[go: up one dir, main page]

WO2020222367A1 - Système d'authentification d'utilisateur au moyen de capteurs intégrés dans une pluralité de dispositifs informatiques - Google Patents

Système d'authentification d'utilisateur au moyen de capteurs intégrés dans une pluralité de dispositifs informatiques Download PDF

Info

Publication number
WO2020222367A1
WO2020222367A1 PCT/KR2019/010785 KR2019010785W WO2020222367A1 WO 2020222367 A1 WO2020222367 A1 WO 2020222367A1 KR 2019010785 W KR2019010785 W KR 2019010785W WO 2020222367 A1 WO2020222367 A1 WO 2020222367A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
computing device
authentication
user
sensor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2019/010785
Other languages
English (en)
Korean (ko)
Inventor
권태경
구예은
박래현
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University Industry Foundation UIF of Yonsei University
Original Assignee
University Industry Foundation UIF of Yonsei University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University Industry Foundation UIF of Yonsei University filed Critical University Industry Foundation UIF of Yonsei University
Publication of WO2020222367A1 publication Critical patent/WO2020222367A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/16Constructional details or arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/16Constructional details or arrangements
    • G06F1/1613Constructional details or arrangements for portable computers
    • G06F1/163Wearable computers, e.g. on a belt
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/017Gesture based interaction, e.g. based on a set of recognized hand gestures

Definitions

  • the present invention relates to a user authentication method and apparatus, and more particularly, to a user authentication system using sensors embedded in a plurality of computing devices.
  • This research is related to the development of next-generation authentication technology (NO.1711082833), a research industry conducted with the support of the Information Communication Planning and Evaluation Institute with the funding of the Ministry of Science and ICT (Government) in 2019.
  • User authentication technology for existing mobile devices uses a template matching method in which information (template) such as PIN, password, and fingerprint stored in the device is matched with input information of the authentication attempter to verify the identity of the authentication attempter. This method does not check whether the authentication attempter and the device owner are the same, and there is a problem that the authentication system bypass is possible when a malicious user steals a device storing sensitive information inside. Furthermore, there are various attack methods for the existing authentication methods including biometric authentication, and there is a problem in that the attack is sufficiently possible when the device is stolen.
  • Embodiments of the present invention propose a technology for releasing authentication of a device (eg, a smartphone) that is linked based on a user's smart location.
  • the present invention checks whether the authentication attempter and the smart watch wearer match the same person by grasping the similarity of data extracted from sensors (HR Sensor, Accelerometer, and Gyroscope) that are identically embedded in two interlocked devices, and It provides machine learning-based user behavior-based authentication through behavior features extracted from. This means that the smartwatch wearer is more likely to be the device owner.
  • sensors HR Sensor, Accelerometer, and Gyroscope
  • the present invention provides a smart watch-based authentication method capable of solving the problem of matching the authentication attempter and the device owner, and the authentication system bypass problem of the existing authentication method, thereby contributing to accurate and safe user authentication.
  • Still other objects, not specified, of the present invention may be additionally considered within the range that can be easily deduced from the following detailed description and effects thereof.
  • a first processor a first memory storing a program executed by the first processor, one or more first sensors, and a first communication interface that communicates with the second computing device.
  • the first communication interface receives second sensor data including second biometric data and second motion data collected through one or more second sensors embedded in the second computing device, and the At least one first sensor collects first sensor data including first biometric data and first motion data, and the first processor calculates a similarity between the first biometric data and the second biometric data, and the It is determined whether the wearer of the first computing device and the authentication attempter of the second computing device are the same according to the similarity, and in the second computing device based on the analysis of the user's behavior through the first sensor data and the second sensor data. It provides a first computing device, characterized in that performing a process of determining and transmitting the result of the authentication attempt.
  • a second processor a second memory storing a program executed by the second processor, at least one second sensor, and a second communication interface communicating with the first computing device.
  • the at least one second sensor collects second sensor data including second biometric data and second motion data
  • the second communication interface comprises the second biometric data and the second motion data Transmitting the second sensor data comprising a
  • the second communication interface provides a second computing device, characterized in that performing a process of receiving a user authentication result of the second computing device from the first computing device do.
  • the present invention can be utilized to protect access to personal information and financial services requiring authentication by a user by blocking exposure of authentication information in advance.
  • the smartphone is stolen, there is no exposure of the authentication template, and since the authentication attempter and the device owner are checked in advance, enhanced authentication performance can be provided.
  • FIG. 1 is a block diagram illustrating a user authentication system according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating a flow of an authentication procedure of a user authentication system according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating in detail a second computing device and a user authentication process in the first computing device according to an embodiment of the present invention.
  • FIG. 4 is a flowchart illustrating a method of operating a user authentication system according to an embodiment of the present invention.
  • FIG. 5 is a flowchart illustrating an operation of a first computing device according to an embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating an operation of a second computing device according to an embodiment of the present invention.
  • FIG. 7 is a diagram illustrating a second computing device according to another embodiment of the present invention.
  • FIG. 8 is a flowchart illustrating in detail the flow of an authentication procedure of a second computing device according to an embodiment of the present invention.
  • FIG. 9 is a detailed flowchart illustrating a process of collecting data and extracting behavioral features according to a pattern input by a second computing device according to an embodiment of the present invention.
  • FIG. 10 is a block diagram illustrating and describing a computing environment including a computing device suitable for use in embodiments.
  • FIG. 1 is a block diagram illustrating a user authentication system.
  • the user authentication system 10 includes a first computing device 100 and a second computing device 200.
  • the user authentication system 10 may omit some components or additionally include other components from among the various components exemplarily illustrated in FIG. 1.
  • the user authentication system 10 determines whether the user of the device and the wearer of another device are the same by measuring the similarity of the heart rate data of the two devices.
  • the two devices may use a smart phone and a smart watch, but are not limited thereto, and may be a device that can be used through authentication of a user or a device that can be worn and operated on a user's body.
  • the user authentication system 10 checks whether the authentication attempter and the smart watch wearer are the same person by grasping the similarity of data representing the heart rate extracted from a sensor that is identically embedded in the two interlocked devices, and extracting from the sensor data It provides machine learning-based user behavior-based authentication through feature data.
  • a smart watch is a device that the device owner or registered user carries on their body during their daily life, and has a low risk of loss, which means that the smart watch wearer is likely to be the device owner or registered user.
  • the user authentication system 10 accurately and securely authenticates users through a smart watch-based authentication method that can solve the problem of matching the authentication attempter of the smartphone with the actual owner of the smartphone, and bypassing the authentication system of the existing authentication method. Do it.
  • the user authentication system 10 determines whether or not to be the same person by grasping the similarity of the heart rate data of two devices including the other device linked to the device to be authenticated, and thereby lowering the False Acceptance Rate (FAR), Since the process of determining whether to be authenticated is not performed by the device to be authenticated, but by another device that is linked, if the device to be authenticated is stolen, bypassing the authentication system becomes impossible.
  • FAR False Acceptance Rate
  • the user authentication system 10 is practically impossible to learn by acquiring other users' data, so that a one-class classification algorithm can be applied in practice.
  • a one-class classification algorithm can be applied in practice.
  • the user authentication system 10 is used for devices that require user authentication for unlocking the device or for financial services, and when the user's body comes into contact with the heart rate sensor of the smartphone, the smartphone requests an authentication attempt to the smart watch, and the following The system operates as a process.
  • the first computing device 100 can communicate with the second computing device 200 and receives second biometric data transmitted from the second computing device 200.
  • the first computing device 100 collects first sensor data through an embedded first sensor.
  • the first sensor data includes first biometric data and first motion data.
  • the second computing device 200 collects second sensor data through one or more second sensors, and transmits the second sensor data to the first computing device 100.
  • the second sensor data includes second biometric data and second motion data.
  • the first sensor embedded in the first computing device 100 and the second sensor embedded in the second computing device 200 include sensors of the same type.
  • the first sensor and the second sensor are composed of a heart rate sensor (HR sensor), an acceleration sensor (accelerometer sensor), and a gyro sensor (Gyroscope Sensor), but are not limited thereto.
  • the first biometric data and the second biometric data are heart rate data collected using a heart rate sensor
  • the first motion data and the second motion data are acceleration data collected using an acceleration sensor and It may be gyro data collected using a gyro sensor.
  • the first computing device 100 calculates a degree of similarity between the first biometric data and the second biometric data, and determines whether the user of the first computing device 100 and the user of the second computing device 200 are the same according to the similarity. Then, a process of generating a user authentication result of the second computing device 200 is performed based on user behavior analysis through the first sensor data and the second sensor data.
  • the first computing device 100 further performs a preprocessing process of removing noise from the first biometric data, the second biometric data, the first motion data, and the second motion data.
  • the second computing device 200 transmits second sensor data including second biometric data and second motion data, and receives a user authentication result of the second computing device 200 from the first computing device 100. Perform the process of doing.
  • FIG. 2 is a diagram illustrating an authentication procedure flow of a user authentication system.
  • the first computing device 100 is a smart watch
  • the second computing device 200 is a smart phone.
  • a smartphone is a device that attempts authentication
  • a smart watch represents a device attached to a user's body.
  • the user authentication system 10 determines whether to authenticate a user by using sensors built into two devices interlocked, such as a smart phone interlocked with a smart watch. As a result, the possibility of bypassing the authentication system can be solved because the authentication process is performed in a device attached to a user's body linked to a device attempting authentication, not a device attempting authentication.
  • the smartphone when the smartphone detects an authentication attempt, the smartphone transmits an authentication attempt request signal to the smart watch, and transmits the second sensor data measured through the second sensor built in the smartphone to the smart watch.
  • the smart watch is a device attached to the user's body by interlocking with a device attempting authentication rather than a device attempting authentication, and receives second sensor data transmitted from the smartphone.
  • the smart watch measures first biometric data through the built-in first sensor.
  • the smart watch determines whether to authenticate a user based on the first sensor data and the second sensor data, and transmits the generated user authentication result to the smartphone.
  • the smartphone allows the user of the smartphone to access if it is determined that the authentication attempter is the device owner based on the received user authentication result.
  • FIG. 3 is a diagram illustrating in detail a second computing device and a user authentication process inside the first computing device
  • FIG. 4 is a flowchart illustrating a method of operating a user authentication system according to an embodiment of the present invention.
  • the user authentication system 10 collects data from a heart rate sensor, an acceleration sensor, and a gyro sensor from the smartphone and smart watch for a certain period of time (S410, S412). At this time, the data collected from the smartphone is transmitted to the smart watch (S310), and noise of the first biometric data measured by the transmitted smartphone and the second biometric data collected from the smart watch is removed (S320, S420). .
  • the user authentication system 10 measures the similarity of the two data through heart rate data measured by the smartphone and the smart watch, and determines whether the current users of the two devices are the same based on a preset threshold (S330, S430).
  • the first computing device 100 stops the authentication process and transmits an authentication failure signal to the second computing device 200 (S460).
  • the first computing device 100 determines that the current users of the two devices are the same person, and it is highly likely that they are the owners of the smartphone devices, and thus the next step is performed.
  • the next step is to extract behavioral features for user authentication along with Fourier transform of the data measured by the heart rate sensor, acceleration sensor, and gyro sensor (S340, S440), and input the behavioral characteristics into the user authentication model. It is determined whether the user is authenticated (S350, S450).
  • the user authentication system 10 approves or rejects the authentication attempt of the smartphone according to the result in step S350.
  • the user authentication system 10 is operated based on a smartphone and a smart watch. When an authentication attempt is detected by the smartphone, the smartphone and smart watch collect data.
  • Data collection is a process of acquiring data from sensors built into smart phones and smart watches, and three sensors are used in the present invention.
  • the three sensors are heart rate sensor, acceleration sensor and gyro sensor.
  • the heart rate sensor is a sensor that measures the heart rate in beats per minute. Like fingerprints, heartbeat is used for authentication to determine individual users because each individual has unique rhythms and characteristics. Sensors for measuring heart rate include, for example, an electrocardiogram (ECG) sensor or a photoplethysmography (PPG) sensor.
  • ECG electrocardiogram
  • PPG photoplethysmography
  • the accelerometer sensor is a sensor that measures the acceleration of an object or the intensity of an impact.
  • the acceleration sensor processes x, y, and z-axis information to measure dynamic forces such as acceleration, vibration, and impact of an object, and mainly records a user's larger motion pattern, such as moving or walking the user's arm.
  • the Gyroscope Sensor is a sensor that measures the angular velocity, which is the rotational speed of an object, by processing x, y, and z axis information.
  • the gyro sensor records detailed actions of the user, such as how to hold an object.
  • the data collection process is activated when a smartphone's authentication attempt is detected.
  • An authentication attempt means when the heart rate sensor detects a body ground.
  • the preprocessing process is a process of preprocessing the collected sensor data, and operates to increase authentication accuracy by removing noise from the data.
  • appropriate filters are applied according to the characteristics of the sensor data.
  • Low-pass Filter (LPF), High-pass Filter (HPF), Band-pass Filter (BPF), Moving Average are applied to compensate for unnecessary noise and errors.
  • Filter (MAF), etc. are applicable.
  • the data from which noise has been removed through filtering are used to check whether the smart watch user and the smartphone authentication target are the same and whether the smartphone user is a registered user of the smartphone.
  • Low-pass Filter is a low-pass filter that passes only the low-pass frequency component, which is a frequency component lower than the cutoff frequency, among the frequency components of the input signal.
  • the high-pass filter is a high-pass filter that passes only the high-pass frequency component, which is a frequency component higher than the cutoff frequency, among the frequency components of the input signal.
  • Band-pass Filter is a passband filter that passes only forces within a desired specific frequency band without attenuation, and attenuates the remaining frequency forces.
  • Moving Average Filter (MAF) averages and outputs continuously input values, and reflects the change of values.
  • the first phase for user authentication is an Identical Decision process, and it is determined whether the smart watch user and the smart phone user are the same person based on the heart rate data acquired from the smart phone and the smart watch.
  • the similarity of two heart rate data is evaluated using a dynamic time warping (DTW) algorithm. If the similarity of the two data exceeds the set threshold, the probability that the users of the two devices are the same person is high, so the authentication process (2nd Phase) is performed. If the similarity between the two data does not exceed the threshold, authentication The attempt is terminated and an authentication failure signal is transmitted to the smartphone.
  • DTW dynamic time warping
  • Dynamic Time Warping is an algorithm that measures the similarity between two time sequences by comparing two similar data that may have different speeds, and is used to evaluate the similarity of heart rate.
  • Feature Extraction is a step of extracting behavioral features from data for user authentication (2nd Phase). For high authentication accuracy, unique behavioral features are extracted for each user.
  • Feature data considered for feature extraction is calculated from acceleration data, gyro data, and heart rate data.
  • the acceleration sensor and the gyro sensor calculate a data size of processing the output values of the x, y, and z axes as one representative value, and consider them as feature data for feature extraction. Furthermore, both the time domain and the frequency domain of data are considered.
  • the sensor data in the frequency domain can be obtained by performing Fourier transform on the sensor data in the time domain, and a fast Fourier transform (FFT) is used for fast authentication.
  • FFT fast Fourier transform
  • Acceleration data (x, y, z, magnitude) in the time domain and frequency domain
  • gyro data (x, y, z, magnitude) in the time domain and frequency domain. domain)
  • a Fourier transform is performed on heart rate data in a time domain and a frequency domain
  • the second phase for user authentication is the user authentication process, and the user of the smartphone uses the characteristics of the behavior extracted from the heart rate data, acceleration data, and gyro data of the smartphone and smart watch. Determine whether you are a registered user of the phone.
  • User authentication is a machine learning algorithm and one-class classification (OCC) algorithm that does not require learning data from non-users to determine user authentication.
  • OCC classification
  • the OCC algorithm is an algorithm that can be practically applied because it does not learn non-user data, and one-class support vector machine, one-class K-Means, etc. can be used.
  • User authentication determines whether to authenticate by inputting the user's behavioral characteristics into a machine learning model that is learned from the user's behavioral characteristics. User authentication is divided into an authentication model learning step and an authentication decision step. Since the smart watch has the possibility of stealing the authentication template of the registered user of the smartphone, a method for protecting the authentication template is applied at each step.
  • the authentication model learning is a process of registering data of a registered user of a smartphone in advance to confirm a registered user of the smartphone in order to determine whether to authenticate for user authentication.
  • the authentication model learning step is executed when the registered user of the smartphone selects this authentication method, and the authentication model is trained in three steps to prevent the attacker from stealing the authentication model and feature data.
  • the first step of learning authentication models is to deploy two or more authentication models based on the same machine learning algorithm and apply bagging (bootstrap aggregating) to train multiple authentication models.
  • Bagging is one of the ensemble techniques used in machine learning, and it increases the stability and accuracy of the model and prevents the model from overfitting.
  • the second step of learning the authentication model is the step of removing the training data, and when the learning of the authentication model through bagging is completed, all the data used for the training is deleted from the smartwatch. This eliminates the possibility of stealing the learning data, and prevents reuse attacks of learning data.
  • the third step of learning the authentication model is a step of obfuscation of the combination extraction and authentication process of sub-feature data through packing, and encryption, which is a representative method of packing, is applied.
  • Packing creates two sections in the program, one section stores the code that uses the public key to encrypt the authentication program including the combination of sub-feature data, and the other section stores the code that decrypts the encrypted section. .
  • the program modified through packing is robust against binary analysis such as reverse-engineering, and as a result, information about the authentication process can be protected from the threat of hijacking.
  • Determination of whether to authenticate is a step of confirming whether the input data belongs to the registered user of the smartphone based on the learned authentication model. Upon authentication, the Identical Decision process in the 1st phase is passed and then executed, and is carried out over a total of 3 steps.
  • the first step of determining whether to authenticate is an unpacking step of decrypting the encrypted authentication program through a packing process in the authentication model learning step. After unpacking, the algorithm of the combination extraction and authentication process of sub-feature data implemented at the time of learning in the memory is restored.
  • Generates N n(f) ⁇ .
  • di extracts a combination of sub-feature data identical to ti through the process performed in step 1 of authentication model training.
  • ri fi(di)
  • the results of each model are collected, and the classification result determined by more than half of them is derived as the final result. For example, if more than half of the input data is determined as the registered user of the smartphone, the smartwatch allows the user to access the smartphone.
  • FIG. 5 is a flowchart illustrating an operation of a first computing device according to another embodiment of the present invention.
  • the user authentication method may be performed by the computing device, and detailed descriptions of operations performed by the computing device and overlapping descriptions will be omitted.
  • step S510 the first computing device 100 receives second sensor data including second biometric data and second motion data collected through one or more second sensors embedded in the second computing device 200. .
  • step S520 first sensor data including first biometric data and first motion data is collected through the first computing device 100 and one or more first sensors.
  • the first computing device 100 further performs a preprocessing process of removing noise from the first biometric data, the second biometric data, the first motion data, and the second motion data.
  • step S530 the first computing device 100 calculates a degree of similarity between the first biometric data and the second biometric data, and determines whether the user of the first computing device and the user of the second computing device are the same according to the similarity. .
  • the process of determining whether they are the same person synchronizes the measurement interval of the first biometric data and the second biometric data having different waveforms according to the measurement time, and compares the waveform of the first biometric data and the waveform of the second biometric data to determine the similarity. Calculate.
  • the first computing device 100 determines the user of the first computing device 100 and the user of the second computing device 200 to be the same person, and when the similarity degree does not exceed the threshold value , Transmits an authentication failure signal to the second computing device 200.
  • step S540 the first computing device 100 performs a process of generating a user authentication result of the second computing device 200 based on the analysis of the user's behavior through the first sensor data and the second sensor data.
  • the behavioral features are extracted based on the first sensor data and the second sensor data, and the original sensor data of the registered user of the second computing device 200 is And learning the authentication model by registering, and checking whether the user of the second computing device 200 is a registered user of the second computing device 200 based on the learned authentication model.
  • the time domain and the frequency domain are considered for the first sensor data and the second sensor data, and feature data is extracted, and the feature data is data corresponding to three axes and data along three axes.
  • the size of, and the frequency domain sensor data is obtained by Fourier transforming the time domain sensor data.
  • a plurality of authentication models are connected in parallel, and a set of training data for a combination of sub-feature data randomly extracted from the original sensor data on the behavior of the registered user of the second computing device 200 is obtained.
  • the first computing device 100 stores a code for decrypting (i) a user authentication algorithm including a combination of encrypted sub-feature data and (ii) a user authentication algorithm including a combination of encrypted sub-feature data, and 2 When the user of the computing device 200 attempts authentication, a decryption process is performed.
  • the process of determining whether the user of the second computing device 200 is the registered user of the second computing device 200 is to decrypt a user authentication algorithm including a combination of encrypted sub-feature data, and randomly from the extracted feature data.
  • a set of test data for a combination of extracted subfeature data is generated, and a set of test data is applied to a plurality of authentication models to determine whether to authenticate the second computing device 200 according to the classification result of the plurality of authentication models. .
  • an authentication success signal is transmitted.
  • an authentication failure signal is transmitted to the second computing device 200.
  • each process is sequentially executed, but this is merely an example, and those skilled in the art may change the order shown in FIG. 5 within the range not departing from the essential characteristics of the embodiment of the present invention. Or, by executing one or more processes in parallel, or adding other processes, various modifications and variations may be applied.
  • FIG. 6 is a flowchart illustrating an operation of a second computing device according to another embodiment of the present invention.
  • User authentication using the second computing device may be performed by the computing device, and detailed descriptions of operations performed by the computing device and overlapping descriptions will be omitted.
  • step S610 the second computing device 200 collects second sensor data including the second biometric data and the second motion data from one or more second sensors.
  • step S620 the second computing device 200 transmits second sensor data including second biometric data and second motion data.
  • step S630 the second computing device 200 performs a process of receiving a user authentication result of the second computing device 200 from the first computing device 100.
  • the first computing device 100 determines the similarity between the first biometric data acquired by the first computing device 100 and the second biometric data, the similarity does not exceed a threshold value. In case of failure, an authentication failure signal is received.
  • the process of receiving the user authentication result is a second when the first computing device 100 determines that the majority of the classification results of the plurality of authentication models are registered users of the second computing device 200 through a voting algorithm. An authentication success signal transmitted to the computing device 200 is received.
  • each process is intervened to be executed sequentially, but this is only illustrative, and those skilled in the art may change the order shown in FIG. 6 within the scope not departing from the essential characteristics of the embodiment of the present invention. Or, by executing one or more processes in parallel, or adding other processes, various modifications and variations may be applied.
  • the user authentication system 10 extracts behavioral features for user authentication along with Fourier transform of data measured by a heart rate sensor, an acceleration sensor, and a gyro sensor, and uses the behavioral features as a user authentication model. Enter in to determine whether to authenticate the user.
  • the user authentication system 10 is operated based on a smartphone and a smart watch.
  • the smartphone and smart watch collect data.
  • a heart rate sensor, an acceleration sensor, and a gyro sensor are used in the present invention.
  • the user authentication system 10 may generate behavior feature data in the form of an image by extracting standardized behavior features from the first and second sensor data collected from the heart rate sensor, the acceleration sensor, and the gyro sensor.
  • the behavior characteristic data is the first behavior characteristic data extracted as first sensor data collected through the first computing device 100 and the second sensor collected through the second computing device 200.
  • the second behavioral feature data extracted as data may be included.
  • the above-described behavioral feature data is unregistered by converting the behavioral feature data input from the user's posture during authentication registration to generate registration standardized data, and converting the behavioral feature data input from the user's posture upon authentication attempt.
  • Standardized data can be generated.
  • the registration standardized data may include first registration standardized data from which the first behavioral feature data is converted and second registration standardized data from which the second behavioral feature data is converted, and the first behavioral feature data is converted to the unregistered standardized data.
  • the first non-registered standardized data and second non-registered standardized data obtained by converting the second behavior feature data may be included.
  • the above-described data conversion model includes a first process of generating first registration standardized data and second registration standardized data by inputting the first behavior characteristic data and the second behavior characteristic data into a generator, and the characteristics of the first behavior characteristic data and the second.
  • the second process of inputting the characteristics of the behavioral feature data, the characteristics and labels of the first registration standardized data and the second registration standardized data into the discriminator, and adjusting the weight of the discriminator based on the discriminator's loss function, and the discriminator's loss function. It passes to the generator and performs a third process of adjusting the weight of the generator.
  • the data conversion model may be trained.
  • the second set value may be 0.5, but is not limited thereto.
  • Learning of the user authentication model generates first registration standardized data and second registration standardized data according to the user's attitude during authentication registration based on the data conversion model, and the first registration standardized data and the second registration standardized data are sent to the discriminator. It is possible to learn the user authentication model by giving different labels by determining whether the user's data or the data of another person is based on the input and generated discrimination value.
  • the user authentication system 10 registers registration standardized data of a registered user of the second computing device 200 to learn an authentication model, and a second computing device based on the learned authentication model. It may be checked whether the user of 200 is a registered user of the second computing device 200.
  • a plurality of authentication models are connected in parallel, and the first registration standardized randomly extracted from the first sensor data and the second sensor data of the registered user's behavior of the second computing device 200
  • a set of training data for the combination of data and the second registration standardized data can be created, and the training data can be applied to a single class learning algorithm to train multiple authentication models, and used to train multiple authentication models.
  • the learning data may be deleted from the first computing device 100. It may include a process of encrypting a user authentication algorithm including a combination of the extracted subfeature data, and a decryption process may be performed when the user of the second computing device 200 attempts authentication.
  • Confirming that the user of the second computing device 200 is a registered user of the second computing device 200 decrypts a user authentication algorithm including a combination of encrypted first registration standardized data and a combination of second registration standardized data,
  • the second computing device 200 generates a set of test data for a combination of sub-feature data randomly extracted from the extracted feature data, and applies the set of test data to a plurality of authentication models, according to the classification results of the plurality of authentication models. ) Can be determined.
  • the first computing device 100 When the second computing device 200 determines that the majority of the classification results of the plurality of authentication models are registered users of the second computing device 200 through a voting algorithm, the first computing device 100 performs the second computing. When it is determined that the authentication success signal is transmitted to the device 200 and the majority of the classification results of the plurality of authentication models are not registered users of the second computing device 200 through a voting algorithm, the first computing device 100 ) May transmit an authentication failure signal to the second computing device 200.
  • the first unregistered standardized data and the second unregistered standardized data according to the user's posture are generated, and the first non-registered standardized data is used in the user authentication model. And it is possible to determine whether to release or fail authentication according to the predicted value generated by inputting the second unregistered standardized data.
  • FIG. 7 is a diagram illustrating a second computing device according to another embodiment of the present invention.
  • the second computing device 200 includes a data conversion model 12 and a user authentication model 14.
  • the second computing device 200 may omit some of the various components exemplarily illustrated in FIG. 7 or may additionally include other components.
  • the second computing device 200 guarantees authentication performance and accuracy when attempting to release authentication in an unregistered posture during authentication registration in behavior-based authentication.
  • the second computing device 200 may utilize the data conversion model 12 to enable authentication when attempting to release authentication in an unregistered posture. Through this, the behavior feature data of the unregistered posture is converted into the behavior feature data of the registered posture level to enhance authentication accuracy and usability.
  • the second computing device 200 converts data using a Generative Adversarial Network (GAN) to correct changes in behavioral characteristics due to changes in posture in behavior-based authentication, which allows users to Authentication can be made possible even if authentication is cancelled.
  • GAN Generative Adversarial Network
  • the data conversion model 12 of the second computing device 200 is used based on a generative adversarial network (GAN), and the user authentication model 14 is convolutional It can be used based on a convolutional neural network (CNN). This is not necessarily limited.
  • GAN generative adversarial network
  • CNN convolutional neural network
  • GAN Generative Adversarial Network learns real data as a generator and generates false data based on it. False data is false data close to reality. The discriminator can learn to determine whether the data presented by the generator is real or false.
  • a convolutional neural network is a type of deep neural network (DNN), one or several convolutional layers, a pooling layer, and a fully connected layer. connected layers).
  • a convolutional neural network has multiple layers connected to a network and includes a hidden layer.
  • the layer may include parameters, and the parameters of the layer include a set of learnable filters.
  • the filter can apply a convolution filter. Parameters include weights and/or biases between nodes.
  • Behavior-based authentication is a technology that authenticates a user by using the user's behavior data collected from sensors and touch screens built into the mobile device.
  • Behavior-based authentication can solve the problems of existing authentication methods such as PIN, password, and biometric authentication.
  • PIN password
  • biometric authentication biometric authentication
  • the behavior-based authentication since the behavior of the user changes according to the posture, there is a problem that one behavior authentication model must be created for each posture. There is a problem of hindering usability of having to register data. In particular, it is practically difficult to generate an authentication model in various postures because the usage environment of the mobile device is variable.
  • the second computing device 200 converts behavioral feature data without generating an authentication model for various postures that the user has not registered, it may be possible to guarantee both usability and authentication accuracy.
  • the second computing device 200 can cancel authentication even in various postures, thereby reducing the authentication error rate, and there is no need to generate and learn a number of authentication models according to the posture. Increases. Through this, it is possible to increase the commercialization and practicality of behavior-based authentication, and since the data of all postures is converted to the same level based on the data conversion model 12, it is possible to omit the step of classifying the posture during authentication. Since data is converted without distinction, the authentication process can be simplified and efficiency can be increased.
  • the second computing device 200 is used in a device requiring user authentication for unlocking a device or for financial services.
  • the user's behavioral characteristics are analyzed to determine whether the user is the same person as the authentication registered user of the smartphone, and the authentication may be canceled.
  • the second computing device 200 Based on the data conversion model 12, the second computing device 200 generates registration standardized data by converting (i) behavior characteristic data input according to the user's attitude during authentication registration, and (ii) generating registration standardized data. Converting the input behavioral feature data according to the posture to create unregistered standardized data, and determining the authenticity of the unregistered standardized data through the user authentication model 14 formed based on the registered standardized data to determine the authentication cancellation or authentication failure. The process can be carried out.
  • the second computing device 200 may include a touch sensor and one or more motion sensors, but is not limited thereto.
  • the second computing device 200 may collect motion data through one or more built-in motion sensors, and may collect touch data through a touch sensor.
  • the integrated sensor data includes motion data and touch data.
  • the second computing device 200 generates integrated sensor data including touch data collected through the touch sensor and motion data collected through one or more motion sensors, and extracts the user's behavioral features through the integrated sensor data to provide an image. It creates behavioral feature data of the form.
  • Motion data is collected in a predetermined time unit during which a user of the second computing device 200 performs a motion.
  • the time when the motion data is collected is synchronized with the time when the touch data is collected.
  • the touch data expresses the location where the touch occurred in coordinates.
  • motion data is recorded in touch data representing the point of occurrence of the coordinates according to the synchronized collection time.
  • the motion sensor may include (i) an acceleration sensor that measures acceleration applied to the sensor, (ii) a geomagnetic sensor that measures a magnetic field around the sensor, and (iii) a gyro sensor that measures an angular velocity that occurs when the sensor moves.
  • an acceleration sensor that measures acceleration applied to the sensor
  • a geomagnetic sensor that measures a magnetic field around the sensor
  • a gyro sensor that measures an angular velocity that occurs when the sensor moves.
  • This is not necessarily limited, and may be formed as a sensor capable of extracting behavioral feature data by extracting behavioral features based on motion data of a user using a smartphone.
  • the motion sensor is an acceleration sensor. It can be formed as a 9-axis sensor module combining a geomagnetic sensor and a gyro sensor.
  • the second computing device 200 converts the behavior feature data to determine whether there is a change according to the behavior feature data input by the creator of the second computing device 200 and the user of the second computing device 200 to generate an output image of the same size as the behavior feature data. It may include a differentiator to extract the value. This is not necessarily limited, and some components may be omitted or other components may be additionally included among various components illustrated by way of example. The generator and the discriminator can interact with each other.
  • the discrimination value of the discriminator when the discrimination value of the discriminator is more than half, it is behavior characteristic data input by the user of the second computing device 200 when attempting authentication. If the discrimination value of the discriminator is less than the majority, it is the behavior characteristic data converted by the creator.
  • the second computing device 200 generates registration standardized data according to the user's posture when registering for authentication based on the data conversion model 12, and the user's data according to the discrimination value generated by inputting the registration standardized data to the discriminator.
  • the determination value when the determination value is greater than or equal to a preset value in the learning of the user authentication model 14 described above, it may be labeled as 1, and if it is less than a preset value, it may be labeled as 0.
  • the preset value may be 0.9, but is not limited thereto.
  • the second computing device 200 generates unregistered standardized data according to the user's posture when the user attempts to authenticate, and determines whether to release or fail authentication according to a predicted value generated by inputting the unregistered standardized data into the user authentication model.
  • the authentication cancellation may be determined when the predicted value of the user authentication model is greater than or equal to a first set value, and whether authentication fails may be determined when the predicted value of the user authentication model is less than the first set value.
  • the first setting value may be 0.5, is not necessarily limited thereto, and may be changed by a user who uses the second computing device 200.
  • the data conversion model 12 includes a first process of generating registration standardized data by inputting the user's behavioral characteristic data into a creator, the characteristics of the behavioral characteristic data, and the characteristics and labels of the registration standardized data.
  • a second process of inputting into the discriminator and adjusting the weight of the discriminator based on the discriminator's loss function, and a third process of transferring the discriminator's loss function to the generator and adjusting the weight of the generator may be performed.
  • the second set value may be 0.5, but is not limited thereto.
  • the user authentication model 14 gives different labels according to the discrimination value generated by inputting registration standardized data to the trained discriminator based on the learned data conversion model 12 described above, and registration based on different labels It can be determined whether the standardized data is data of a user of a smartphone or data of another person.
  • the second computing device 200 may input unregistered standardized data into the user authentication model 14 and determine whether to cancel authentication or fail authentication according to a predicted value generated. According to an embodiment of the present invention, authentication cancellation may be determined when the predicted value of the user authentication model 14 is greater than or equal to a majority, and whether or not authentication failure may be determined when the predicted value of the user authentication model 14 is less than the majority.
  • the second computing device 200 converts the posture-level behavioral feature data at the time of authentication attempt into the posture-level behavioral feature data at the time of authentication registration in order to enable authentication when an authentication release is attempted in an unregistered posture.
  • a Generative Adversarial Network GAN is used, and since the converted data has a high similarity to the posture data at the time of authentication registration, authentication accuracy and usability are enhanced.
  • the second computing device 200 of the present invention learns the behavior feature data of the posture even when attempting to cancel authentication not only in the posture learned by the action-based authentication to which the data conversion technology is applied, but also in various postures that have not been learned. Since the similarity to the behavior feature data is high, the user can be normally authenticated by the second computing device 200.
  • the second computing device 200 converts the posture data input at the time of authentication registration through behavior-based authentication to which data transformation is applied, through the pretrained data transformation model 12, and uses the transformed data for authentication model training. .
  • the received posture data is converted through the same data conversion model 12 regardless of the posture, and the authentication model analyzes the converted data to determine whether authentication is canceled or authentication has failed.
  • the converted behavioral characteristic data is registered standardized data in which the behavioral characteristic data input according to the user's posture during authentication registration of a user during authentication registration is converted, and when authentication is attempted by a user
  • the behavior feature data input according to the user's posture may include unregistered standardized data converted.
  • FIG. 8 is a flowchart illustrating in detail the flow of an authentication procedure of a second computing device according to an embodiment of the present invention.
  • the second computing device 200 is a smartphone.
  • a smartphone is a device that attempts to authenticate.
  • the second computing device 200 determines whether to authenticate according to the user's behavior characteristic using a motion sensor built into the smartphone. As a result, in the authentication process, authentication can be performed using not only the existing authentication methods such as passwords and patterns, but also the behavior data of the user attempting authentication.
  • a smartphone is a device that a user attempts to authenticate, and allows the user of the smartphone to access when the authentication attempter is found to be the owner of the smartphone by extracting the behavioral features of the smartphone authentication attempter.
  • FIG. 8 is a detailed flowchart illustrating a user authentication process inside the user authentication device.
  • the user authentication process inside the second computing device 200 includes a pattern input step (S810), data collection step (S820), behavior feature extraction step (S830), data conversion step (S840), authentication model learning step (S842). ), user authentication step (S844), and authentication result step (S850).
  • the second computing device 200 inputs a pattern for an authentication attempt by the user in the smartphone (S810), and the acceleration sensor of the smartphone during a time period during which the user attempts to register or cancel authentication is input.
  • Motion data is collected from the geomagnetic sensor and the gyro sensor (S820).
  • a touch screen in the step of collecting data (S820), a touch screen and an acceleration sensor.
  • Geomagnetic sensors and gyro sensors can be used.
  • action feature data is extracted based on the standardized action feature through the motion data collected in step S810.
  • Motion data is unique and sensible data collected from users.
  • the extracted behavioral feature data is converted and corrected to the behavioral feature data level of the posture during authentication registration through a data conversion model 12 based on a generative adversarial network (GAN).
  • GAN generative adversarial network
  • the converted data may be used in the authentication model learning step (S842) when the authentication status is when authentication is registered, and may be used in the user authentication step (S844) when the authentication is attempted.
  • an authentication model based on a convolutional neural network may be learned in advance through data converted for user authentication.
  • the user authentication step (S844) is a step of attempting user authentication by using the model learned through the authentication model learning step (S342) and the transformed behavior feature data. Authentication is determined by inputting data converted from the behavior characteristic data input when authentication is attempted in the machine learning model learned from the data converted from the behavior characteristic data input when the user registers for authentication.
  • each process is intervened to be executed sequentially, but this is only illustrative, and those skilled in the art may change the order shown in FIG. 8 within the range not departing from the essential characteristics of the embodiment of the present invention. Or, by executing one or more processes in parallel, or adding other processes, various modifications and variations may be applied.
  • FIG. 9 is a detailed flowchart illustrating a process of collecting data and extracting behavioral features according to a pattern input by a second computing device according to an embodiment of the present invention.
  • FIG. 9A is a diagram illustrating touch data generated when a pattern is input by a second computing device
  • FIG. 9B is a flowchart illustrating a method of collecting data and extracting behavior characteristics according to a pattern input to a second computing device.
  • a user when drawing a pattern, a user may draw a free line between grids rather than a straight line. Accordingly, even with the same pattern, locations of touch events occurring from different users may be different.
  • the pattern lock method of the existing smartphone can only express input with a grid and a straight line, the input of the same pattern was fixed, and there was a risk that authentication could be allowed by others when the pattern was exposed.
  • the present invention even if the pattern is the same, since the drawing method is different for each user, even if the pattern is exposed, authentication by others can be prevented through touch event coordinates.
  • the accuracy can be further improved by utilizing the data of three integrated sensors.
  • User authentication is operated based on a smartphone.
  • the smartphone detects an authentication attempt, the smartphone collects data.
  • the process of collecting data and extracting behavioral features according to the pattern input of the second computing device includes a pattern input step (S910), an integrated sensor data measurement step (S920) for each unit time, a touch screen and three sensors (accelerometer, geomagnetic machine, gyrometer). )
  • Data collection is a process of acquiring motion data from a motion sensor embedded in a smartphone, and three motion sensors are used in the present invention.
  • the three motion sensors are acceleration sensors. It is a geomagnetic sensor and a gyro sensor.
  • the accelerometer sensor is a sensor that measures the acceleration of an object or the intensity of an impact.
  • the acceleration sensor processes x, y, and z-axis information to measure dynamic forces such as acceleration, vibration, and impact of an object, and mainly records a user's larger motion pattern, such as moving or walking the user's arm.
  • the terrestrial magnetism sensor is a sensor used to detect geomagnetism.
  • the geomagnetic sensor can know the direction of the geomagnetism, and can know the magnitude from the vibration period.
  • the Gyroscope Sensor is a sensor that measures the angular velocity, which is the rotational speed of an object, by processing x, y, and z axis information.
  • the gyro sensor records detailed actions of the user, such as how to hold an object.
  • the motion sensor described above is an acceleration sensor. It can be formed as a 9-axis sensor module by combining a geomagnetic sensor and a gyro sensor.
  • the 9-axis sensor module is a complex sensor module formed of 3 axes of acceleration, 3 axes of gyro, and 3 axes of geomagnetism, and performs both a 3D position and rotation in a 3 axis direction in a 3D space. You can get it.
  • the second computing device 200 can check all three-dimensional positions and directions using the 9-axis sensor module, it is easy to extract the behavioral features of the user.
  • the data collection process is activated when a smartphone's authentication attempt is detected.
  • the authentication attempt means when a pattern is input to a smartphone.
  • the touch screen may express the location where the touch event occurs at a specific time on the screen as X and Y coordinates. By utilizing the characteristics of these motion sensors, the measurement time of the touch screen and the remaining three sensors can be synchronized.
  • motion data is recorded at a point where a touch event occurs while a user draws a pattern, and 0 is recorded at other points.
  • the smartphone screen is expressed as an image, and the dimension of the image can be set to 9 because the accelerometer, geomagnetic machine, and gyrometer measure the values of the X, Y, and Z axes respectively.
  • the data collection method of the present invention expresses data in the form of images, it is convenient to interlock with the deep learning model, and it is possible to utilize the touch screen of the smartphone and three sensors such as gesture-based authentication as well as patterns. If there is an authentication method, it can be applied to any method.
  • the behavioral feature data of the user extracted in the feature extraction step before data conversion may be expressed as a feature combination (F) in the form of an image.
  • the image size of the feature combination (F) of the image form is n x n, and the number of dimensions per pixel is 9.
  • the second computing device 200 applies a Generative Adversarial Network (GAN) to transform behavior feature data extracted through motion data, which is not necessarily limited. .
  • GAN Generative Adversarial Network
  • a generative adversarial neural network model (M GAN ) has a size of nxn and receives an image F composed of 9 dimensions.
  • F denotes the above-described behavioral feature data expressed as a feature combination in the form of an image.
  • the generative hostile neural network model (M GAN ) is composed of a generator representing a generator and a discriminator representing a discriminator.
  • the creator plays a role of data conversion in the second computing device 200, receives an input F in which the behavioral feature data of the data input by the user of the smartphone is expressed as a combination of features in the form of an image, and outputs the same size as the received F Can generate image F'.
  • the discriminator may receive behavioral feature data (a combination of image features) and output a discrimination value for conversion.
  • the discrimination value when the discrimination value is 0.5 or more, the behavioral feature data (image-type feature combination) may represent the behavioral feature data input by an actual user.
  • behavior feature data (combination of image-type features) converted by the creator may be indicated.
  • 0.5 which represents the criterion of the determination value, is not necessarily limited thereto, and may be changed by a user using a smartphone.
  • a generator representing a generator and a discriminator representing a discriminator may be composed of a convolutional neural network (CNN).
  • a convolutional neural network (CNN) may configure a user authentication model (M Auth ).
  • M GAN generative adversarial neural network
  • the second computing device 200 has a structure in which the creator and the discriminator are connected to each other, and may receive behavior characteristic data F from a user.
  • the constructor inputs a vector having an arbitrary value of the same size as the behavioral feature data (F) and generates the transformed data F'.
  • a label 1 is given to F, which is behavior data input from a user, and a label 0 is assigned to F'generated by a creator.
  • the discriminator can input the features and labels of F and F'and adjust the weight of the discriminator through the discriminator's loss function.
  • the discriminator can pass the loss function to the generator and can adjust the weight of the generator.
  • the user authentication model (M Auth ) is composed of a convolutional neural network (CNN).
  • the second computing device 200 receives sufficient behavioral feature data from a user to learn a user authentication model (M Auth ).
  • the user of the second computing device 200 may attempt authentication.
  • the behavioral feature data F Att input when the user attempts to authenticate is input to the learned constructor, and the converted data F'Att is created.
  • the second computing device 200 determines whether to allow/reject authentication according to the predicted value generated by inputting F'Att to the user authentication model M Auth .
  • the predicted value of the user authentication model (M Auth ) when the predicted value of the user authentication model (M Auth ) is 0.5 or more, it is possible to determine F'Att as the user's input data and allow authentication. If user authentication model is less than the predicted value of (M Auth) 0.5 may determine the F 'Att to be the user of the other input data that is not rejected and authentication.
  • the user of the second computing device 200 can perform authentication through the above-described process, and through this, the user can perform the behavior-based behavior in the posture in which the behavior characteristic is registered as well as in the unregistered posture. Authentication can be performed.
  • each component may have different functions and capabilities in addition to those described below, and may include additional components in addition to those not described below.
  • the illustrated computing environment includes a user authentication system 10.
  • the user authentication system 10 may be any type of computing device that transmits and receives signals to and from other terminals.
  • the user authentication system 10 includes at least one processor 1010, a computer-readable storage medium 1020, and a communication bus 1060.
  • the processor 1010 may cause the user authentication system 10 to operate according to the aforementioned exemplary embodiment.
  • the processor 1010 may execute one or more programs stored in the computer-readable storage medium 1020.
  • the one or more programs may include one or more computer-executable instructions, and the computer-executable instructions, when executed by the processor 1010, cause the user authentication system 10 to perform operations according to an exemplary embodiment. Can be configured.
  • Computer-readable storage medium 1020 is configured to store computer-executable instructions or program code, program data, and/or other suitable form of information.
  • the program 1030 stored in the computer-readable storage medium 1020 includes a set of instructions executable by the processor 1010.
  • the computer-readable storage medium 1020 includes memory (volatile memory such as random access memory, nonvolatile memory, or a suitable combination thereof), one or more magnetic disk storage devices, optical disk storage devices, Flash memory devices, other types of storage media that can be accessed by the user authentication system 10 and store desired information, or a suitable combination thereof.
  • the communication bus 1060 interconnects various other components of the user authentication system 10, including a processor 1010 and a computer-readable storage medium 1020.
  • the user authentication system 10 may also include one or more input/output interfaces 1040 and one or more communication interfaces 1050 that provide interfaces for one or more input/output devices (not shown).
  • the input/output interface 1040 and the communication interface 1050 are connected to the communication bus 1060.
  • the input/output device (not shown) may be connected to other components of the user authentication system 10 through the input/output interface 1040.
  • Exemplary input/output devices include pointing devices (mouse or trackpad, etc.), keyboards, touch input devices (touch pads or touch screens, etc.), voice or sound input devices, input devices such as various types of sensor devices and/or photographing devices, And/or an output device such as a display device, a printer, a speaker, and/or a network card.
  • An exemplary input/output device (not shown) is a component constituting the user authentication system 10 and may be included in the user authentication system 10, and is a separate device distinguished from the user authentication system 10 and is It can also be connected.
  • Computer-readable medium refers to any medium that participates in providing instructions to a processor for execution.
  • the computer-readable medium may include program instructions, data files, data structures, or a combination thereof.
  • there may be a magnetic medium, an optical recording medium, a memory, and the like.
  • Computer programs may be distributed over networked computer systems to store and execute computer-readable codes in a distributed manner. Functional programs, codes, and code segments for implementing the present embodiment may be easily inferred by programmers in the technical field to which the present embodiment belongs.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Social Psychology (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Les présents modes de réalisation concernent un système d'authentification d'utilisateur pour identifier si un dispositif d'essai d'authentification et un utilisateur enregistré sont ou non une même personne par analyse de similarité de données de capteur extraites de capteurs intégrés dans un premier dispositif informatique et un second dispositif informatique qui sont verrouillés mutuellement et fournir une authentification basée sur le comportement de l'utilisateur sur la base d'un apprentissage automatique par l'intermédiaire de caractéristiques de comportement extraites des données de capteur.
PCT/KR2019/010785 2019-05-02 2019-08-23 Système d'authentification d'utilisateur au moyen de capteurs intégrés dans une pluralité de dispositifs informatiques Ceased WO2020222367A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020190051527A KR102216158B1 (ko) 2019-05-02 2019-05-02 복수의 컴퓨팅 장치에 내장된 센서를 활용한 사용자 인증 시스템
KR10-2019-0051527 2019-05-02

Publications (1)

Publication Number Publication Date
WO2020222367A1 true WO2020222367A1 (fr) 2020-11-05

Family

ID=73029731

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2019/010785 Ceased WO2020222367A1 (fr) 2019-05-02 2019-08-23 Système d'authentification d'utilisateur au moyen de capteurs intégrés dans une pluralité de dispositifs informatiques

Country Status (2)

Country Link
KR (1) KR102216158B1 (fr)
WO (1) WO2020222367A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113626785A (zh) * 2021-07-27 2021-11-09 武汉大学 基于用户指纹按压行为的指纹认证安全增强方法及系统
CN113656776A (zh) * 2021-07-29 2021-11-16 西安电子科技大学 手机端身份认证方法、系统、设备、介质、终端及应用
WO2022130147A1 (fr) * 2020-12-16 2022-06-23 International Business Machines Corporation Apprentissage profond spatiotemporel pour la biométrie comportementale

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4432143A4 (fr) * 2022-02-07 2025-03-19 Samsung Electronics Co., Ltd. Dispositif électronique pour fournir une fonction de sécurité et son procédé de fonctionnement
WO2025116303A1 (fr) * 2023-11-29 2025-06-05 삼성전자주식회사 Dispositif portable et procédé de déverrouillage de dispositif portable sur la base d'un signal biométrique, et support d'enregistrement non transitoire lisible par ordinateur
KR20250156920A (ko) * 2024-04-25 2025-11-04 한림대학교 산학협력단 멀티팩터 기반 생체 인증 장치 및 방법

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150161371A1 (en) * 2013-03-18 2015-06-11 Kabushiki Kaisha Toshiba Electronic device and authentication control method
KR20160026791A (ko) * 2014-08-28 2016-03-09 알란 터지 케빈 경로 파라미터들을 포함하는 안면 인식 인증 시스템
KR20160098960A (ko) * 2015-02-11 2016-08-19 삼성전자주식회사 심전도에 기초한 인증 방법, 인증 장치, 심전도 기반 인증을 위한 학습 방법 및 학습 장치
JP2017130011A (ja) * 2016-01-20 2017-07-27 富士通株式会社 生体認証方法および生体認証装置
KR20190013307A (ko) * 2017-08-01 2019-02-11 연세대학교 산학협력단 숄더 서핑 공격에 강인한 패턴 입력 방법 및 장치

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150161371A1 (en) * 2013-03-18 2015-06-11 Kabushiki Kaisha Toshiba Electronic device and authentication control method
KR20160026791A (ko) * 2014-08-28 2016-03-09 알란 터지 케빈 경로 파라미터들을 포함하는 안면 인식 인증 시스템
KR20160098960A (ko) * 2015-02-11 2016-08-19 삼성전자주식회사 심전도에 기초한 인증 방법, 인증 장치, 심전도 기반 인증을 위한 학습 방법 및 학습 장치
JP2017130011A (ja) * 2016-01-20 2017-07-27 富士通株式会社 生体認証方法および生体認証装置
KR20190013307A (ko) * 2017-08-01 2019-02-11 연세대학교 산학협력단 숄더 서핑 공격에 강인한 패턴 입력 방법 및 장치

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022130147A1 (fr) * 2020-12-16 2022-06-23 International Business Machines Corporation Apprentissage profond spatiotemporel pour la biométrie comportementale
GB2617940A (en) * 2020-12-16 2023-10-25 Ibm Spatiotemporal deep learning for behavioral biometrics
GB2617940B (en) * 2020-12-16 2024-01-17 Ibm Spatiotemporal deep learning for behavioral biometrics
US12019720B2 (en) 2020-12-16 2024-06-25 International Business Machines Corporation Spatiotemporal deep learning for behavioral biometrics
CN113626785A (zh) * 2021-07-27 2021-11-09 武汉大学 基于用户指纹按压行为的指纹认证安全增强方法及系统
CN113626785B (zh) * 2021-07-27 2023-10-27 武汉大学 基于用户指纹按压行为的指纹认证安全增强方法及系统
CN113656776A (zh) * 2021-07-29 2021-11-16 西安电子科技大学 手机端身份认证方法、系统、设备、介质、终端及应用

Also Published As

Publication number Publication date
KR102216158B1 (ko) 2021-02-15
KR20200127437A (ko) 2020-11-11

Similar Documents

Publication Publication Date Title
WO2020222367A1 (fr) Système d'authentification d'utilisateur au moyen de capteurs intégrés dans une pluralité de dispositifs informatiques
US12335399B2 (en) User as a password
Yu et al. Security and privacy in the emerging cyber-physical world: A survey
Meng et al. Surveying the development of biometric user authentication on mobile phones
US9961547B1 (en) Continuous seamless mobile device authentication using a separate electronic wearable apparatus
WO2019216499A1 (fr) Dispositif électronique et procédé de commande associé
WO2020017706A1 (fr) Dispositif électronique et procédé pour le commander
WO2021080103A1 (fr) Procédé d'apprentissage et de test d'un réseau d'apprentissage utilisateur à utiliser pour reconnaître des données obscurcies créées par dissimulation de données originales afin de protéger des informations personnelles et dispositif d'apprentissage et dispositif de test l'utilisant
WO2019182409A1 (fr) Dispositif électronique et son procédé d'authentification
WO2021075867A1 (fr) Procédé de stockage et de récupération de clés pour système basé sur des chaînes de blocs et dispositif associé
WO2020149454A1 (fr) Dispositif électronique destiné à effectuer une authentification d'utilisateur et procédé d'opération associé
WO2017061758A1 (fr) Système et procédé d'authentification de signature manuscrite basés sur des blocs de segments
WO2017039287A1 (fr) Système et procédé d'authentification de signature manuelle sur la base de segments
Fiebig et al. Security impact of high resolution smartphone cameras
WO2020189810A1 (fr) Système d'authentification biométrique hybride dans un véhicule et son procédé de fonctionnement
Wu et al. Toward robust detection of puppet attacks via characterizing fingertip-touch behaviors
WO2018169159A1 (fr) Système d'authentification basé sur des informations biométriques variables, et procédé d'authentification utilisant ce système
WO2017183830A1 (fr) Procédé et appareil de renforcement de la sécurité pour la reconnaissance d'iris, par enregistrement et appariement répartis de modèles d'iris
WO2020189827A1 (fr) Dispositif électronique et procédé de commande associé
CN105530357A (zh) 一种手机上基于传感器的手势身份认证系统及方法
WO2018124671A1 (fr) Dispositif électronique et procédé de fonctionnement associé
WO2019125081A1 (fr) Système d'octroi de droits d'accès à usage unique à l'aide d'une chaîne de blocs
WO2022102830A1 (fr) Technique d'authentification d'utilisateur
EP3596645A1 (fr) Procédé et appareil permettant d'effectuer une authentification sur la base d'informations biométriques
WO2018169160A1 (fr) Système d'authentification complexe basé sur des informations biométriques variables, et procédé d'authentification complexe l'utilisant

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19927125

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19927125

Country of ref document: EP

Kind code of ref document: A1