Smartphone and tablet devices are widely used as user terminal interfaces. These devices are programmable and come with a growing number of powerful embedded sensors, such as an accelerometer, a gyroscope, a global positioning system (GPS), a digital compass, and a camera, which are enabling new sensing application across a wide variety of domains.
The following detailed description refers to the accompanying drawings. The same reference numbers in different drawings may identify the same or similar elements.
Systems and methods described herein may detect an identity signature from user biometric patterns, such as screen touch timing behavior and/or screen touch force behavior.
For example, as shown in
Different users may have different timing behavior when they type characters (e.g., buttons 110) on user devices 100. Timing behavior can include the duration between button down (e.g., initial touch) and button up (e.g., button release) for a certain character (also referred to as a “hold time”) or the time duration of a finger moving from one particular character to another particular character (also referred to as a “transition time”). Referring to
The timing behavior (e.g., either the hold time or transition time) may be different due to a user's gender, age, time of day, day of week, occupation, or even the mood. It can also be influenced by the size of user device 100. For example, larger size screens on user device 100 may result in longer transition times than smaller size screens.
Different users may also use different screen touch forces when they touch a screen of user device 100. For example, the force used for touch event 102 and the force used for touch event 104 may provide a measurable pattern. User devices, such as user device 100, typically do not include a sensor that can directly detect the force applied to a screen. However, motions 108 of user device 100 during a touch event can be used to indirectly detect a touch force. Particularly, by reading the values of accelerometers and gyroscopes in user device 100, forces can be approximated if a user is holding device 100 when touching the screen. Conversely, if the user places device 100 on a solid surface (e.g., a table), accelerometers and gyroscopes would fail to detect the magnitude of the force. However, this case (of detecting no force) may be acceptable, since the act of a user putting device 100 on the table and typing characters can be considered a user pattern and can be learned as a user touching behavior.
According to one implementation described herein, a user device may collect timing data that indicates screen touch timing behavior during multiple touch events associated with a hold time for a particular button or a transition time between two particular buttons. The user device may also collect force data indicating screen touch force behavior during the multiple touch events. The user device may identify a user biometric pattern for the touch event based on the timing data and the force data, and may store the user biometric pattern.
According to another implementation, the user device may receive particular timing data and particular force data for a new touch event. The user device may compare the new timing data and the new force data to the previously-stored user biometric pattern and determine, based on the comparing, if the new timing data and the new force data correspond to the user biometric pattern.
Speaker 220 may provide audible information to a user of user device 100. Speaker 220 may be located in an upper portion of user device 100, and may function as an ear piece when a user is engaged in a communication session using user device 100. Speaker 220 may also function as an output device for audio information associated with games and/or video images played on user device 100.
Display 230 may provide visual information to the user. For example, display 230 may display text, images, video, and/or graphics received from another device, and/or relating to applications executed on user device 100. Display 230 may include a liquid crystal display (LCD), such as a thin film transistor (TFT) LCD, plasma display, etc.
In one implementation, display 230 may include a touch screen that may be configured to receive a user input when the user touches (or comes in close proximity to) display 230. For example, the user may provide an input to display 230 directly, such as via the user's finger, or via other devices, such as a stylus. User inputs received via display 230 may be processed by components and/or devices operating in user device 100. The touch-sensitive display 230 may permit the user to interact with user device 100 in order to cause user device 100 to perform one or more operations. Exemplary technologies to implement a touch screen on display 230 may include, for example, a near-field-sensitive (e.g., capacitive) overlay, an acoustically-sensitive (e.g., surface acoustic wave) overlay, a photo-sensitive (e.g., infrared) overlay, a pressure sensitive (e.g., resistive) overlay, and/or any other type of touch panel overlay that allows display 230 to be used as an input device. The touch-sensitive display 230 may also identify a duration of a touch (e.g., hold time), a duration between touches (e.g., transition time), and/or movement of a body part or a pointing device as it moves on or near the surface of the touch-sensitive display 230.
Control button(s) 240 may permit the user to interact with user device 100 to cause user device 100 to perform one or more operations. For example, control button 240 may be used to cause user device 100 to close an application, transmit information, or to cancel a command.
Microphone 250 may receive audible information from the user. For example, microphone 250 may receive audio signals from the user and may output electrical signals corresponding to the received audio signals.
Although
Processor 300 may include one or more processors, microprocessors, application specific integrated circuits (ASICs), field programmable gate arrays (FPGAs), or the like. Processor 300 may control operation of user device 100 and its components. In one implementation, processor 300 may control operation of components of user device 100 in a manner described herein.
Memory 310 may include a random access memory (RAM) or another type of dynamic storage device that may store information and instructions, e.g., an application, for execution by processor 300; a read-only memory (ROM) device or another type of static storage device that may store static information and instructions for use by processor 300; and/or some other type of magnetic or optical recording medium and its corresponding drive, e.g., a hard disk drive (HDD), for storing information and/or instructions. In one implementation, memory 310 may store instructions and/or data used to display a graphical user interface, such as graphical user interface 100 on display 230.
User interface 320 may include mechanisms for inputting information to user device 100 and/or for outputting information from user device 100. Examples of input and output mechanisms might include buttons (e.g., control button 240, keys of a keypad, a joystick, etc.); a speaker (e.g., speaker 220) to receive electrical signals and output audio signals; a microphone (e.g., microphone 250) to receive audio signals and output electrical signals; a display (e.g., display 230) to receive touch input and/or to output visual information; a vibrator to cause user device 100 to vibrate; and/or a camera to receive video and/or images.
Communication interface 330 may include, for example, a transmitter that may convert baseband signals from processor 300 to radio frequency (RF) signals and/or a receiver that may convert RF signals to baseband signals. Alternatively, communication interface 330 may include a transceiver to perform functions of both a transmitter and a receiver. Communication interface 330 may connect to antenna assembly 340 for transmission and/or reception of the RF signals.
Antenna assembly 340 may include one or more antennas to transmit and/or receive RF signals over the air. Antenna assembly 340 may, for example, receive RF signals from communication interface 330 and transmit them over the air, and receive RF signals over the air and provide them to communication interface 330. In one implementation, for example, communication interface 330 may communicate with a network and/or devices connected to a network.
Sensors 350 may collect and provide, to device 100, information that is used to detect, for example, timing (e.g., start/stop times for actions), motion (e.g., acceleration of user device 100), orientation (e.g., tilt), touch/proximity (e.g., a detectable distance or contact between a user and device 100), or other types of information. In another implementation, sensors 350 may include image capturing devices (e.g., a camera). Generally, according to implementations described herein, sensors 350 may provide indications of timing, touch, movement, orientation, and/or proximity that can be used (e.g., by user device 100) to detect behavior of a user providing input to user device 100.
As will be described in detail below, user device 100 may perform certain operations in response to processor 300 executing software instructions contained in a computer-readable medium, such as memory 310. A computer-readable medium may include a non-transitory memory device. A memory device may include space within a single physical memory device or spread across multiple physical memory devices. The software instructions may be read into memory 310 from another computer-readable medium or from another device via communication interface 330. The software instructions contained in memory 310 may cause processor 300 to perform processes described herein. Alternatively, hardwired circuitry may be used in place of or in combination with software instructions to implement processes described herein. Thus, implementations described herein are not limited to any specific combination of hardware circuitry and software.
Although
Security manger 410 may restrict access to user device 100 or an application residing on user device 100 by presenting a challenge event. In one implementation, security manager 410 may present a challenge event by soliciting a password, secret code, or input pattern to be input by a user. In another implementation, security manager 410 may display an alphanumeric sequence that has to be entered (e.g., typed in) by the user. According to implementations described herein, security manager 410 may use an identity signature obtained from user biometric patterns (e.g., touch timing behavior and/or touch force behavior) during the challenge event to verify a user's authenticity. In one implementation, security manager 410 may prevent access to user device 100, or a particular application on user device 100, if the identity signature for a particular challenge event does not match stored user biometric patterns (e.g., within a particular degree of confidence).
Data collectors 420 may generally record data from sensors (e.g., sensors 350) for use by other functional modules, such as pre-processing and clustering module 430 described below. In one implementation, data collectors 420 may identify timing of touches and associated device movements (e.g., acceleration and orientation) on user device 100 in response to a challenge event (e.g., as initiated by security module 410) or another user input event. For example, data collectors 420 may detect a touch on one of buttons 110 and initiate a clock sequence to determine the duration (e.g., the hold time) of the touch on the selected button 110. As another example, data collectors 420 may detect the removal of a touch from one button 110 and initiate a clock sequence to determine the duration (e.g., the transition time) before another touch is received on another button 110 (or the same button 110). Additionally, data collectors 420 may detect the particular characters (e.g., buttons 110) associated with the determined hold time and/or transition time.
To learn the pattern of the user, a directed graph G=<V,E> can be constructed to represent the pattern of a user when he or she uses user device 100.
For the vertices indexed with i and j, viεV and vjεV, there is a directed edge connecting with vertices vi and vj. Since G is a directed graph, therefore, the pairs of indexes <i, j> and <j, i> are different. There are two directed edges connecting between vertices vi and vj. One directed edge emits from vi and ends with vj. Another one emits from vj and ends with vi. <i, i> is also considered as a valid pair of indexes.
Directed graph 500 provides a simplified example with three buttons and nine edge. However, if modeling buttons from 0 to 9 on a number pad, ten vertices are needed, which gives 100 edges. If modeling character buttons ‘a’ to ‘z’, directed graph G may need 26 vertices and 676 (e.g., 26*26) edges. Generally, given a directed graph G=<V,E>, let |V| denote the number of vertices and |E| denote the number of edges. There is the following relationship:
|E|=|V|2 (1)
Each vertex in the directed graph is associated with a certain button 110, which implies that the number of the vertices is equal to the number of keyboard symbols (e.g., the number of buttons 110 available for responding to a particular challenge event). If the keyboard only has digital numbers from 0 to 9, only ten vertices are needed. If modeling keyboard with characters from ‘a’ to ‘z’, twenty-six vertices are needed. Therefore, number of the vertices |V| depends on the number of keys on the keyboard (e.g., a virtual or physical keyboard).
A vertex can be viewed as a container that contains the clusters that describes the user behavior. The clusters in the ith vertex define the user behavior that happened in the time interval between the ith button down (e.g., initial touch) and up (e.g., release). To simplify the discussion, let Ci denote the cluster set in the vertex viεV and ckiεCi is a cluster in Ci.
The centroid of each cluster CidkiεCi is a vector that can be defined as Equation 2:
Cid
k
i
=<x
1
,x
2
, . . . , x
n> (2)
where xi is the element of centroid and n is the dimension of the centroid.
Each edge in the graph is associated with the user behavior that happens between the time when two buttons have been clicked (or touched). More specifically, the value of the edge ei,jεE is a set of clusters that describe the user behavior between the time interval of a user releasing the ith button and pushing the jth button down. One can then define the time duration between two buttons being clicked.
For example, one can use Ci,j to denote the cluster set in the edge ei,j. The centroid of each cluster Cidki,j=<x1, x2, . . . , xn>εCi,j, which has the same definition as the cluster centroid of vertices defined in Equation 2.
As noted above, multiple sensors 350 can be used to capture data during use of user device 100. Particularly, the sensors 350 that are sensitive to clicking may include a time clock, an accelerometer, and a gyroscope.
With respect to timing, as described above, the vertices and edges in a directed graph (e.g., directed graph 500) represent the touch events and time intervals between two sequential touch events. Definitions (1) and (2) define the time interval for the vertices and edges in milliseconds, where δtv
δtv
δte
With respect to acceleration, given a time interval, an accelerometer outputs an ordered finite number of acceleration values. The number of values depends on the time interval and accelerometer frequency, where the highest accelerometer frequency only depends on the hardware itself. This implies that different user devices may have different accelerometer frequencies. The same situation is also applicable for gyroscope sensors, as described in more detail below. Therefore, one cannot assume a certain number of accelerometer or gyroscope readings that a user device can provide in a certain time interval. Ideally, the number of samples n=fq·δt, where fq is the frequency in Hz and δt represents a time interval. In real cases, the number of samples may vary because of many reasons such as sensitivity of hardware, too short time intervals, or vibration noise. Therefore, given a time interval δt, the output of accelerometers can be defined as Equation 3:
where Gx, Gy, and Gz represent the vectors of three-axis accelerometer readings. Because of the uncertainty discussed above, the number of readings in three directions may not be the same. Here, <n, m, l>, n, m, l≧0, represents the number of readings in three directions.
Equation 4 gives the mean of the three axis accelerometer readings for a given time interval δt:
Given a time interval δt, Equation 3 gives the outputs of three-axis accelerometers. Then the standard deviation (σGp) is computed as Equation 5 illustrates below:
First differentiation is a method to compute the slope at which a dependent output y changes with respect to the change in the independent input x. Here it can be assumed that the dependent is the output of three-axis accelerometers and the independent is time t. Given a sequence of readings from an accelerometer, G=<g1, g2, . . . , gn>. Based on the definition of discrete first derivative, the first differentiation of acceleration with respect to the time t can be deduced as follows:
where G is a sequence of accelerometer readings, G=<g1, g2, . . . , gn>, gi is the acceleration at timestamp ti, and δti=ti−ti−1.
The second derivative of a function is the derivative of the derivative of the function. Roughly, the second order derivative describes that the function is concave up or concave down. The second order differentiation of acceleration may be defined as Equation 7:
where G is a sequence of accelerometer readings, G=<g1, g2, . . . , gn>, gi is the acceleration at timestamp ti, and δti=ti−ti−1.
Given a time interval, a gyroscope outputs an ordered finite number of orientation values. The number of values depends on the time interval and gyroscope frequency, where the highest reading frequency depends on the hardware itself. This also implies that different user devices may have different gyroscope frequencies since they use different gyroscope hardware. Therefore, a certain number of gyroscope readings that a user device can provide in a certain time interval cannot be assumed. Ideally, number of samples n=fq·δt, where fq is the frequency in Hz and δt represents a time interval. In real cases, the number of samples may vary because of many reasons such as sensitivity of hardware of gyroscopes, too short time intervals, or vibration/rotation noise. Therefore, given a time interval t, the outputs of a gyroscope may be defined as Equation 8.
where Rx, Ry, and Rz stand for the vectors of three-axis gyroscope readings. Because of the uncertainty discussed above, the number of readings in three directions may not be the same. Here, <n, m, l>, n, m, l≧0, represents the number of readings.
Equation 9 gives the mean of the three axis gyroscope readings for a given time interval δt.
Given a time interval δt, Equation 8 gives the outputs of a three-axis gyroscope. Then standard deviation is computed as Equation 10 illustrated below:
where
First differentiation is a method to compute the slope at which a dependent output y changes with respect to the change in the independent input x. Here it can be assumed that the dependent is the output of three-axis gyroscopes and the independent is time t. Given a sequence of readings from a gyroscope, R=<r1, r2, . . . , rn>, and based on the definition of discrete first derivative, one can deduce the first differentiation of orientation respect to the time t as follows:
where R is a sequence of gyroscope readings, R=<r1, r2, . . . , rn>, ri is the orientation at timestamp ti, and δti=ti−ti−1.
The second derivative of a function is the derivative of the derivative of the function. Thus, the second order differentiation of orientation may be defined as Equation 12:
where R is a sequence of gyroscope readings, R=<r1, r2, . . . , rn>, ri is the orientation at timestamp ti, and δti=ti−ti−1.
As discussed in connection with data collectors 420 above, timing, acceleration, and orientation are collected when a user is using user devices 100, and particularly when security manager 410 activates data collectors 420. Before using this data to cluster user patterns, data pre-processing is needed. Pre-processing and clustering module 430 (
With respect to timing, a user may have multiple timing patterns when they click a button 110 or clicks between buttons 110. For example, users may type faster during the daytime than they do during the night. Based on the Definitions 1 and 2 defined above, which defines the time interval δt for the vertices and edges respectively, multiple user patterns result in multiple peaks of the mean of the time intervals δt. Based on the central limit theorem, one can expect that, within each timing pattern, the mean of δt is approximately normally distributed.
Before building the timing pattern for users, mean and standard deviation of δt are introduced, which are defined as Equations 13 and 14.
where δti is the ith time interval and n is the number of points.
Using Equation 13 and 14 to compute the mean and standard deviation, as the equations illustrate, can require large amounts of memory to store all the time points. To compute standard deviation, Equation 14 requires traversing all the time points twice, which results in high computational time and space complexity. Then one can give the recursive equations as follows.
where Equation 15 computes the time interval mean recursively and Equation 16 calculates the standard deviation recursively.
Based on the central limit theorem, one can expect that, within each timing pattern, the mean of δt is approximately normally distributed. Under this assumption, the empirical rule (also known as 68-95-99.7 rule or the three-σ rule) indicates that nearly all (99.7%) of δt data points lie within 3 standard deviations of the mean. Therefore, the clusters of δt can be defined as:
Cluster of δt
Centroid: mean of δt within the clusters by Equation 15.
Radius: r=k·σ(δt), where k is afloat number≧3 and σ(δt) is given by Equation 16.
Hittime: h, number of data points are clustered to the clusters.
To construct clusters of δt, an initial cluster radius is needed. Let r0 indicate this initial radius, which can be defined as an expected value of k·σ(δt). This expected value can be estimated by the experimental δt variance. Then the clustering algorithm is described as follows:
1. Assume an input δt;
2. Compare δt with all the existing clusters if δtε[
3. For the ith cluster, centroid and radius are updated by Equations (15) and (16) respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid δt and radius r0, which is an initial radius. Set hi=1.
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given an incoming δt, the confidence degree, cfδt, is defined as Equation 17.
where j represents the jth cluster to which δt is clustered and n is the total number of the clusters.
Besides the confidence degree, cfδt, acδt is introduced to indicate the distance between the input data point I and the centroid of the cluster that this data point falls into.
where
With respect to acceleration, pre-processing and clustering module 430 may perform additional pre-processing and clustering. As discussed above, when a user uses user device 100, for each time interval δt defined by Definitions 1 and 2, three directional acceleration values are captured independently by the accelerometers. Means of these three directional acceleration values are computed as one of the pattern features. Based on the central limit theorem, one can expect that the means of acceleration are approximately normally distributed. As the three directional acceleration values and orientation values are captured independently, one can assume that features of mean, standard deviation, first order derivative, and second order derivative on three directions, (x, y, and z), are independent variables.
A vector random variable X=[X1, X2 . . . , Xn]T may have a multi-variate normal distribution with mean μεRn and covariance matrix ΣεS++n, if its probability density function is given by
where ΣεS++n is the space of symmetric positive definition n×n matrices, defined as S++n={AεRn×n: A=AT and xTAx>0 for all xεRn such that x≠0}.
Equation 4 above gives the three axis accelerometer readings for a given time interval δt. Since three axis x, y, and z are independent acceleration variables, one can expect that means of these independent acceleration variables are approximately normally distributed within a user pattern. In other words,
where
where σ(•) represents the standard deviation of •. For the computation of mean μ(
Based on the central limit theorem, one can expect that, within each acceleration pattern, the mean of acceleration μ(
Cluster of
Centroid: mean of
Radius: rx=k·σ(
Hittime: h, number of data points are clustered to the clusters.
Since acceleration is collected at three directions independently, one can assume that the readings from three-axis accelerometers are independent, which explains that covariance matrix Σ(
To construct clusters of
1. Assume an input
2. Compare
3. For the ith cluster, centroid and radius are updated by Equations (21) and (22), respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given an incoming
where j represents the jth cluster to which cf
Besides the confidence degree, cf
where μ(
Equation 6 above gives the first order differentiation of acceleration with respect to the time t, G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z]T. Similar methods of clustering acceleration mean can be used to cluster the three-axis first order differentiation acceleration.
Since the three-axes x, y, and z are independent acceleration variables, one can expect that, G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z]T, within a user pattern, falls into a multivariate normal distribution with mean μ(G(δt)′)=[μ(G(δt)′x), μ(G(δt)′y), μ(G(δt)′z)]T and covariance matrix Σ(G(δt)′), which is described as follows:
where G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z]T is defined by Equation 6, μ(G(δt)′)=[μ(G(δt)′x), μ(G(δt)′y), μ(G(δt)′z)]T, which is given by equation 26; covariance matrix Σ(G(δt)′) is given by Equation 27.
Based on the central limit theorem, one can expect that, within each acceleration pattern, the first order derivative of acceleration G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z]T is approximately multivariate normally distributed. Therefore, one can define the clusters of first order derivative acceleration as:
Cluster of G(δt)
Centroid: μ(G(δt)′)=[μ(G(δt)′x), μ(G(δt)′y), μ(G(δt)′z)]T within the clusters by Equation 26.
Radius: rx=k·σ(G(δt)′x), ry=k·σ(G(δt)′y), rz=k·σ(G(δt)′z), where k is afloat number≧3 and [σ(G(δt)′x), σ(G(δt)′y), σ(G(δt)′z)]T is given by Equation 27.
Hittime: h, number of data points are clustered to the clusters.
By the same concepts as the previous section, since acceleration is collected at three directions independently, covariance matrix Σ(G(δt)′), given by Equation 27 is a diagonal matrix. To reduce the complexity, the cluster radius may be simplified as defined in Definition (5), which defines the radius in three directions independently.
To construct clusters of G(δt)′, an initial cluster radius is needed. Let r(G(δt)′)0 indicate this initial radius, which is defined as an expected value of k·σ(G(δt)′). This expected value can be estimated by the experimental G(δt)′ variance. Then the clustering algorithm is described as follows:
1. Assume an input G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z]T;
2. Compare G(δt)′ with all the existing clusters if G(δt)′xε[μ(G(δt)′x)i−k·σ(G(δt)′x)i, μ(G(δt)′x)+k·σ(G(δt)′x)i] and G(δt)′yε[μ(G(δt)′y)i−k·σ(G(δt)′y)i, μ(G(δt)′y)+k·σ(G(δt)′y)i] and G(δt)′zε[μ(G(δt)′z)i−k·σ(G(δt)′z)i, μ(G(δt)′z)+k·σ(G(δt)′z)i]. If such a cluster exists, such as the ith cluster, the algorithm proceeds to step 3. If no such a cluster exists, the algorithm proceeds to step 4;
3. For the ith cluster, centroid and radius are updated by Equations 26 and 27 respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z] and radius r(G(δt)′)0, which is an initial radius. Set hi=1.
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given an incoming G(δt)′=[G(δt)′x, G(δt)′y, G(δt)′z], the confidence degree cfG(δ
where j represents the jth cluster to which cfG(δ
Besides the confidence degree, cfG(δ
where μ(G(δt)′), defined by Equation 26 is the centroid of the cluster that the data point G(δt)′ falls into, Σ(G(δt)′), given by Equation 27 is the standard deviation of the cluster.
Equation 7 above gives the second order differentiation of acceleration with respect to the time t, G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z]T. Here one can use the similar methods of clustering the first order differentiation acceleration to cluster the three-axis second order differentiation acceleration during the time interval δt.
Since the three axes x, y, and z are independent acceleration variables, one can expect that, G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z]T, within a user pattern, falls into a multivariate normal distribution with mean μ(G(δt)″)=[μ(G(δt)″x), μ(G(δt)″y), μ(G(δt)″z)]T and covariance matrix Σ(G(δt)″), which is described as follows:
where G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z]T is defined by Equation 7, μ(G(δt)″)=[μ(G(δt)″x), μ(G(δt)″y), μ(G(δt)″z)]T, which is given by Equation 31; covariance matrix Σ(G(δt)′) is given by Equation 32.
Based on the central limit theorem, one can expect that, within each acceleration pattern, the second order derivative of acceleration G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z]T is approximately multivariate normally distributed. Therefore, one can define the clusters of second order derivative acceleration as:
Cluster of G(δt)″
Centroid: μ(G(δt)″)=[μ(G(δt)″x), μ(G(δt)″y), μ(G(δt)″z)]T within the clusters by Equation 31.
Radius: rx=k·σ(G(δt)″x), ry=k·σ(G(δt)″y), rz=k·σ(G(δt)″z), where k is afloat number≧3 and [σ(G(δt)″x), σ(G(δt)″y), σ(G(δt)″z)]T is given by Equation 32.
Hittime: h, number of data points are clustered to the clusters.
By the same concepts as in the previous section above, since acceleration is collected at three directions independently, covariance matrix Σ(G(δt)″) given by Equation 32 is a diagonal matrix. To reduce the complexity, one can simplify the cluster radius as defined in Definition (6), which defines the radius in three directions independently.
To construct clusters of G(δt)″, an initial cluster radius is needed. Let r(G(δt)″)0 indicate this initial radius, which is defined as an expected value of k·σ(G(δt)″). This expected value can be estimated by the experimental G(δt)″ variance. Then the clustering algorithm is described as follows:
1. Assume an input G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z]T;
2. Compare G(δt)″ with all the existing clusters if G(δt)″xε[μ(G(δt)″x)i−k·σ(G(δt)″x)i, μ(G(δt)″x)+k·σ(G(δt)″x)i] and G(δt)″yε[μ(G(δt)″y)i−k·σ(G(δt)″y)i, μ(G(δt)″y)+k·σ(G(δt)″y)i] and G(δt)″zε[μ(G(δt)″z)i−k·σ(G(δt)″z)i, μ(G(δt)″z)+k·σ(G(δt)″z)i]. If such a cluster exists, such as the ith cluster, the algorithm proceeds to step 3. If no such a cluster exists, the algorithm proceeds to step 4;
3. For the ith cluster, centroid and radius are updated by Equations 31 and 32 respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z] and radius r(G(δt)″)0, which is an initial radius. Set hi=1.
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given an incoming G(δt)″=[G(δt)″x, G(δt)″y, G(δt)″z], the confidence degree cfG(δ
where j represents the jth cluster to which cfG (δ
Besides the confidence degree, cfG(δ
where μ(G(δt)″), defined by Equation 31 is the centroid of the cluster that the data point G(δt)″ falls into, Σ(G(δt)″), given by Equation 32 is the standard deviation of the cluster.
With respect to orientation, pre-processing and clustering module 430 may perform similar pre-processing and clustering as that described above with respect to acceleration. As discussed above, when a user uses user device 100, for each time interval δt defined by Definitions 1 and 2, three directional orientation values are captured independently by the gyroscopes. Mean, standard deviation, first order and second order derivative of these three directional orientation values are computed. These features are captured to form the user's pattern. As three directional acceleration and orientation are captured independently, one can assume these features of mean, standard deviation, first order derivative, and second order derivative on three directions, (x, y, and z), are independent variables. Here one can use the similar technique, multivariate normal distribution (Equation 19), to model these orientation features.
Equation 8 above gives the three axis gyroscope readings for a given time interval t. Since three axis x, y, and z are independent orientation variables, one can expect that these independent orientation variables are approximately normally distributed. In other words,
where
where σ(•) represents the standard deviation of •. For the computation of mean μ(
Based on the central limit theorem, one can expect that, within each orientation pattern, the mean of orientation μ(
Cluster of
Centroid: mean of
Radius: rx=k·σ(
Hittime: h, number of data points are clustered to the clusters.
Since orientation is collected at three directions independently, one can assume that the readings from three-axis accelerometers are independent. This explains covariance matrix Σ(
To construct clusters of
1. Assume an input
2. Compare
3. For the ith cluster, centroid and radius are updated by Equations (36) and (37), respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given a incoming
where j represents the jth cluster to which cf
Besides the confidence degree, cf
where μ(
Equation 11 above gives the first order differentiation of orientation with respect to the time t, R(δt)′=[R(δt)′x, R(δt)′y, R(δt)′z]T. Since the three-axes x, y, and z are independent orientation variables, one can expect that, R(δt)′=[R(δt)′x, R(δt)′y, R(δt)′z]T, within a user pattern, falls into a multivariate normal distribution with mean μ(R(δt)′)=[μ(R(δt)′x), μ(R(δt)′y), μ(R(δt)′z)]T and covariance matrix Σ(R(δt)′), which is described as follows:
where R(δt)′=[R(I)′x, R(δt)′y, R(δt)′z]T is defined by Equation 11, μ(R(δt)′)=[μ(R(δt)′x), μ(R(δt)′y), μ(R(δt)′z)]T, which is given by equation 41; covariance matrix Σ(R(δt)′) is given by Equation 42.
Based on the central limit theorem, one can expect that, within each orientation pattern, the first order derivative of orientation R(δt)′=[R(δt)′x, R(δt)′y, R(δt)′z]T is approximately multivariate normally distributed. Therefore, one can define the clusters of first order derivative orientation as:
Cluster of R(δt)′
Centroid: μ(R(δt)′)=[μ(R(δt)′x), μ(R(δt)′y), μ(R(δt)′z)]T within the clusters by Equation 41.
Radius: rx=k·σ(R(δt)′x), ry=k·σ(R(δt)′y), rz=k·σ(R(δt)′z), where k is afloat number≧3 and [σ(R(δt)′x), σ(R(δt)′y), σ(R(δt)′z)]T is given by Equation 42.
Hittime: h, number of data points are clustered to the clusters.
By the same concepts described above for acceleration, since orientation is collected at three directions independently, covariance matrix Σ(R(δt)′), given by Equation 42 is a diagonal matrix. To reduce the complexity, the cluster radius may be simplified as defined in Definition (8), which defines the radius in three directions independently.
To construct clusters of R(δt)′, an initial cluster radius is needed. Let r(R(δt)′)0 indicate this initial radius, which is defined as an expected value of k·σ(R(δt)′). It can be estimated by the experimental R(δt)′ variance. Then the clustering algorithm is described as follows:
1. Assume an input R(δt)′=[R(δt)′x, R(δt)′y, R(δt)′z]T;
2. Compare R(δt)′ with all the existing clusters if R(δt)′xε[μ(R(δt)′x)i−k·σ(R(δt)′x)i, μ(R(δt)′x)+k·σ(R(δt)′x)i] and R(δt)′yε[(R(δt)′y)i−k·σ(R(δt)′y)i, μ(R(δt)′y)+k·σ(R(δt)′y)i] and R(δt)′zε[μ(R(δt)′z)i−k·σ(R(δt)′z)i, μ(R(δt)′z)+k·σ(R(δt)′z)i]. If such a cluster exists, such as the ith cluster, the algorithm proceeds to step 3. If no such a cluster exists, the algorithm proceeds to step 4;
3. For the ith cluster, centroid and radius are updated by Equations 41 and 42 respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid R(δt)′=[R(δt)′x, R(δt)′y, R(δt)″z] and radius r(R(δt)′)0, which is an initial radius. Set hi=1.
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given an incoming R(δt)′=[R(δt)′x, R(δt)′y, R(δt)′z], the confidence degree cfR(δ
where j represents the jth cluster to which cfR(δ
Besides the confidence degree, cfR(δ
where μ(R(δt)′), defined by Equation 41 is the centroid of the cluster that the data point R(d) falls into, Σ(R(δt)′), given by Equation 42 is the standard deviation of the cluster.
Equation 12 above gives the second order differentiation of orientation with respect to the time t, R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z]T. Since the three axes x, y, and z are independent orientation variables, one can expect that, R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z]T, within a user pattern, falls into a multivariate normal distribution with mean μ(R(δt)″)=[μ(R(δt)″x), μ(R(δt)″y), μ(R(δt)″z)]T and covariance matrix Σ(R(δt)″), which is described as follows:
where R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z]T is defined by Equation 12, μ(R(δt)″)=[μ(R(δt)″x), μ(R(δt)″y), μ(R(δt)″z)]T, which is given by Equation 46; covariance matrix Σ(R(δt)′) is given by Equation 47.
Based on the central limit theorem, one can expect that, within each orientation pattern, the second order derivative of orientation R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z]T is approximately multivariate normally distributed. Therefore, one can define the clusters of second order derivative orientation as:
Cluster of R(δt)″
Centroid: μ(R(δt)″)=[μ(R(δt)″x), μ(R(δt)″y), μ(R(δt)″z)]T within the clusters by Equation 31.
Radius: rx=k·σ(R(δt)″x), ry=k·σ(R(δt)″y), rz=k·σ(R(δt)″z), where k is afloat number≧3 and [σ(R(δt)″x), σ(R(δt)″y), σ(R(δt)″z)]T is given by Equation 47.
Hittime: h, number of data points are clustered to the clusters.
By the same concepts described above, since orientation is collected at three directions independently, covariance matrix Σ(R(δt)″) given by Equation 47 is a diagonal matrix. To reduce the complexity, one can simplify the cluster radius as defined in Definition (9), which defines the radius in three directions independently.
To construct clusters of R(δt)″, an initial cluster radius is needed. Let r(R(δt)″)0 indicate this initial radius, which is defined as an expected value of k·σ(R(δt)″). This expected value can be estimated by the experimental R(δt)″ variance. Then the clustering algorithm is described as follows:
1. Assume an input R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z]T;
2. Compare R(δt)″ with all the existing clusters if R(δt)″xε[(R(δt)″x)i−k·σ(R(δt)″x)i, μ(R(δt)″x)+k·σ(R(δt)″x)i] and R(δt)″yε[μ(R(δt)″y)i−k·σ(R(δt)″y)i, μ(R(δt)″y)+k·σ(R(δt)″y)i] and R(δt)″zε[μ(R(δt)″z)i−k·σ(R(δt)″z)i, μ(R(δt)″z)+k·σ(R(δt)″z)i]. If such a cluster exists, such as the ith cluster, the algorithm proceeds to step 3. If no such a cluster exists, the algorithm proceeds to step 4;
3. For the ith cluster, centroid and radius are updated by Equations 46 and 47 respectively. Hittime hi=hi+1;
4. A new cluster is created with centroid R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z] and radius r(R(δt)″)0, which is an initial radius. Set hi=1.
Multiple clusters would be created after accumulating enough user data. Based on hittime of clusters, given an incoming R(δt)″=[R(δt)″x, R(δt)″y, R(δt)″z], the confidence degree cfR(δ
where j represents the jth cluster to which cfR(δ
Besides the confidence degree, cfR(δ
where μ(R(δt)″), defined by Equation 46 is the centroid of the cluster that the data point R(δt)″ falls into, Σ(R(δt)″), given by Equation 47 is the standard deviation of the cluster.
Pre-processing and clustering module 430 may store (e.g., in memory 310) cluster data for each vertex and edge in a directed graph (e.g., directed graph 500) corresponding to a particular keypad arrangement.
Referring again to
As described above, the graph G=<V, E> is used to represent the user pattern, where viεV represents an event that the ith key has been clicked and ei,jεE indicates the events between the ith and jth keys have been clicked. A time interval δt has been defined (Definition 1 and 2) for both events of viεV and ei,jεE.
Given a sequence of keys of clicking, <key1, key2, . . . , keyi, . . . , keyn>, an event sequence <v1, e1,2, v2, e2,3, . . . , ei−1,i,vi, ei,i+1, . . . , en-1,n, vn> is generated. As discussed above, one can cluster the δt,
For each CID, there is a confidence value cf, which is associated with a CID. The confidence level describes the degree of trust of this event based on the historical user data. The more certain that a pattern happened, the higher the confidence values. The range of cf is [0,1], where greater confidence values indicate higher reliability of an estimate. Table 2 gives the corresponding confidence values for δt,
An event can be defined as clicking a key down-up or clicking two keys up-down. For each event, δt,
where n=7 and ε{(δt,
Given an event sequence <v1, e1,2, v2, e2,3, . . . , ei−1,i,vi, ei,i+1, . . . , en-1,n, vn> with each event having a confidence cfe (given by Equation 50). Equation 51 gives the overall confidence of the given event sequence.
where n here refers to the size of the given event sequence and cfe
Pattern comparison module 450 may compare the event sequence confidence score for a particular sequence with a threshold score to determine the event sequence is a match for a user biometric pattern. In one implementation, pattern comparison module 450 may modify the threshold score based on the amount of event data. Pattern comparison module 450 may provide a determination to security manager 410. For example, if the event sequence confidence score for the particular sequence is below the threshold score, pattern comparison module 450 may indicate the user biometric pattern does not match a stored user pattern. Conversely, if the event sequence confidence score for the particular sequence is above the threshold score, pattern comparison module 450 may indicate the user biometric pattern matches the stored user pattern.
As described above, comparison module 450 may compare the biometric pattern to stored user patterns based on the time of day, day of week, location, etc. The more the user historical data is accumulated, the more accurate confidence degree would be calculated. Based on the definition of confidence degree of events, the confidence degree should have a high confidence value at the beginning of data accumulation. As long as the model learns the user pattern, the model corrects or refines the prediction automatically over time.
In some instances the pattern might be sparse. A sparse pattern means: given an event, confidence degrees of pattern of δt,
As shown in
Process 700 may further include identifying a user biometric pattern for the multiple touch events based on the timing and/or force data (block 715). For example, pre-processing and clustering module 430 may perform processing and clustering for timing data, acceleration data, and orientation data obtained from sensors 350. Clusters may be formed for each vertex (e.g., button 110) and edge (between buttons 110) in a directed graph corresponding to a particular virtual keypad. For each vertex and edge, pre-processing and clustering module 430 may apply a clustering algorithm for mean and standard deviation of the timing (δt); for acceleration against the mean/standard deviation (
Process 700 may also include storing user biometric pattern associated with particular button or transition between two buttons (block 720). For example, pre-processing and clustering module 430 may store (e.g., in memory 310) cluster data for each vertex and edge in a directed graph corresponding to a particular keypad arrangement.
Process 700 may further include receiving timing data for new touch event (block 725), and receiving new force data for the new touch event (block 730). For example, when a new touch event occurs, data collectors 420 may receive timing and force (e.g., acceleration and/or orientation) data for the new touch event.
Process 700 may also include determining if the new timing/force data matches user biometric pattern (block 735). For example, pre-processing and clustering module 430 may format the timing and force data similar to that described above in block 715. More particularly, δt,
If the new timing/force data matches user biometric pattern (block 735—yes), process 700 may include authenticating the user and updating the user biometric pattern (block 740). For example, if pattern comparison module 450 determines that the new touch event or sequence is within a threshold confidence value, pattern comparison module 450 indicate the user is authenticated and may update clusters in memory 310 with the new touch data.
If the new timing/force data does not match the user biometric pattern (block 735—no), process 700 may include rejecting and/or flagging user input corresponding to the new touch event (block 745). For example, if pattern comparison module 450 determines that the new touch event or sequence is not within a threshold confidence value, pattern comparison module 450 may signal that security manager 410 should reject the user input or indicate that the pattern comparison failed.
In the preceding specification, various preferred embodiments have been described with reference to the accompanying drawings. It will, however, be evident that various modifications and changes may be made thereto, and additional embodiments may be implemented, without departing from the broader scope of the invention as set forth in the claims that follow. The specification and drawings are accordingly to be regarded in an illustrative rather than restrictive sense. For example, a user pattern trained by finger touch sensitive features has been described. Besides these features, non-sensitive finger touch features could be included to build the user pattern as well. Some examples are geo-location (latitude-longitude can be captured by smart phone GPS sensor) and/or user direction (direction information as detected by a compass in the user device).
Additionally, while particular formulas/equations have described, other formulas/equations may be used to generate biometric pattern information. Furthermore, in some implementations, sensors 350 may include force sensors to directly determine touch forces. Also, while series of blocks have been described with respect to
It will be apparent that different embodiments described above may be implemented in many different forms of software, firmware, and hardware in the implementations illustrated in the figures. The actual software code or specialized control hardware used in the implementations does not limit the invention. Thus, the operation and behavior of these embodiments were described without reference to the specific software code—it being understood that software and control hardware can be designed to implement these embodiments based on the description herein.
Further, certain portions of the invention may be implemented as a “component” or “system” that performs one or more functions. These components/systems may include hardware, such as a processor, an ASIC, or a FPGA, or a combination of hardware and software.
No element, act, or instruction used in the present application should be construed as critical or essential to the invention unless explicitly described as such. Also, as used herein, the article “a” and “one of” is intended to include one or more items. Further, the phrase “based on” is intended to mean “based, at least in part, on” unless explicitly stated otherwise.