prevent it.”
The researchers say LatentGesture’s biggest advantage is that the system is constantly running in the background. The user doesn’t have to do anything different for added security and authentication.
“It’s pretty easy for someone to look over your shoulder while you’re unlocking your phone and see your password,” said Samuel Clarke, another College of Computing student on the research team. “This system ensures security even if someone takes your phone or tablet and starts using it.”
Chau is co-advising the project with Hongyuan Zha, a professor in the School of Computational Science and Engineering. The study will be presented in Toronto at ACM Chinese CHI 2014 from April 26 to 27.
This research was partially supported by the National Science Foundation (NSF) under grants IIS-1049694 and IIS-1116886. Any conclusions expressed are those of the principal investigator and may not necessarily represent the official views of the NSF.
Jason Maderer | EurekAlert!
NIST's Cloud Computing Roadmap details research requirements and action plans
23.10.2014 | National Institute of Standards and Technology (NIST)
UMD researchers formulate cyber protection for supply chains
22.10.2014 | University of Maryland
22.10.2014 | Event News
16.10.2014 | Event News
10.10.2014 | Event News
24.10.2014 | Life Sciences
24.10.2014 | Earth Sciences
24.10.2014 | Press release