CN109068009B - Smart phone implicit identity authentication method based on context detection - Google Patents

Smart phone implicit identity authentication method based on context detection Download PDF

Info

Publication number
CN109068009B
CN109068009B CN201811258567.3A CN201811258567A CN109068009B CN 109068009 B CN109068009 B CN 109068009B CN 201811258567 A CN201811258567 A CN 201811258567A CN 109068009 B CN109068009 B CN 109068009B
Authority
CN
China
Prior art keywords
user
context
authentication
behavior
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811258567.3A
Other languages
Chinese (zh)
Other versions
CN109068009A (en
Inventor
王任重
陶丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jiaotong University
Original Assignee
Beijing Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jiaotong University filed Critical Beijing Jiaotong University
Priority to CN201811258567.3A priority Critical patent/CN109068009B/en
Publication of CN109068009A publication Critical patent/CN109068009A/en
Application granted granted Critical
Publication of CN109068009B publication Critical patent/CN109068009B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72463User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72454User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to context-related or environment-related conditions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Human Computer Interaction (AREA)
  • Environmental & Geological Engineering (AREA)
  • Telephone Function (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The invention provides a smart phone implicit identity authentication method based on context detection. The method comprises the following steps: taking the body posture of a user as context information, respectively collecting and recording touch behavior data of the user in the process of inputting a password by using the smart phone for multiple times under two contexts of static or moving, and extracting behavior characteristics of the user according to the touch behavior data; constructing a context detection classifier and a corresponding touch behavior authentication classifier under each context according to the behavior characteristics of the user; and detecting the context state of the user to be authenticated by using a context detection classifier, and determining the validity of the identity of the user to be authenticated by using a corresponding touch behavior authentication classifier in the corresponding context state. The invention is simple to realize, does not need additional equipment, and only utilizes an accelerometer, a gyroscope and a magnetometer sensor which are arranged in the smart phone. The method has the characteristics of difficult cracking and difficult counterfeiting, improves the reliability of authentication, and avoids potential safety hazards caused by password leakage.

Description

Smart phone implicit identity authentication method based on context detection
Technical Field
The invention relates to the technical field of information security, in particular to a smart phone implicit identity authentication method based on context detection.
Background
With the wide application of smart phones in the life of people, more and more personal sensitive information such as payment passwords, confidential documents and the like are stored in the smart phones. The information contains a large amount of valuable private data, and great safety hazards are brought to users. Therefore, a secure and reliable protection mechanism must be provided for the smart phone to prevent the privacy information of the user from being illegally stolen.
Currently, most smartphones have been configured with PIN unlocking and pattern unlocking to authenticate users. These protection mechanisms authenticate a user through content known to the user, and protect the user's information to some extent, but they have several problems: first, some surveys have found that many users choose to use simple passwords, such as "0000" and "1234", for convenience, and these passwords are easy to crack because of their simple combination. Secondly, the cryptographic mechanism is vulnerable to shoulder surfing, smudging, etc. Therefore, even the complex password is still easy to be cracked by the outside. One of the biggest challenges faced by such protection mechanisms is that once the user's password is revealed, the mechanism behaves as a dummy and does not play any role in protection at all. Therefore, researchers have begun exploring new methods of identity authentication to improve the effectiveness of authentication.
Most smart phones today have integrated a large number of sensor devices, and it has become a research hotspot to capture the biometric behavior characteristics of a user for identity authentication. Among other things, the touch behavior characteristics of users have proven to perform well in differentiating between users. The Chinese patent publication No. CN104765995A discloses a smart phone identity authentication method based on touch operation, which extracts behavior characteristics by collecting behavior data of touch screen operation of a smart user, establishes behavior characteristic vectors, carries out normalized processing, and constructs a classifier to carry out identity authentication on the smart phone user. The method enhances the safety of user identity authentication, but only one identity authentication model is established, so that the authentication efficiency is reduced after the body posture of the user using the smart phone is changed, and the authentication of the user in various using states cannot be efficiently processed.
Disclosure of Invention
The embodiment of the invention provides a smart phone implicit identity authentication method based on context detection, which aims to overcome the problems in the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme.
A smart phone implicit identity authentication method based on context detection comprises the following steps:
respectively collecting and recording touch behavior data of a user in the process of inputting a password by using a smart phone for multiple times under moving and static body postures, and extracting behavior characteristics of the user according to the touch behavior data;
taking the body posture of the user as context information, wherein the context information comprises two types of contexts of a moving state and a static state, establishing context characteristics and authentication characteristics of multi-touch behaviors according to the behavior characteristics of the user, establishing a context detection classifier according to the context characteristics, and establishing a touch behavior authentication classifier corresponding to each context according to the authentication characteristics;
and authenticating the touch behavior data of the user to be authenticated by using the context detection classifier and the touch behavior authentication classifier, and determining the validity of the identity of the user to be authenticated according to an authentication result.
Further, the acquiring touch behavior data of the user in the process of inputting the password by using the smartphone for multiple times in moving and static body postures respectively, and extracting the behavior characteristics of the user according to the touch behavior data includes:
a user predefines a password with a set length;
respectively acquiring and recording touch behavior data in the process that a user inputs a password by using the smart phone for multiple times under moving and static body postures through an accelerometer, a gyroscope and a magnetometer which are built in the smart phone, carrying out normalized preprocessing on the touch behavior data, acquiring jitter data of the mobile phone caused by the fact that the user knocks a screen of the mobile phone through the accelerometer, acquiring direction deflection data of the mobile phone caused by the fact that the user operates the mobile phone through the gyroscope, and acquiring direction data of the mobile phone operated by the user through the magnetometer;
and extracting the behavior characteristics of the user according to the touch behavior data, wherein the behavior characteristics comprise global characteristics of three axes and amplitude of a gyroscope corresponding to the direction deflection data, global characteristics of three axes and amplitude of a magnetometer corresponding to the direction data, and global characteristics and local characteristics of three axes and amplitude of an accelerometer corresponding to the jitter data.
Further, the global features include: the average, the median, the standard deviation, the variance, the range, the skewness, the kurtosis, the maximum, the minimum, the 25% quantile, the 75% quantile, the maximum of the sensor frequency domain amplitude and the corresponding frequency of the sensor frequency domain amplitude, and the second maximum of the sensor frequency domain amplitude of the accelerometer, the gyroscope and the magnetometer are respectively used for measuring the time domain amplitude of the sensor.
The local features include: the password encryption method comprises the steps of starting values, ending values, the first n maximum values and the positions thereof with values ranging from large to small, the first n minimum values and the positions thereof with values ranging from small to large, and the size of n is consistent with the length of the password.
Further, the normalization preprocessing comprises: removing abnormal data, filtering and denoising the removed data by using a moving average method, and performing translation transformation on the filtered data, wherein the operation of the translation transformation comprises the following steps: and averaging the sum of the initial value and the end value of the data to obtain a translation amount, transforming all the data by utilizing the translation amount, and proportionally reducing the variation range of the data.
Further, the establishing context characteristics and authentication characteristics of the multi-touch behaviors according to the behavior characteristics of the user, establishing a context detection classifier according to the context characteristics, and establishing a touch behavior authentication classifier corresponding to each context according to the authentication characteristics includes:
extracting a set number of behavior characteristics before ranking from the behavior characteristics of the user by an mRMR characteristic selection method, and taking the behavior characteristics as context characteristics;
counting the distribution of all behavior characteristics through KS (key server) test, if some behavior characteristics of most users belong to the same distribution, removing the behavior characteristics of the same distribution, and taking the residual behavior characteristics as authentication characteristics;
and training the context characteristics by using a random forest classifier to obtain a context detection classifier, and training the authentication characteristics by using a random forest classifier to obtain a touch behavior authentication classifier corresponding to each context, wherein the touch behavior authentication classifier comprises a touch behavior authentication classifier corresponding to a static context and a touch behavior authentication classifier corresponding to a moving context.
Further, the authenticating the touch behavior data of the user to be authenticated by using the context detection classifier and the touch behavior authentication classifier, and determining the validity of the identity of the user to be authenticated according to the authentication result includes:
acquiring and recording touch behavior data of a user to be authenticated in the process of inputting the password by using a smart phone, extracting behavior characteristics of the user to be authenticated according to the touch behavior data, and acquiring context characteristics and authentication characteristics of touch behaviors according to the behavior characteristics of the user to be authenticated;
inputting the context characteristics of the user to be authenticated into the context detection classifier, outputting whether the context of the user to be authenticated is in a static state or a moving state by the context detection classifier, selecting a corresponding touch behavior authentication classifier according to the static state or the moving state of the context, inputting the authentication characteristics of the user to be authenticated into the corresponding touch behavior authentication classifier, outputting an authentication result of the legality of the identity of the user to be authenticated by the touch behavior authentication classifier, wherein the authentication result comprises passing or failing authentication of the identity of the user to be authenticated.
According to the technical scheme provided by the embodiment of the invention, the implicit identity authentication method based on the context detection is simple to implement, does not need additional equipment, and only utilizes an accelerometer, a gyroscope and a magnetometer sensor which are built in the smart phone. The user identity authentication method based on the touch behavior characteristics of the user in the PIN input process has the characteristics of being difficult to crack and difficult to forge, greatly improves the reliability of authentication, and avoids potential safety hazards caused by password leakage.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of an implementation of a smart phone implicit identity authentication method based on context detection according to an embodiment of the present invention.
Fig. 2 is a flowchart of the steps in the training phase of the smartphone implicit identity authentication method based on context detection according to the present invention.
Fig. 3 is a schematic diagram of the accelerometer sensor data after preprocessing according to the first embodiment of the invention.
Fig. 4 is a schematic diagram of the gyroscope sensor data after being preprocessed according to the first embodiment of the invention.
Fig. 5 is a schematic diagram of the preprocessed magnetometer sensor data according to the first embodiment of the invention.
Fig. 6 is a flowchart of steps of an authentication phase of a smart phone implicit identity authentication method based on context detection according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or coupled. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
For the convenience of understanding the embodiments of the present invention, the following description will be further explained by taking several specific embodiments as examples in conjunction with the drawings, and the embodiments are not to be construed as limiting the embodiments of the present invention.
The embodiment of the invention provides a smart phone implicit identity authentication method based on context detection, which is higher in practicability. The method divides the body posture of the user into dynamic state and static state, and uses the dynamic state and the static state as context information, so that different body postures have corresponding identity authentication models. The method is particularly suitable for unlocking of the smart phone user, APP login and payment authentication.
The implementation flow of the smart phone implicit identity authentication method based on context detection provided by the embodiment of the invention is shown in fig. 1. It can be seen from fig. 1 that the method includes two processes, training and certification. The training stage utilizes the training data to establish a context detection model and an authentication model, and the authentication stage utilizes various models established in the training stage to authenticate the authentication data and obtain an authentication result.
Fig. 2 is a flowchart of a training phase of a smart phone implicit identity authentication method based on context detection. From fig. 2 it can be seen that the training phase comprises the following processes:
s1, predefining a password by a user;
the user predefines a password with a set length (6 bits or 8 bits), and the user can freely define the content of the password according to the preference of the user.
S2, taking the body posture of the user as context information, wherein the context information comprises two types of contexts of a moving state and a static state. The method comprises the steps of respectively collecting and recording touch behavior data of a user in the process of inputting passwords by using the smart phone for multiple times under two contexts (namely two body postures), and carrying out normalized preprocessing on the touch behavior data.
Because the touch behavior characteristics corresponding to the use of the smart phone by a person during movement are different from the touch behavior characteristics corresponding to the use of the smart phone by the person during static state, the touch behavior data of the user during the process of inputting the password by using the smart phone for multiple times under two contexts (namely, moving and static body postures) are respectively collected and recorded and are respectively used for training the corresponding touch behavior authentication classifiers under the two contexts (namely, moving and static body postures) so as to improve the practicability.
In the embodiment, the collected readings of the built-in sensor of the mobile phone in the process of using the smart phone by the user comprise triaxial data of an accelerometer, a gyroscope and a magnetometer; the accelerometer records the jitter of the mobile phone caused by the user knocking the screen of the mobile phone; the gyroscope records the direction deflection of the mobile phone caused by the operation of the mobile phone by a user; the magnetometer records the direction information of the user operating the mobile phone.
Because the sensitivity of the sensor of the smart phone is very high, and a user may make a mistake in the operation process, the collected data contains many abnormal values and noises, and therefore the data needs to be subjected to normalized preprocessing before further analysis, wherein the normalized preprocessing comprises the steps of removing abnormal data, filtering and denoising the removed data by using a simple moving average method, and performing translation transformation on the filtered data.
Wherein the translation transformation operation is as follows: and averaging the sum of the initial value and the end value of the data to obtain a translation amount, and transforming all the data by using the translation amount so as to reduce the variation range of the data in proportion.
S3, extracting the behavior characteristics of the user according to the multi-touch behavior data of the user;
the behavior characteristics of the user can reflect the unique operation habits of the user and are obtained by analyzing the touch behavior data of the user.
Fig. 3, fig. 4, and fig. 5 are schematic diagrams of data of three sensors, namely, an accelerometer, a gyroscope, and a magnetometer, which are provided in the embodiment of the present invention after being preprocessed, and it is found through analysis that the accelerometer can reflect a pressure applied by a user tapping a touch screen, and a corresponding expression is that when the user clicks a mobile phone screen, acceleration has a sudden jump, and a user operation strength is proportional to the acceleration; the gyroscope and the magnetometer can reflect the rotation condition and the direction change of the mobile phone during the operation process of a user.
Dividing the behavior characteristics of the user into global characteristics and local characteristics according to analysis; the features of the behavior extracted include global features of the three axes and amplitudes of the accelerometer, gyroscope, and magnetometer, and local features of the three axes and amplitudes of the accelerometer.
The global feature is used for reflecting the distribution state and the change state of the whole data; the global features include: the average value, the median value, the standard deviation, the variance, the range, the skewness, the kurtosis, the maximum value, the minimum value, the 25% quantile, the 75% quantile, the maximum value of the frequency domain amplitude of the sensor and the corresponding frequency thereof, and the second maximum extreme value of the frequency domain amplitude of the sensor.
The local characteristics are used for reflecting local changes caused in the password input process; the local features include: the password encryption method comprises the steps of starting values, ending values, the first n maximum values and the positions thereof with values ranging from large to small, the first n minimum values and the positions thereof with values ranging from small to large, and the size of n is consistent with the length of the password.
S4, selecting characteristics of the behavior characteristics of the user, and establishing context characteristics and authentication characteristics of the multi-touch behaviors;
in the embodiment of the invention, the behavior characteristics with a set number (for example, 25) before ranking in the behavior characteristics are extracted by an mRMR (Minimum Redundancy-Maximum correlation) characteristic selection method, and the behavior characteristics are used as context characteristics.
The mRMR algorithm is a filtering type feature selection method, and the core idea of the algorithm is to maximize the correlation between features and classification variables and minimize the correlation between the features; the mRMR algorithm has high robustness and high speed, and is widely applied to the fields of image recognition and machine learning.
In the embodiment of the invention, the distribution of all behavior characteristics is counted by a KS (Kolmogorov-Smirnov, Kolmogorov-Sporov) test, if some behavior characteristics of most users belong to the same distribution, the behavior characteristics in the same distribution are removed, and the rest behavior characteristics are taken as authentication characteristics.
Where the KS test is a non-parametric statistical hypothesis test based on the maximum distance between the empirically accumulated distributions of two data sets, the two hypotheses of the KS test are H0: the two data sets are from the same distribution, H1: the two data sets are from different distributions, the KS test results in a p-value, if the resulting p-value is greater than α, the assumption that H0 is true is accepted, the assumption that H0 is accepted, otherwise the H0 hypothesis is rejected if the p-value is less than α, and α is typically set to 0.05.
The KS test differs from other methods such as the t-test in that it does not require knowledge of the distribution of the data, a non-parametric test method, and is quite common for analyzing differences between two sets of data.
And S5, constructing a context detection classifier and a touch behavior authentication classifier corresponding to each context.
The embodiment of the invention uses a random forest classifier for classification, and obtains the context detection classifier by training the context feature vector obtained by processing the original data through a series of processes by using the random forest classifier. And training the authentication feature vector obtained by processing the original data in a series of ways by using a random forest classifier to obtain a touch behavior authentication classifier corresponding to each context. The touch behavior authentication classifier comprises a touch behavior authentication classifier corresponding to a static state context and a touch behavior authentication classifier corresponding to a moving state context.
The random forest classifier is an integrated learning method, a plurality of CATR trees are integrated to train and predict samples, and the random forest classifier has the advantages of being strong in noise immunity, not prone to overfitting, high in speed and the like.
In summary, the training phase is completed.
Fig. 6 is a flowchart of a training phase of a smart phone implicit identity authentication method based on context detection. As can be seen from fig. 6, this stage includes the following process:
s1, prompting a user of a password predefined in a training stage;
in the authentication stage, a password predefined in the training stage is firstly provided for a user to be authenticated for the user to refer to, and the user inputs the predefined password according to own habits.
S2, acquiring and recording touch behavior data in the process that a user to be authenticated inputs a password by using an intelligent mobile phone, and carrying out standardized preprocessing on the data in the same way as the training stage step S2;
s3, extracting behavior characteristics according to the touch behavior data of the user to be authenticated in the same way as the step S3 in the training stage;
s4, performing feature selection in the same way as the training stage step S4, and establishing context features and authentication features of the touch behavior;
and S5, carrying out context detection on the context features according to the context detection classifier which is constructed in the training stage step S5, and outputting the state of the context (namely, whether the body posture is moving or static) of the user to be authenticated.
S6, authenticating the authentication features according to the context detection result of S5 and the corresponding touch behavior authentication classifier under the corresponding context state established in the training stage step S5, inputting the authentication features of the user to be authenticated into the corresponding touch behavior authentication classifier, outputting the authentication result of the legality of the identity of the user to be authenticated by the touch behavior authentication classifier, wherein the authentication result comprises passing or failing authentication of the identity of the user to be authenticated.
The context detection classifier and the corresponding authentication classifier are trained in the training stage, so that the identity authentication result of the user to be authenticated can be output only by inputting the feature vectors obtained from the authentication data into the trained authentication models in the authentication stage, and the result is whether the user to be authenticated is a legal user or not.
The authentication phase is complete.
In summary, compared with the traditional PIN authentication mechanism, the smart phone user identity authentication method using the touch behavior characteristics of the user in the process of inputting the PIN has the characteristics of being difficult to crack and difficult to forge, the authentication reliability is greatly improved, and potential safety hazards caused by password leakage are avoided.
Compared with the existing implicit identity authentication method of the smart phone, the implicit identity authentication method of the smart phone based on the context detection can automatically detect the context information of the user, and different contexts have different identity authentication models and have higher practicability.
The implicit identity authentication method of the smart phone based on the context detection is simple to implement, does not need additional equipment, and only utilizes an accelerometer, a gyroscope and a magnetometer sensor which are built in the smart phone.
Those of ordinary skill in the art will understand that: the figures are merely schematic representations of one embodiment, and the blocks or flow diagrams in the figures are not necessarily required to practice the present invention.
From the above description of the embodiments, it is clear to those skilled in the art that the present invention can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which may be stored in a storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for apparatus or system embodiments, since they are substantially similar to method embodiments, they are described in relative terms, as long as they are described in partial descriptions of method embodiments. The above-described embodiments of the apparatus and system are merely illustrative, and the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (6)

1. A smart phone implicit identity authentication method based on context detection is characterized by comprising the following steps:
respectively collecting and recording touch behavior data of a user in the process of inputting a password by using a smart phone for multiple times under moving and static body postures, and extracting behavior characteristics of the user according to the touch behavior data;
taking the body posture of the user as context information, wherein the context information comprises two types of contexts of a moving state and a static state, establishing context characteristics and authentication characteristics of multi-touch behaviors according to the behavior characteristics of the user, establishing a context detection classifier according to the context characteristics, and establishing a touch behavior authentication classifier corresponding to each context according to the authentication characteristics;
and authenticating the touch behavior data of the user to be authenticated by using the context detection classifier and the touch behavior authentication classifier, and determining the validity of the identity of the user to be authenticated according to an authentication result.
2. The method according to claim 1, wherein the step of collecting touch behavior data of a user in a process of inputting a password by using a smartphone for multiple times in moving and stationary body postures respectively, and the step of extracting the behavior characteristics of the user according to the touch behavior data comprises the steps of:
a user predefines a password with a set length;
respectively acquiring and recording touch behavior data in the process that a user inputs a password by using the smart phone for multiple times under moving and static body postures through an accelerometer, a gyroscope and a magnetometer which are built in the smart phone, carrying out normalized preprocessing on the touch behavior data, acquiring jitter data of the mobile phone caused by the fact that the user knocks a screen of the mobile phone through the accelerometer, acquiring direction deflection data of the mobile phone caused by the fact that the user operates the mobile phone through the gyroscope, and acquiring direction data of the mobile phone operated by the user through the magnetometer;
and extracting the behavior characteristics of the user according to the touch behavior data, wherein the behavior characteristics comprise global characteristics of three axes and amplitude of a gyroscope corresponding to the direction deflection data, global characteristics of three axes and amplitude of a magnetometer corresponding to the direction data, and global characteristics and local characteristics of three axes and amplitude of an accelerometer corresponding to the jitter data.
3. The method of claim 2, wherein the global features comprise: the average value, the median value, the standard deviation, the variance, the range, the skewness, the kurtosis, the maximum value, the minimum value, the 25% quantile, the 75% quantile, the maximum value of the sensor frequency domain amplitude and the corresponding frequency of the sensor frequency domain amplitude as well as the second maximum extreme value of the sensor frequency domain amplitude of the accelerometer, the gyroscope and the magnetometer are obtained;
the local features include: the password encryption method comprises the steps of starting values, ending values, the first n maximum values and the positions thereof with values ranging from large to small, the first n minimum values and the positions thereof with values ranging from small to large, and the size of n is consistent with the length of the password.
4. The method of claim 2, wherein the normalization preprocessing comprises: removing abnormal data, filtering and denoising the removed data by using a moving average method, and performing translation transformation on the filtered data, wherein the operation of the translation transformation comprises the following steps: and averaging the sum of the initial value and the end value of the data to obtain a translation amount, transforming all the data by utilizing the translation amount, and proportionally reducing the variation range of the data.
5. The method according to any one of claims 2 to 4, wherein the establishing context features and authentication features of the multi-touch behavior according to the behavior features of the user, the establishing a context detection classifier according to the context features, and the establishing a touch behavior authentication classifier corresponding to each context according to the authentication features comprises:
extracting a set number of behavior characteristics before ranking from the behavior characteristics of the user by a minimum redundancy maximum correlation (mRMR) characteristic selection method, and taking the behavior characteristics as context characteristics;
counting the distribution of all behavior characteristics through a Kolmogorov-Sporov KS test, if some behavior characteristics of most users belong to the same distribution, removing the behavior characteristics of the same distribution, and taking the residual behavior characteristics as authentication characteristics;
and training the context characteristics by using a random forest classifier to obtain a context detection classifier, and training the authentication characteristics by using a random forest classifier to obtain a touch behavior authentication classifier corresponding to each context, wherein the touch behavior authentication classifier comprises a touch behavior authentication classifier corresponding to a static context and a touch behavior authentication classifier corresponding to a moving context.
6. The method according to claim 5, wherein the authenticating the touch behavior data of the user to be authenticated by using the context detection classifier and the touch behavior authentication classifier, and determining the validity of the identity of the user to be authenticated according to the authentication result comprises:
acquiring and recording touch behavior data of a user to be authenticated in the process of inputting the password by using a smart phone, extracting behavior characteristics of the user to be authenticated according to the touch behavior data, and acquiring context characteristics and authentication characteristics of touch behaviors according to the behavior characteristics of the user to be authenticated;
inputting the context characteristics of the user to be authenticated into the context detection classifier, outputting whether the context of the user to be authenticated is in a static state or a moving state by the context detection classifier, selecting a corresponding touch behavior authentication classifier according to the static state or the moving state of the context, inputting the authentication characteristics of the user to be authenticated into the corresponding touch behavior authentication classifier, outputting an authentication result of the legality of the identity of the user to be authenticated by the touch behavior authentication classifier, wherein the authentication result comprises passing or failing authentication of the identity of the user to be authenticated.
CN201811258567.3A 2018-10-26 2018-10-26 Smart phone implicit identity authentication method based on context detection Active CN109068009B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811258567.3A CN109068009B (en) 2018-10-26 2018-10-26 Smart phone implicit identity authentication method based on context detection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811258567.3A CN109068009B (en) 2018-10-26 2018-10-26 Smart phone implicit identity authentication method based on context detection

Publications (2)

Publication Number Publication Date
CN109068009A CN109068009A (en) 2018-12-21
CN109068009B true CN109068009B (en) 2020-04-28

Family

ID=64767671

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811258567.3A Active CN109068009B (en) 2018-10-26 2018-10-26 Smart phone implicit identity authentication method based on context detection

Country Status (1)

Country Link
CN (1) CN109068009B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287664A (en) * 2019-07-01 2019-09-27 贵州大学 A kind of identity identifying method being characterized selection based on multirow

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104408341B (en) * 2014-11-13 2017-06-27 西安交通大学 Smart phone user identity identifying method based on gyroscope behavioural characteristic
CN104765995B (en) * 2015-04-24 2018-03-06 福建师范大学 Smart machine identity identifying method and client based on contact action
US20170227995A1 (en) * 2016-02-09 2017-08-10 The Trustees Of Princeton University Method and system for implicit authentication
CN107194216A (en) * 2017-05-05 2017-09-22 中南大学 A kind of mobile identity identifying method and system of the custom that swiped based on user
CN107632722A (en) * 2017-09-30 2018-01-26 北京梆梆安全科技有限公司 A kind of various dimensions user ID authentication method and device

Also Published As

Publication number Publication date
CN109068009A (en) 2018-12-21

Similar Documents

Publication Publication Date Title
Buriro et al. Please hold on: Unobtrusive user authentication using smartphone's built-in sensors
CN104408341B (en) Smart phone user identity identifying method based on gyroscope behavioural characteristic
CN105279405B (en) Touchscreen user button behavior pattern is built and analysis system and its personal identification method
Xu et al. Towards continuous and passive authentication via touch biometrics: An experimental study on smartphones
Muaaz et al. An analysis of different approaches to gait recognition using cell phone based accelerometers
Centeno et al. Smartphone continuous authentication using deep learning autoencoders
Yeh et al. I walk, therefore i am: continuous user authentication with plantar biometrics
US20150131874A1 (en) Dynamic handwriting verification and handwriting-based user authentication
Shen et al. Touch-interaction behavior for continuous user authentication on smartphones
CN107153780B (en) Writing behavior feature authentication method based on wrist wearable electronic equipment
Sun et al. A 3‐D hand gesture signature based biometric authentication system for smartphones
Buriro et al. Airsign: A gesture-based smartwatch user authentication
CN107615301A (en) The safety storage of fingerprint coherent element
CN106357411A (en) Identity verification method and device
Maiorana et al. Deepkey: Keystroke dynamics and CNN for biometric recognition on mobile devices
CN112492090A (en) Continuous identity authentication method fusing sliding track and dynamic characteristics on smart phone
Buriro et al. SWIPEGAN: swiping data augmentation using generative adversarial networks for smartphone user authentication
Wu et al. CaIAuth: Context-aware implicit authentication when the screen is awake
CN109068009B (en) Smart phone implicit identity authentication method based on context detection
Wu et al. It's All in the Touch: Authenticating Users with HOST Gestures on Multi-Touch Screen Devices
Wang et al. Towards DTW-based unlock scheme using handwritten graphics on smartphones
Canfora et al. Silent and continuous authentication in mobile environment
Smith-Creasey et al. Context awareness for improved continuous face authentication on mobile devices
CN107615299A (en) For assessing the method and system of fingerprint template
CN104104773A (en) Method of using SVM classifier to identify handset users

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant