An Omnidirectional Approach to Touch-based Continuous Authentication

TL;DR

This paper introduces an omnidirectional touch-based continuous authentication method that outperforms traditional direction-dependent approaches by leveraging optimal features and balanced training, enhancing smartphone security.

Contribution

The work proposes a novel direction-agnostic approach to touch-based authentication, demonstrating improved performance over traditional methods across various classifiers and feature sets.

Findings

The Extra-Trees classifier combined with the proposed approach yields superior results.

The TouchAlytics feature set performs best with the omnidirectional method when using three or more strokes.

Performance varies significantly with different feature sets and stroke sequences.

Abstract

This paper focuses on how touch interactions on smartphones can provide a continuous user authentication service through behaviour captured by a touchscreen. While efforts are made to advance touch-based behavioural authentication, researchers often focus on gathering data, tuning classifiers, and enhancing performance by evaluating touch interactions in a sequence rather than independently. However, such systems only work by providing data representing distinct behavioural traits. The typical approach separates behaviour into touch directions and creates multiple user profiles. This work presents an omnidirectional approach which outperforms the traditional method independent of the touch direction - depending on optimal behavioural features and a balanced training set. Thus, we evaluate five behavioural feature sets using the conventional approach against our direction-agnostic method while testing several classifiers, including an Extra-Tree and Gradient Boosting Classifier, which is often overlooked. Results show that in comparison with the traditional, an Extra-Trees classifier and the proposed approach are superior when combining strokes. However, the performance depends on the applied feature set. We find that the TouchAlytics feature set outperforms others when using our approach when combining three or more strokes. Finally, we highlight the importance of reporting the mean area under the curve and equal error rate for single-stroke performance and varying the sequence of strokes separately.