UPSI Digital Repository (UDRep)
Start | FAQ | About

QR Code Link :

Type :thesis
Subject :TK Electrical engineering. Electronics Nuclear engineering
Main Author :Alrufaye, Moceheb Lazam Shuwandy
Title :Design and evaluation of new sensors-based smartphone authentication techniques
Place of Production :Tanjong Malim
Publisher :Fakulti Seni, Komputeran dan Industri Kreatif
Year of Publication :2019
Notes :with CD
Corporate Name :Universiti Pendidikan Sultan Idris
PDF Guest :Click to view PDF file
PDF Full Text :Login required to access this item.

Abstract : Universiti Pendidikan Sultan Idris
This study aims to design, develop, and test new sensor-based smartphone authentication techniques with the use of new sensors, namely 3D-touch and microphone sensors, with the former being used to simulate the hardware of the 3D- touch sensor of iPhone. Essentially, a 3D-touch sensor converts the authentication pattern of Android devices into a multi-layer pattern. For the microphone sensor, an authentication method based on a silent air-blowing technique was proposed and developed. The proposed authentication schemes were tested, evaluated, and validated based on several scenarios. Two experimental settings, namely controlled and uncontrolled, were used to test the usability (i.e., the remember rate) of the authentication schemes with a sample size of 92 participants, consisting of 60 males and 32 females. False Reject Rate (FRR) and False Accept Rate (FAR) were utilized to analyze the security performance of such schemes by exposing each authentication pattern to various measures o FRR and FAR. Finally, a comparison of groups was performed to compare the analysis that helped provide greater insight into such usability measures. The results showed that the remember rates of the 3D-touch and microphone sensors were 26.25% and 8.22%, respectively, under the uncontrolled setting. In contrast, under the controlled setting, the remember rates of the 3D-touch and microphone sensors were 40.51% and 42.30%, respectively. Also, the FRR and FAR measures of the 3D-touch sensor were 66.73% and 0.15%, respectively. For the microphone sensor, the FRR and FAR measures were 58.04% and 39.17%, respectively. Also, the average results of the 3-Dimension Touchscreen Pattern Test (3DTPT) and Blowing-Voiceless Password (BVP) for both genders were 34.78% and 22.36%, respectively. In conclusion, the research findings were promising despite stringent experimental restrictions. The implication of this study is that the improvement of current sensor-based authentication techniques can be achieved based on the usability of such techniques.


Abate, A. F., Nappi, M., & Ricciardi, S. (2017). I-Am: Implicitly Authenticate Me Person Authentication on Mobile Devices Through Ear Shape and Arm Gesture. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 1–13.


Adib, F., Hsu, C. Y., Mao, H., Katabi, D., & Durand, F. (2015). Capturing the human figure through a wall. ACM Transactions on Graphics (TOG), 34(6), 219.


Ahmad, M., Khan, A. M., Brown, J. A., Protasov, S., & Khattak, A. M. (2016). Gait fingerprinting-based user identification on smartphones. Proceedings of the International Joint Conference on Neural Networks, 2016–Octob, 3060–3067.


Ali, Z., Payton, J., & Sritapan, V. (2016). At Your Fingertips: Considering Finger Distinctness in Continuous Touch-Based Authentication for Mobile Devices. Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016, 272–275.


Ali Fahmi, P. N., Kodirov, E., Choi, D. J., Lee, G. S., Mohd Fikri Azli, A., & Sayeed,

S. (2012). Implicit authentication based on ear shape biometrics using smartphone camera during a call. Conference Proceedings - IEEE International Conference on Systems, Man and Cybernetics, (27), 2272–2276.


Aviv, A. J., Sapp, B., Blaze, M., & Smith, J. M. (2012). Practicality of accelerometer side channels on smartphones. Proceedings of the 28th Annual Computer Security Applications    Conference    on - ACSAC    ’12,    41.


Bajrami, G., Derawi, M. O., & Bours, P. (2011). Towards an automatic gait recognition system using activity recognition (wearable based). 2011 Third International Workshop on Security and Communication Networks (IWSCN), 23–30.


Buriro, A., Crispo, B., DelFrari, F., & Wrona, K. (2016). Hold and Sign: A Novel Behavioral Biometrics for Smartphone User Authentication. Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016, 276–285.


Casanova, J. G., Ávila, C. S., De Santos Sierra, A., Del Pozo, G. B., & Vera, V. J. (2010). A real-time in-air signature biometric technique using a mobile device embedding an accelerometer. Communications in Computer and Information Science, 87 CCIS(PART 1), 497–503. 5_50


Chen, S., Pande, A., and Mohapatra, P. (2014). Sensor-Assisted Facial Recognition : An Enhanced Bio- metric Authentication System for Smartphones. In Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services MobiSys ’14, 109–122.


Cheng, P., Bagci, I. E., Roedig, U., & Yan, J. (2018). SonarSnoop: active acoustic side- channel attacks. International Journal of Information Security, 1-16. arXiv preprint arXiv:1808.10250.


Corpus, K. R., Gonzales, R. J. D., Morada, A. S., & Vea, L. A. (2016). Mobile user identification through authentication using keystroke dynamics and accelerometer biometrics. Proceedings of the International Workshop on Mobile Software Engineering and Systems - MOBILESoft ’16, 11–12.


Crouse, D., Han, H., Chandra, D., Barbello, B., & Jain, A. K. (2015, May). Continuous authentication of mobile user: Fusion of face image and inertial measurement unit data. In 2015 International Conference on Biometrics (ICB) (pp. 135-142). IEEE.


Dandachi, G., El Hassan, B., & El Husseini, A. (2013, September). A novel identification/verification model using smartphone's sensors and user behavior. In 2013 2nd International Conference on Advances in Biomedical Engineering (pp. 235-238). IEEE.


Das, A., Bonneau, J., Caesar, M., Borisov, N., & Wang, X. (2014). The Tangled Web of Password Reuse. Proceedings 2014 Network and Distributed System Security Symposium. doi:10.14722/ndss.2014.23357


Derawi, M. O., Bours, P., & Holien, K. (2010). Improved cycle detection for accelerometer based gait authentication. Proceedings - 2010 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2010, 312–317.


Derawi, M. O., Nickely, C., Bours, P., & Busch, C. (2010). Unobtrusive user- authentication on mobile phones using biometric gait recognition. Proceedings - 2010 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2010, 306–311.


Dhanakoti, V., & Manju Priya, R. (2016). Mobile handswing pattern. International Journal of Control Theory and Applications, 9(5), pp. 2497–2507.


Fantana, A. L., Ramachandran, S., Schunck, C. H., & Talamo, M. (2016). Movement based biometric authentication with smartphones. Proceedings - International Carnahan Conference on Security Technology, 2015–Janua(18), 235–239.


Feng, T., DeSalvo, N., Xu, L., Zhao, X., Wang, X., & Shi, W. (2014). Secure Session on Mobile: An Exploration on Combining Biometric, TrustZone, and User Behavior. Proceedings of the 6th International Conference on Mobile Computing, Applications and Services, 1(4), 206–215.


Feng, T., Prakash, V., & Shi, W. (2013). Touch panel with integrated fingerprint sensors based user identity management. 2013 IEEE International Conference on Technologies for Homeland Security, HST 2013, (12), 154–160.


Feng, T., Zhao, X., Carbunar, B., & Shi, W. (2013). Continuous mobile authentication using virtual key typing biometrics. Proceedings - 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013, (21), 1547–1552.


Ferriday, C. (2007). A Review Paper on Decision Table-Based Testing. Swansea University, CS339-2007, 20, 952-965. Retrieved from


Goethem(B), T. Van, Scheepers, W., Preuveneers, D., & Joosen, and W. (2016). Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 9639, 106– 121.


Guerra-Casanova, J., Sanchez-Avila, C., Bailador Del Pozo, G., & De Santos-Sierra,

A. (2013). a Sequence Alignment Approach Applied To a Mobile Authentication Technique Based on Gestures. International Journal of Pattern Recognition and Artificial Intelligence, 27(4), 1356006.


Guerra-Casanova, J., Sánchez- Ávila, C., De Santos Sierra, A., & Del Pozo, G. B. (2011). Score optimization and template updating in a biometric technique for authentication in mobiles based on gestures. Journal of Systems and Software, 84(11), 2013–2021.


Guerra-Casanova, J., Sánchez-Ávila, C., Bailador, G., & de Santos Sierra, A. (2012). Authentication in mobile devices through hand gesture recognition. International Journal of Information Security, 11(2), 65–83. 012-0154-9


Haque, M. M., Zawoad, S., & Hasan, R. (2013). Secure techniques and methods for authenticating visually impaired mobile phone users. 2013 IEEE International Conference on Technologies for Homeland Security, HST 2013, (14), 735–740.


Hoang, T., Choi, D., & Nguyen, T. (2015a). Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme. International Journal of Information Security, 14(6), 549–560.


Hoang, T., Choi, D., & Nguyen, T. (2015, July). On the instability of sensor orientation in gait verification on mobile phone. In 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE) (Vol. 4, pp. 148-159). IEEE.


Hoang, T., Nguyen, T., Luong, C., Do, S., & Choi, D. (2013). Adaptive cross-device gait recognition using a mobile accelerometer. Journal of Information Processing Systems, 9(2), 333–348.


Hupperich, T., Hosseini, H., & Holz, T. (2016). Leveraging sensor fingerprinting for mobile device authentication. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 9721, 377–396.


Hussain, M., Al-Haiqi, A., Zaidan, A. A., Zaidan, B. B., Mat Kiah, M. L., Anuar, N. B., & Abdulnabi, M. (2016). The rise of keyloggers on smartphones: A survey and insight into motion-based tap inference attacks. Pervasive and Mobile Computing, 25, 1–25.


Islam, S., Naeem, U., & Amin, Y. (2017). Authentication of Smartphone Users Based on Activity Recognition and Mobile Sensing. Sensors (Switzerland).


Jain, A., & Kanhangad, V. (2015). Exploring orientation and accelerometer sensor data for personal authentication in smartphones using touchscreen gestures. Pattern Recognition Letters, 68, 351–360.


Julkunen, H., & Ceder Molander, J. (2016). Password strength and memorability (Dissertation). Retrieved from 12568.


Ketabdar, H., Moghadam, P., Naderi, B., & Roshandel, M. (2012). Magnetic signatures in air for mobile devices. Proceedings of the 14th International Conference on Human-Computer Interaction with Mobile Devices and Services Companion - MobileHCI ’12, 185.


Kong, Yan, J., Blackwell, A., Anderson, R., & Grant, A. (2004). Password memorability and security: Empirical results. IEEE Security & privacy, 2(5), 25- 31.


Kumar, R., Phoha, V. V., & Jain, A. (2015). Treadmill attack on gait-based authentication systems. 2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems, BTAS 2015.


Kwapisz, J. R., Weiss, G. M., & Moore, S. A. (2010, September). Cell phone-based biometric identification. In 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS) (pp. 1-7). IEEE.


Laghari, A., & Memon, Z. A. (2016). Biometric Authentication Technique Using Smartphone Sensor. 2016 13th International Bhurban Conference on 2016 Jan 12 IEEE, (20), 381–384.


Lee, S., Song, K., & Choi, J. (2012). Access to an automated security system using gesture-based passwords. Proceedings of the 2012 15th International Conference on Network-Based Information Systems, NBIS 2012, (25), 760–765.


Lee, W. H. & Lee R. B., & Princeton. (2015). Implicit Authentication for Smartphone Security. Information Systems Security and Privacy, Springer 2015, (576), 160- 176.


Lee, W., & Lee, R. B. (2015). Multi-sensor Authentication to Improve Smartphone Security. In Conference on Information Systems Security and Privacy, IEEE, 1– 11.


Li, Y., Li, Y., Yan, Q., Kong, H., & Deng, R. H. (2015). Seeing Your Face Is Not Enough : An Inertial Sensor-Based Liveness Detection for Face Authentication. ACM SIGSAC Conference on Computer and Communications Security, 1558– 1569.


Lin, C. C., Chang, C. C., Liang, D., & Yang, C. H. (2012). A new non-intrusive authentication method based on the orientation sensor for smartphone users. Proceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012, (24), 245–252.


Ling, Z., Luo, J., Chen, Q., Yue, Q., Yang, M., Yu, W., & Fu, X. (2016). Secure fingertip mouse for mobile devices. Proceedings - IEEE INFOCOM, 2016– July(16).


Liu, Q., Wang, M., Zhao, P., Yan, C., & Ding, Z. (2016). A Behavioral Authentication Method for Mobile Gesture Against Resilient User Posture. 2016 3rd International Conference on Systems and Informatics, ICSAI 2016, (Icsai), 324– 331.


Lyu, C., Pande, A., Wang, X., Zhu, J., Gu, D., & Mohapatra, P. (2015). CLIP: Continuous location integrity and provenance for mobile phones. Proceedings - 2015 IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2015, 172–180.


Maghsoudi, J., & Tappert, C. C. (2017). A behavioral biometrics user authentication study using motion data from android smartphones. Proceedings - 2016 European Intelligence  and  Security  Informatics  Conference,  EISIC  2016,  184–187.


Mastic. (2011). Malaysian Research and Development Classification System 6th edition. Malaysian Science and Technology Information Center (MASTIC). 1394-4320


Muaaz, M., & Mayrhofer, R. (2013). An Analysis of Different Approaches to Gait Recognition Using Cell Phone Based Accelerometers. Proceedings of International Conference on Advances in Mobile Computing & Multimedia - MoMM ’13, 293–300.


Muaaz, M., & Mayrhofer, R. (2014). Orientation Independent Cell Phone Based Gait Authentication. Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia - MoMM ’14, 161–164.


Muaaz, M., & Mayrhofer, R. (2016). Accelerometer based Gait Recognition using Adapted Gaussian Mixture Models. Proceedings of the 14th International Conference on Advances in Mobile Computing and Multi Media - MoMM ’16, 288–291.


Muaaz M.; Mayrhofer R. (2015). Cross Pocket Gait Authentication Using Mobile Phone Based Accelerometer Sensor. 2015 In International Conference on Computer Aided Systems Theory, 731–738. 27340-2


Nader, J., Alsadoon, A., Prasad, P. W. C., Singh, A. K., & Elchouemi, A. (2015). Designing Touch-Based Hybrid Authentication Method for Smartphones. Procedia Computer Science, 70(28), 198–204.


Nguyen, H., Nguyen, H. H., Hoang, T., Choi, D., & Nguyen, T. D. (2016). A Generalized Authentication Scheme For Mobile Phones Using Gait Signals, 386– 407.


Nguyen Ngoc Diep, Cuong Pham, and T. M. P. (2015). SigVer3D: Accelerometer based verification of 3-D signatures on mobile devices, 326, 353–365.


Nickel, C., Brandt, H., & Busch, C. (2011). Classification of Acceleration Data for Biometric Gait Recognition on Mobile Devices. Biosig, 57–66. Retrieved from ion_Data_for_Biometric_Gait_Recognition_on_Mobile_Devices


Nickel, C., & Busch, C. (2013). Classifying accelerometer data via hidden Markov models to authenticate people by the way they walk. IEEE Aerospace and Electronic Systems Magazine, 28(10), 29–35.


Nickel, C., Derawi, M. O., Bours, P., & Busch, C. (2011). Scenario test of accelerometer-based biometric gait recognition. Proceedings of the 3rd International Workshop on Security and Communication Networks, IWSCN 2011, 15–21.


Nickel, C., Wirtl, T., & Busch, C. (2012). Authentication of smartphone users based on the way they walk using k-NN algorithm. Proceedings of the 2012 8th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2012, 16–20. MSP.2012.11


Nixon, K. W., Chen, X., Mao, Z. H., Chen, Y., & Li, K. (2013). Mobile user classification and authorization based on gesture usage recognition. Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC, (11), 384–389.


Owusu, E., Han, J., Das, S., Perrig, A., & Zhang, J. (2012). ACCessory: Password Inference Using Accelerometers on Smartphones. Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications, 9:1–9:6.


Petry, N. M. (2002). A Comparison of Young , Middle-Aged , and Older Adult Treatment-Seeking Pathological Gamblers, 42(1), 92–99.


Pisani, P. H., Lorena, A. C., & De Carvalho, A. C. P. L. F. (2014). Adaptive algorithms in accelerometer biometrics. Proceedings - 2014 Brazilian Conference on Intelligent Systems, BRACIS 2014, 336–341.


Pisani, P. H., Lorena, A. C., & De Carvalho, A. C. P. L. F. (2017). Adaptive algorithms applied to accelerometer biometrics in a data stream context. Intelligent Data Analysis, 21(2), 353–370.


Rahman, F., Gani, M. O., Ahsan, G. M. T., & Ahamed, S. I. (2014). Seeing beyond visibility: A four way fusion of user authentication for efficient usable security on mobile devices. Proceedings - 8th International Conference on Software Security and Reliability - Companion, SERE-C 2014, (8), 121–129.


Roshandel, M., Haji-Abolhassani, A., & Ketabdar, H. (2015). MagiThings: Gestural interaction with mobile devices based on using embedded compass (magnetic field) sensor. Emerging Perspectives on the Design, Use, and Evaluation of Mobile and Handheld Devices.


Roy, A., Halevi, T., & Memon, N. (2015). An HMM-based multi-sensor approach for continuous mobile authentication. Proceedings - IEEE Military Communications Conference MILCOM, 2015–Decem, 1311–1316.


Rybnicek, M., Lang-Muhr, C., & Haslinger, D. (2014). A roadmap to continuous biometric authentication on mobile devices. 2014 International Wireless Communications and Mobile Computing Conference (IWCMC), 122–127.


Sagar, S. Kumar, M. (2015). Gait biometrics as an authentication in smartphones. Research India Publications Journal, 10(55), 2954–2959.


Sanzziri, A., Nandugudi, A., Upadhyaya, S., & Qiao, C. (2013). SESAME: Smartphone enabled secure access to multiple entities. 2013 International Conference on Computing, Networking and Communications, ICNC 2013, (7), 879–883.


Schwarting, M., Burton, T., & Yampolskiy, R. (2016). On the obfuscation of image sensor fingerprints. Proceedings - 2015 Annual Global Online Conference on Information and Computer Technology, GOCICT 2015, 66–69.


Shen, C., Li, Y., Chen, Y., Guan, X., & Maxion, R. A. (2017). Performance Analysis of Multi-Motion Sensor Behavior for Active Smartphone Authentication. IEEE Transactions on Information Forensics and Security, 710049.


Shih, D.-H., Lu, C.-M., & Shih, M.-H. (2015). A flick biometric authentication mechanism on mobile devices. 2015 International Conference on Informative and Cybernetics for Computational Social Systems (ICCSS), 31–33.


Shila, D. M., Srivastava, K., O’Neill, P., Reddy, K., & Sritapan, V. (2016). A multi- faceted approach to user authentication for mobile devices — Using human movement, usage, and location patterns. 2016 IEEE Symposium on Technologies for Homeland Security (HST), (22), 1–6.


Sun, Z., & Wang, Y. (2015). A 3-D Hand Gesture Signature Based Biometric Authentication System for Smartphones, (2).


Tamviruzzaman, M., Ahamed, S. I., Hasan, C. S., & O’brien, C. (2009). ePet: when cellular phone learns to recognize its owner. Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, 13–18.


Ur, B., Kelley, P. G., Komanduri, S., Lee, J., Maass, M., Mazurek, M. L., … Cranor,L. F. (2012). How Does Your Password Measure Up ? The Effect of Strength Meters on Password Creation. D creation." USENIX Security Symposium, 65–80.


Vu, K. L., Proctor, R. W., Bhargav-spantzel, A., Tai, B. B., Cook, J., & Schultz, E. E. (2007). Improving password security and memorability to protect personal and

organizational information, 65, 744–757.


Wang, G., Zou, Y., Zhou, Z., Wu, K., & Ni, L. M. (2016). We can hear you with wi- fi!. IEEE Transactions on Mobile Computing, 15(11), 2907-2920.


Wang, H., Lymberopoulos, D., & Liu, J. (2015, February). Sensor-based user authentication. In European Conference on Wireless Sensor Networks (pp. 168- 185). Springer, Cham.


Watanabe, Y. (2014). Influence of holding smart phone for acceleration-based gait authentication. Proceedings - 2014 International Conference on Emerging Security Technologies, EST 2014, 30–33.


Watanabe, Y., & Houryu, T. F. (2013). Toward introduction of immunity-based model to continuous behavior-based user authentication on smart phone. Procedia Computer Science, 22(1), 1319–1327.


Wei, T., Wang, S., Zhou, A., & Zhang, X. (2015, September). Acoustic eavesdropping through wireless vibrometry. In Proceedings of the 21st Annual International Conference on Mobile Computing and Networking (pp. 130-141). ACM.


Witte, H., Rathgeb, C., & Busch, C. (2013). Context-Aware Mobile Biometric Authentication based on Support Vector Machines. 2013 Fourth International Conference on Emerging Security Technologies, (6), 29–32.


Wolff, M. (2013). Behavioral biometric identification on mobile devices. 2013 International Conference on Augmented Cognition, (Icsai), 783–791.


Yang, H., Chen, L., Bian, K., Tian, Y., Ye, F., Yan, W., … Li, X. (2015). TapLock: Exploit finger tap events for enhancing attack resilience of smartphone passwords. IEEE International Conference on Communications, 2015–Septe(17), 7139–7144.


Yang, L., Guo, Y., Ding, X., Han, J., Liu, Y., Wang, C., & Hu, C. (2015). Unlocking Smart Phone through Handwaving Biometrics. IEEE Transactions on Mobile Computing, 14(5), 1044–1055.


Yuen, P. C., Zou, W. W., Zhang, S. B., Wong, K. K. F., & Lam, H. H. S. (2009). Finger gesture recognition through sweep sensor. Proceedings of the 1st International Workshop on Interactive Multimedia for Consumer Electronics - IMCE ’09, 11– 17.


Zheng, N., Bai, K., Huang, H., & Wang, H. (2014). You are how you touch: User verification on smartphones via tapping behaviors. Proceedings - International Conference on Network Protocols, ICNP, 221–232.


Zhong, Y., Deng, Y., & Meltzner, G. (2015). Pace independent mobile gait biometrics. 2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems, BTAS 2015.


Zhu, J., Wu, P., Wang, X., & Zhang, J. (2013). SenSec: Mobile security through passive sensing. 2013 International Conference on Computing, Networking and Communications, ICNC 2013, (9), 1128–1133.

This material may be protected under Copyright Act which governs the making of photocopies or reproductions of copyrighted materials.
You may use the digitized material for private study, scholarship, or research.

Back to previous page

Installed and configured by Bahagian Automasi, Perpustakaan Tuanku Bainun, Universiti Pendidikan Sultan Idris
If you have enquiries with this repository, kindly contact us at or Whatsapp +60163630263 (Office hours only)