Research And Implementation Of Continuous Identity Authentication Technology Based On Multiple Touch Screen Gestures

Access security of mobile applications is an important problem needed to be solved currently.However,traditional identity authentication technologies for mobile applications,such as authentications based on passwords or fingerprints,fail to perform a continuous identity authentication on operators,and therefore cannot block the access of a malicious operator to the application happened during the period from a successful account login to the account logout.In view of this,researchers proposed the continuous identity authentication technology,which continuously checks the validity of the operator based on his/her behavior data collected continuously by the mobile application.Continuous identity authentication technology thus becomes an effective solution to ensure access security for recent mobile applications,which has attracted a slew of attentions from both academia and industry.Screen touching interactions are not only widely supported by mobile devices but also widely embraced by common users,which makes the continuous identity authentication technology based on touch screen behaviors become a current research hotspot.However,in the data collection phase,current technologies based on touch screen behavior cannot guarantee the standardization and diversity of touch screen gestures,resulting in low quality of the collected touch screen behavior data and thus affecting their ability to identify users.On the other hand,for the implementation model of continuous identity authentication,current technologies fail to utilize the historical identity check results to improve the efficiency of the continuous identity authentication.In view of the above-mentioned shortcomings of existing technologies,this thesis proposes a continuous authentication technology based on multiple touch screen gestures.The proposed technology improves the authentication efficiency by optimizing both of the data collection method for touch screen behaviors and the continuous identity authentication model.Specifically,this thesis includes the following two research contents.(1)This thesis designs a continuous identity authentication technology,named m Touch,based on multiple touch screen gestures.In the aspect of user touch screen gesture design,m Touch uses the idea of persuasive design to design multiple touch screen gestures,which not only guides users to improve the standardization of their touch screen operations,but also captures the diversified characteristics of their touch screen behaviors.By optimizing the data collection method,m Touch raises the user identification ability.Taking the collected behavior data of multiple touch screen gestures as the input,m Touch employs a proposed time decay factor-based dynamic trust model to design its continuous identity authentication algorithm.By introducing a time decay factor,the model can comprehensively consider the historical identity check results in the identity authentication phase,so as to ensure the efficiency of identity authentication.Experiments on real world datasets show that m Touch is more effective than other related technologies.In specific,in addition to not mistakenly locking authorized users,m Touch can detect and lock unauthorized users within an average of 5.28 user operations,which is 14.6%-61.4% higher than that of those state-of-the-art solutions.(2)Based on the proposed m Touch technology,this thesis implements a subsystem for an online testing system with continuous identity authentication function.The subsystem is built based on the urgent need of online testing requirements of colleges and universities.By using the popular We Chat mini program platform,the subsystem utilizes the m Touch technology to realize the continuous identity authentication function for testers during the process of online testing,which can help teachers timely discover cheating behaviors of students.Based on the development phases proposed from the software engineering domain,requirement analysis,high level design,low level design,detailed implementation and testing results of the subsystem are elaborated in the thesis.The subsystem has been widely used in many courses of our college,and received very satisfactory feedback.By implementing a system and promoting the system application,the effectiveness of the proposed continuous identity authentication technology is further verified.To sum up,this thesis proposes a continuous identity authentication technology based on multiple touch screen gestures and uses this technology to implement a subsystem for an online testing system with continuous identity authentication function based on We Chat mini program platform.Experiment verification and system testing show that the proposed technology effectively improves the efficiency of continuous identity authentication and at the meanwhile provides a new idea and a new technical mean for security access of mobile applications.