Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
22
The paper is divided into sections. Section 2 analysis. Through utilizing secret-knowledge and keystroke
describes various behaviour based authentication methods analysis, it proposed a stronger and more robust mechanism.
for mobile devices. Section 3 concludes the survey.
A secret-knowledge based technique will be utilized as
usual; however, keystroke analysis will be applied to the
II. BEHAVIOUR BASED AUTHENTICATION
input to provide a second verication. Whilst keystroke
The security issues in previous discussed biometric analysis using mobile devices have been proven effective in
methods lead to a new area called behavioural biometrics. experimental studies, these studies have only utilized the
Behavioural biometrics deals with not only the physiological mobile device for capturing samples rather than the more
characteristics, but also psychological qualities of a person. computationally challenging task of performing the actual
authentication. Given the limited processing capabilities of
It is based on what people do and how they do it.
Various behavioural biometric verification methods mobile devices, this study focuses upon deploying keystroke
include keystroke dynamics, gait analysis, voice ID, mouse analysis to a mobile device utilizing numerous pattern
use
characteristics, signature
analysis and
cognitive classiers.
According to the paper [9] proposed by Markus
biometrics. This feature is found to be unique since it is
based on how people do things and different people have Jakobsson et al., mobile users can also be authenticated by
different behaviour. This type of authentication is considered using those actions that they carry out. A score is calculated
as secure since there is no visual input like keyboard and in based on the actions of the user. It is done by boosting the
that case input is hidden. [7] This method is used for score when a common habit of the user is identified and
secure authentication in financial institutions, businesses, degrading the score when activity that is not commonly seen
government facilities and retail point of sale (POS), as well in a user is identified. After a time period, no explicit
as in other environments. Various researches have been done authentication like password is needed to authenticate.
Results show that this approach has great potential while
and still going on in this area.
In the research done by Anna Schlenker et al., using with devices having rich input.
Another method by Wazir Zada Khan et al.,
various behavioural methods are discussed: signature
suggests
a graphical password based system for mobile
dynamics in which appearance, shape, timing and pressure
applied by user while doing signature is measured. It is devices. This scheme is resistant to shoulder surng attack
found to be difficult to be replicated by trained human and many other attacks on graphical passwords. In this, user
forger. Voice verification is another method where tone, has to select a username and a textual password. After
pitch and cadence of the voice are considered. Mouse selecting one of the objects shown, the user has to draw
dynamics is another method where distance, speed and angle those selected objects on a touch sensitive screen using a
during the mouse movement are measured. Results show stylus. During authentication, the user has to give his
that these methods are less obtrusive, does not require username and textual password and then give his graphical
special hardware and they are easier and cheaper to use. [2] password. This method proved to be effective, but it is
In paper [4] proposed by Saevanee, H et al., inconvenient for people who are uneducated and also who
behavioural manners of user on a touch screen by detecting have shivering since it is based on drawing compared to
finger pressure and keystroke dynamics is used. Key press other methods. [14]
In paper [12] by Ramanujan Kashi, users observed
duration and force given by the user while touching on the
screen is used here as authentication factor. Here three usage of device is compared to an expected pattern of usage.
features are used: duration of interval between two keys, Observed usage can be any daily activity of a person like
hold time and finger pressure applied while touching on checking mail, contacting a person, following a route.etc. If
screen. Results show that this method has high accuracy of any deviation occurs, results in unauthorized access. When
about 90 percentage and this can assure that system is well this deviation exceeds a threshold, explicit authentication is
need. This method proves to user friendly compared to other
protected.
The paper [13] by A. Buchoux et al., based on methods as it is based on their daily activities.
One of the promising factor that can be taken into
keystroke analysis proposes a method that combines
keystroke analysis with another method can improve the account in behavioural biometrics is the habit of a person.
protection. It is a two factor authentication method that Habit is routine of behaviour that is repeated regularly and
combines secret knowledge like 4 digit pin with keystroke which happens in unconscious layer of mind. Due to this, it
is said that it is very difficult to be reproduced. Incorporating
23
24
BIOGRAPHY
Sreeja.P is a postgraduate research student
at Vidya Academy of Science and
Technology, Thrissur, India, affiliated to
Calicut University. Her area of interest is
security in mobile platforms and new
authentication methods. She received her
B.tech Degree in Computer Science and
Engineering from MG University, Kerala, India, in 2013.
Geethu P.C is an Assistant Professor at
Vidya Academy of Science and
Technology, Thrissur, India, affiliated to
Calicut University. Her area of interest is
Network Security. She received her
M.tech Degree in Computer Science and
Engineering from Kerala University,
Kerala, India, in 2013.
25