Alexander Chan

Bio: Alexander Chan is an academic researcher from Hunter College. The author has contributed to research in topics: Login & Authentication. The author has an hindex of 2, co-authored 2 publications receiving 41 citations.

Leap Motion Controller for Authentication via Hand Geometry and Gestures

Abstract: The Leap Motion controller is a consumer gesture sensor aimed to augment a user's interactive experience with their computer Using infrared sensors, it is able to collect data about the position and motions of a user's hands This data allows the Leap to be used as an authentication device This study explores the possibility of performing both login as well as continuous authentication using the Leap Motion device The work includes classification of static data gathered by the Leap Motion using trained classifiers, with over 99i?ź% accuracy In addition, data was recorded from the users while utilizing the Leap Motion to read and navigate through Wikipedia pages A template was created using the user attributes that were found to have the highest merit The algorithm found when matching the template to the users newly collected data, the authentication provided an accuracy of over 98i?ź%, and an equal error rate of 08i?ź% even for a small number of attributes This study demonstrates that the Leap Motion can indeed by used successfully to both authenticate users at login as well as while performing continuous activities As the Leap Motion is an inexpensive device, this raises the potential of using its data in the future for authentication instead of traditional keyboard passwords

Touchpad Input for Continuous Biometric Authentication

Abstract: Authentication is a process which is used for access control in computer security. However, common existing methods of authentication, which are based on authentication during the login stage, are insecure due to the lack of authentication after the initial instance. Ideally, authentication should be continuous and should not interfere with a user’s normal behavior as to not create an inconvenience for the user. Behaviometric identification, for example, verifies a user’s identity based on his behavior, both continuously and without interruption. This work shows that it is possible, with great accuracy, to identify different users based on their touchpad behaviors. While linear classifiers proved ineffective at classifying touchpad behavior, kernel density estimation and decision tree classification each proved capable of classifying data sets with over 90% accuracy.

Cardiac Scan: A Non-contact and Continuous Heart-based User Authentication System

Abstract: Continuous authentication is of great importance to maintain the security level of a system throughout the login session. The goal of this work is to investigate a trustworthy, continuous, and non-contact user authentication approach based on a heart-related biometric that works in a daily-life environment. To this end, we present a novel, continuous authentication system, namely Cardiac Scan, based on geometric and non-volitional features of the cardiac motion. Cardiac motion is an automatic heart deformation caused by self-excitement of the cardiac muscle, which is unique to each user and is difficult (if not impossible) to counterfeit. Cardiac Scan features intrinsic liveness detection, unobtrusiveness, cost-effectiveness, and high usability. We prototype a remote, high-resolution cardiac motion sensing system based on the smart DC-coupled continuous-wave radar. Fiducial-based invariant identity descriptors of cardiac motion are extracted after the radar signal demodulation. We conduct a pilot study with 78 subjects to evaluate Cardiac Scan in accuracy, authentication time, permanence, evaluation in complex conditions, and vulnerability. Specifically, Cardiac Scan achieves 98.61% balanced accuracy (BAC) and 4.42% equal error rate (EER) in a real-world setup. We demonstrate that Cardiac Scan is a robust and usable continuous authentication system.

Review of Three-Dimensional Human-Computer Interaction with Focus on the Leap Motion Controller

Abstract: Modern hardware and software development has led to an evolution of user interfaces from command-line to natural user interfaces for virtual immersive environments. Gestures imitating real-world interaction tasks increasingly replace classical two-dimensional interfaces based on Windows/Icons/Menus/Pointers (WIMP) or touch metaphors. Thus, the purpose of this paper is to survey the state-of-the-art Human-Computer Interaction (HCI) techniques with a focus on the special field of three-dimensional interaction. This includes an overview of currently available interaction devices, their applications of usage and underlying methods for gesture design and recognition. Focus is on interfaces based on the Leap Motion Controller (LMC) and corresponding methods of gesture design and recognition. Further, a review of evaluation methods for the proposed natural user interfaces is given.

Benchmarking Touchscreen Biometrics for Mobile Authentication

Abstract: We study user interaction with touchscreens based on swipe gestures for personal authentication. This approach has been analyzed only recently in the last few years in a series of disconnected and limited works. We summarize those recent efforts and then compare them to three new systems (based on support vector machine and Gaussian mixture model using selected features from the literature) exploiting independent processing of the swipes according to their orientation. For the analysis, four public databases consisting of touch data obtained from gestures sliding one finger on the screen are used. We first analyze the contents of the databases, observing various behavioral patterns, e.g., horizontal swipes are faster than vertical independently of the device orientation. We then explore an intra-session scenario, where users are enrolled and authenticated within the same day, and an inter-session one, where enrollment and test are performed on different days. The resulting benchmarks and processed data are made public, allowing the reproducibility of the key results obtained based on the provided score files and scripts. In addition to the remarkable performance, thanks to the proposed orientation-based conditional processing, the results show various new insights into the distinctiveness of swipe interaction, e.g., some gestures hold more user-discriminant information, data from landscape orientation is more stable, and horizontal gestures are more discriminative in general than vertical ones.

Leap Motion Controller for Authentication via Hand Geometry and Gestures

Abstract: The Leap Motion controller is a consumer gesture sensor aimed to augment a user's interactive experience with their computer Using infrared sensors, it is able to collect data about the position and motions of a user's hands This data allows the Leap to be used as an authentication device This study explores the possibility of performing both login as well as continuous authentication using the Leap Motion device The work includes classification of static data gathered by the Leap Motion using trained classifiers, with over 99i?ź% accuracy In addition, data was recorded from the users while utilizing the Leap Motion to read and navigate through Wikipedia pages A template was created using the user attributes that were found to have the highest merit The algorithm found when matching the template to the users newly collected data, the authentication provided an accuracy of over 98i?ź%, and an equal error rate of 08i?ź% even for a small number of attributes This study demonstrates that the Leap Motion can indeed by used successfully to both authenticate users at login as well as while performing continuous activities As the Leap Motion is an inexpensive device, this raises the potential of using its data in the future for authentication instead of traditional keyboard passwords

Actions Speak Louder Than (Pass)words: Passive Authentication of Smartphone * Users via Deep Temporal Features

Abstract: Prevailing user authentication schemes on smartphones rely on explicit user interaction, where a user types in a passcode or presents a biometric cue such as face, fingerprint, or iris. In addition to being cumbersome and obtrusive to the users, such authentication mechanisms pose security and privacy concerns. Passive authentication systems can tackle these challenges by unobtrusively monitoring the user’s interaction with the device. We propose a Siamese Long Short-Term Memory (LSTM) network architecture for passive authentication, where users can be verified without requiring any explicit authentication step. On a dataset comprising of measurements from 30 smartphone sensor modalities for 37 users, we evaluate our approach on 8 dominant modalities, namely, keystroke dynamics, GPS location, accelerometer, gyroscope, magnetometer, linear accelerometer, gravity, and rotation sensors. Experimental results find that a genuine user can be correctly verified 96.47% a false accept rate of 0.1% within 3 seconds.