This project investigates the feasibility of secure, robust, and usable gesture-based authentication as an alternative to traditional alphanumeric passwords and biometrics. It is motivated by the rapid increase in authentication-related security breaches and by the emergence of new human-computer interfaces. While the breaches have demonstrated the seriousness of the issue, two emerging types of gesture-based interfaces, multi-touch (smartphones, tablets) and camera-based (Kinect), offer a unique opportunity for robust solution.
The benefit of gesture-based authentication over a purely-biometric one lies in the fact that it combines involuntary biometric features (e.g., hand shape), that are irrevocable, with user-controlled voluntary characteristics that can be easily changed. Three research thrusts are being pursued: 1) gesture recognition algorithms (search for robust gesture features, their compact representation, and reliable classification algorithms), 2) human factors (study of uniqueness, repeatability, ergonomics, device dependence of gestures, and gesture complexity) and 3) security considerations (evaluation of authentication performance under a range of performance measures and different threat models).
A successful completion of this research will catalyze the development and adoption of next-generation authentication methods that are critically needed at the personal, institutional, and governmental levels. As the price paid (time, money, and resources) to repair a security breach can be astounding, this project will have substantial societal impact by increasing the sense of security and reducing breach-related costs. At educational level, this project is involved in middle and high school outreach at Boston University as well as the annual cybsersecurity competition CSAW at NYU-Poly.