隨著手機科技的進步，有越來越多的人使用智慧型手機並使用智慧型手機上有關金錢交易的功能，如股票下單、手機付款等。但目前市面上的手機卻未對此類應用程式不中斷使用者操作行為且具連續性的使用者識別機制，以達到更進一步地保護使用者手機上的隱私資料。本論文提出一個直接利用手機上的方位感測器去截取每位使用者操作角度，並藉由此行為特徵做為未來識別使用者的依據。為了驗證此識別機制的可行性，本研究開發兩個在手機上相當常見的應用程式聯絡人與相簿來模擬實驗參與者平時操作手機的情況，並進一步截取參與者操作手機的操作資料。根據實驗結果顯示識別機制的識別率在80%以上，證實了此機制確實能夠區分使用者差異，但做為識別機制而言安全性還需提升。

Recently, the smartphone has become a widely used handheld device for entertainments and commercial activities in daily life. However, currently, the smartphone has no transparent and continuous authentication mechanisms to improve the security level especially on commercial applications. In this paper, a non-intrusive and continuous approach for authenticating the smartphone user is proposed. The proposed approach uses the orientation sensor, which is a built-in device of a smartphone, to perceive the way of a user for holding the smartphone for biometrics. To test the proposed approach, we have developed an application that emulates two general functions of a smartphone, namely, the address book and the gallery, to collect orientation-sensor-based biometrics. The experiment results show that the proposed approach has a successful verification rate about 30% and a false acceptance rate over 25%. Therefore, the orientation-sensor-based feature may be used as a part for user verification.

[1] N. L. Clarke and S. M. Furnell, “Authenticating mobile phone users using keystroke analysis”, Int. J. Inf. Secur., Vol. 6, pp. 1-14, 2007.
[2] N. Clarke, S. Karatzouni, and S. Furnell, “Flexible and transparent user authentication for mobile devices”, D. Gritzalis and J. Lopez (Eds.): SEC 2009, IFIP AICT 297, pp. 1-12, 2009.
[3] M.N. DOJA and N. Kumar, “User authentication schemes for mobile and handheld devices”, INFOCOMP Journal of Computer Science, vol. 7, pp. 38-47, 2008.
[4] S. Furnell, “Beyond the PIN: Enhancing user authentication for mobile devices”, Computer Fraud & Security, pp. 12-17, Aug. 2008.
[5] Gartner Inc., “Gartner says mobile phone sales will exceed one billion in 2009”, Egham, U.K., 20 July 2005, available from: http://www.gartner.com/press_releases/asset_132473_11.html
[6] Gartner Inc., “Gartner Says Number of mobile payment users worldwide to Increase 70 percent in 2009”, STAMFORD, Conn., 28 May 2009, available from: http://www.gartner.com/it/page.jsp?id=995812
[7] Gartner Inc., “Gartner identifies the top 10 consumer mobile applications for 2012”, STAMFORD, Conn., 18 November 2009, available from: http://www.gartner.com/it/page.jsp?id=1230413
[8] Google, Android™ Platform, available from: http://www.android.com/; http://developer.android.com/index.html
[9] HTC, Wildfire, available from: http://www.htc.com/www/product/wildfire/overview.html
[10] International Data Corporation (IDC) Worldwide Quarterly Mobile Phone Tracker, “Smartphone Market Grows 79.7% Year Over Year in First Quarter of 2011, According to IDC”, Kathy Nagamine, 05 May 2011, available from: http://www.idc.com/getdoc.jsp?containerId=prUS22815911
[11] S. Lin, K. Ying, S. chen, Z. Lee, “Particle swarm optimization for parameter determination and feature selection of support vector machines”, Expert system with applications. vol.35, no.4, pp.1817-1824, 2008.
[12] R. Meier, Professional Android™ 2 Application Development. Wiley Publishing Inc., pp.467-468, ISBN:978-0-470-56552-0, March 2010.
[13] Taido Nakajima, Gloria Lin, Pareet Rahul, “Systems and methods for identifying unauthorized users of an electronic device”, US Patent & Trademark Office, Serial No. 389106, 2009. available from: http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220100207721%22.PGNR.&OS=DN/20100207721&RS=DN/20100207721
[14] K. Revett, H. Jahankhani, S. T. de Magalhaes, H. M.D. Santos, “A survey of user authentication based on mouse dynamics”, Communications in Computer and Information Science (Global E-Security), Vol. 12, pp. 210-219, 2008.