الفهرس 
IntroductionOnly 14 pages are availabe for public view
 |  | from | 138 |  |  |
| | | from | 138 | | |
Abstract
Currently smart phone’ users run many crucial applications (such as banking and e-commerce Apps) which contains a very confidential information. The smart phone devices have become an integral part of our routine activities. These devices are used everywhere at any time for several tasks. The value of your phone is not only depending on its price or new technology added to it but also over the privacy of your stored information inside it. This implies that our critical and sensitive data will progressively be manipulated by these devices. Therefore, protecting access to mobile devices is considered a prime concern. The security protection of smart phones could be achieved by user’s authentication which is one of the embedded security services available in any mobile device. It is considered the first defense line of your critical details stored inside mobile device. Typically, the mobile user authentication is achieved using mechanisms (password, security pattern) to verify a user’s secret. Although these mechanisms are cheap, simple, and quick enough for frequent logins, they are vulnerable to attacks such as shoulder surfing or Smudge attack. In other case, they are more frustrating to be used, leading users to create short secrets, or sometimes not using any authentication mechanism at all. If they are not protected by any method and they are get lost or left unattended for a short time, they could have negative effects on the phone owner’s privacy.
To address the limitation of the traditional methods, the smart phone devices can be utilized as they are equipped with built-in sensors. In this thesis, we investigated methods and techniques addressing mobile user authentication problem using Mobile Cloud Computing(MCC). We have proposed a system that uses both mobile device and cloud computing to authenticate smart phone’s user implicitly. We proposed two authentication modes: mobile cloud(MC) and mobile device(MD) modes. Both of them depend on capturing touch dynamics (pressure, position, size, and time) of the user while tapping on the screen. These modes differ at where and how data is dealt with to compute authentication score. In the MD mode, data is saved and dealt locally inside phone using SVM classifier. This mode is implemented by client side application with Android API. In the other side, The MC mode saves data externally in Google data store and computes authentication score using KNN classifier. This mode is implemented by a server-side deployed application with Google AppEngine.
The proposed system was evaluated by collecting touch data from 150 users from different age distribution, profession variety, gender distribution, the used hand while touching the screen, and the familiarity to use smart phone. The accuracy, FRR and FAR measures have been used to assess the results obtained which showed that our proposed implicit authentication system achieved accuracy of 99% and EER of 0.02% by using the KNN which is better than related work. Also the results have shown that the data set size doesn’t affect the classifier accuracy. We could observe that among the classifiers we compared, KNN with the Euclidean Distance is the best by achieving the highest correction rate and the lowest FRR even if the data set size differs. Moreover, any user without any limitations on his/her qualification, profession, gender or etc. could use our application easily while achieving good result.