期刊
COMPUTERS & SECURITY
卷 66, 期 -, 页码 115-128出版社
ELSEVIER ADVANCED TECHNOLOGY
DOI: 10.1016/j.cose.2017.01.008
关键词
Gesture authentication; Finger-drawn PIN; Behavioral biometric; Shoulder surfing; Touch devices
资金
- National Science Foundation [1228842]
- Thailand Research Fund [5980078]
- Direct For Computer & Info Scie & Enginr
- Division Of Computer and Network Systems [1228842] Funding Source: National Science Foundation
This paper presents Dew-A-PIN, a user authentication system on a device with a touch interface that supports the use of PINs. In the proposed system, the user is asked to draw her PIN on the touch screen instead of typing it on a keypad. Consequently, DRAW-A-PIN could offer better security by utilizing drawing traits or behavioral biometrics as an additional authentication factor beyond just the secrecy of the PIN. In addition, DRAW-A-PIN inherently provides acceptability and usability by leveraging user familiarity with PINs. To evaluate the security and usability of the approach, DRAW-A-PIN was implemented on Android phones and 3203 legitimate finger-drawn PINs and 4655 forgery samples were collected through an extensive and unsupervised field experiment over 10 consecutive days. Experimental results show that DRAW-A-PIN achieves an equal error rate of 4.84% in a scenario where the attacker already knows the PIN by shoulder surfing. Finally, results from a user study based on the System Usability Scale questionnaire confirm that DRAW-A-PIN is highly usable. (C) 2017 Elsevier Ltd. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据