The mobile phone has become a method used by most people daily to store and process private and sensitive information. To secure information stored on mobile phones, different forms of authentication methods (knowledge-based and tokens) are currently in use. Most of these forms of mobile phone authentications in use pose certain drawbacks that are either easy to circumvent or cumbersome to use (Feng, 2015). As a result, new forms of mobile phone authentication are being proposed to mitigate some of these drawbacks. Mobile phone-based biometric is one of the new forms of authentication. Mobile phone sensors can be harnessed to offers a wide range of solutions for authentication. This work focused on analyzing and evaluating mobile phone sensors for an explicit and transparent user authentication process. In this project, LG mobile phones were used to extract data from thirty (30) participants. The mobile phone sensors that were used included gyroscope, accelerometer, linear accelerometer, proximity sensor, gravity sensor, GPS sensor, magnetometer and the rotation sensor. A supervised machine learning algorithm was applied after feature extraction with a Feedforward Neural network for the data classification. An EER within the range of 31%-43% is achieved using 30 participants.
There has been an increased number of smartphone users in recent years all over the world. In a research released by datareportal, the world population stands at 7.1billion people, and there are about 2.71billion smartphone users, accounting for almost every third person worldwide owns a smartphone (datareportal, 2019).
Smartphones and tablets have become essential for accessing social media applications, emails, cloud computing, banking applications and several other utility applications (Fudong et al., 2014). Users also store essential information such as pictures, contact numbers, schedules and several other personal information in smartphones (Feng, 2015).
Along with the increased number of smartphone users, security and privacy threats come into play, smartphone applications such as banking applications require a high level of confidentiality. As such, it is essential to secure data stored on mobile phones (Fudonget al., 2014).
1.1 Problem statement
According to The Telegraph, in 2018, an average smartphone user uses their phone at least once in every twelve (12) minutes (Hymas, 2018). As smartphones are meant for recurrent and quick use, it is now essential to maintain the privacy of sensitive information and data in these devices by using non-intrusive but fast and more accurate authentication methods (Muhammad et al.,2017).
Unfortunately, most widely used authentication methods such as PINs, passwords, pattern locks, fingerprint scans require a user to interact with the phone actively and put in some information or draw sophisticated patterns on touch screens before a user is authenticated, this is frustrating for smartphone users authentication (Muhammad et.al., 2017). Using human behavioural patterns to continuously and implicitly authenticate mobile phone users using inbuilt mobile phone sensors addresses most of the issues of authenticating a smartphone with little or no effort (Muhammad et al., 2017). The accuracy of biometric authentication increases with the use of more than one biometrics. Analysing and evaluating mobile phone sensors would enable thorough research on biometric and contextual data which is suitable for combination for a multi-biometric transparent and continuous user authentication.
The Scope of this project includes extracting data from mobile phone sensors while users are performing controlled activities such as walking, sitting and standing and analysing the sensor data suitability for user authentication.
1.3 Aim and objectives
This project aims to effectively evaluate all available sensor data embedded within a mobile device for a transparent authentication system using machine learning.
The objectives of this project are to:
Identify the available sensors in mobile devices and data which can be extracted from theses sensors.
Carry out a feasibility study on suitable features to use for classifying the sensor data.
Conduct a performance evaluation of the extracted data’s suitability for transparent user authentication.
1.4 Authentication and current approaches
According to the Oxford English dictionary, authentication is a process or action of proving the Genuity or validity of something, and in computing, authentication is the process or action or verifying the identity of a user or process.
Mobile Phone authentication is used to verify the identity of a user using one or more authentication methods on a mobile device (Rouse, 2015).
Rouse (2015), explained that mobile phone authentication methods are generally divided into two sections, which are either the knowledge or biometric-based user authentication.
The knowledge-based mobile phone user authentication method is based on what the user knows. Forms of knowledge-based authentication methods are listed below:
Picture based password
Pins or alphanumeric password
Biometric-based user authentication is also divided into two sections:
Physiological (what you are)
Behavioural (what u do)
Authentication methods can further be categorised based on the number of techniques used for authenticating a user (Reham, 2014). A single factor form of authentication uses only one form of authentication to authenticate a user such as using only passwords or using only fingerprint biometrics while a two factor or multimodal form of mobile phone authentication uses the combination of two or more authentication methods to authenticate a user such as the combination of password and face recognition (Reham, 2014).
Knowledge-based or biometric forms of authentication can be done either implicitly or explicitly (Hassan, 2015). Implicit authentication uses the behavioural form of biometric authentication to provide a continuous authentication process while the explicit form of authentication is when a user intentionally performs a task to be authenticated, for example, physiological and knowledge-based form of authentication (Hassan, 2015)
1.5 Transparent Authentication
Transparent authentication does not require a user to authenticate explicitly because transparent authentication uses an implicit form of authentication method to authenticate a user while the user uses their mobile phones (Heather and Karen, 2017). The information used for the continuous authentication process is gathered from the sensors in mobile phones such as the magnetometer, gyroscope, gravity sensor, etc (Heather and Karen, 2017).
Heater and Karen (2014), explained that transparent and implicit authentication has an advantage of not requiring any interaction from the user since the information is gathered in the background.
1.6 Outline of the thesis
This project is divided into six chapters:
Introduction and Background of the study: The first part introduces what the project is about, the problem statement, scope of the project and the aim and objectives of the project.
Literature review: A review and evaluation of similar articles are presented in the second chapter
Methodology: This includes the data collection process and the steps which used in achieving the work is explained in the third chapter
Experiment and results: Experiment and results of experiments carried out are explained in the fourth chapter.
Evaluation and analysis of the results from experiments carried out is covered in the sixth chapter.
Conclusion and future research: The fifth chapter presents conclusions and future research.
2 Literature review
Although knowledge-based authentication systems have been in use for authenticating mobile phone user’s for years, biometric forms of authentication are now becoming very popular because of the outstanding advantages they have when compared to knowledge-based authentication. Some of these advantages are; Biometric traits cannot be lost or forgotten, biometric traits are difficult to copy, share and distribute and they require the person being authenticated to be present at the time and point of authentication, therefore, posing better security for users (Tran et. al,. 2016). With the increased number of mobile phone users and the sensitivity of the data and information stored in mobile phones, it is essential to improve the method of authenticating users as the traditional method of knowledge base authentication is easy to guess, observed and can be easily forgotten (Gagandeep and Mullana, 2011). Biometric systems have been in use since the second century with a Chinese emperor Ts’in-She, who used fingerprint for authenticating seals (Otieno, 2012). Biometric systems were later used in the 19th century by Bertillon who used biometric features for scientific policing by taking certain anatomical characteristics to identify reoffending criminals (Otieno, 2012).
Fingerprint, iris, face geometry and hand scanners are the common forms for mobile phone authentication. Iynkaran et al. (2016), explained the importance of using biometric systems and their ease of usage. When interacting with biometric systems such as fingerprint, finger vein, iris recognition, voice recognition, gait recognition, users do not have to remember passwords, pins or tokens.
DescriptionIn this final assignment, the students will demonstrate their ability to apply two ma
Path finding involves finding a path from A to B. Typically we want the path to have certain properties,such as being the shortest or to avoid going t
Develop a program to emulate a purchase transaction at a retail store. Thisprogram will have two classes, a LineItem class and a Transaction class. Th
1 Project 1 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of
1 Project 2 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of