This document proposes OpenSesame, a system for unlocking smartphones through handwaving biometrics. It analyzes handwaving patterns collected from 200 users to find unique characteristics. OpenSesame extracts four statistical features from handwaving data using sensors. It uses support vector machines to accurately classify users based on their waving patterns within 1-2 seconds. Experiments show OpenSesame achieves low false positive rates of around 5% on average.

1. OPENSESAME: UNLOCKING
SMART PHONE THROUGH
HANDWAVING BIOMETRICS
Aravind M
Roll No: 01
(12151201)
S7 CSE

2. CONTENTS
I. ABSTRACT
II. INTRODUCTION
III. WAVING CHARACTERISATION
IV. OPEN SESAME
V. IMPLEMENTATION AND
EVALUATION
VI. CONCLUSION
VII.REFERENCES

3. ABSTRACT
Screen locking/unlocking is important for modern smart phones to avoid the
unintentional operations and secure the personal stuff. Once the phone is
locked, the user should take a specific action or provide some secret
information to unlock the phone. The existing unlocking approaches can be
categorized into four groups: motion, password, pattern, and fingerprint.
Existing approaches do not support smart phones well due to the deficiency of
security, high cost, and poor usability. We collect 200 users’ handwaving
actions with their smart phones and discover an appealing observation: the
waving pattern of a person is kind of unique, stable and distinguishable. In this
paper, we propose OpenSesame, which employs the users’ waving patterns for
locking/unlocking. The key feature of our system lies in using four fine-
grained and statistic features of handwaving to verify users. Moreover, we
utilize support vector machine (SVM) for accurate and fast classification. Our
technique is robust compatible across different brands of smart phones,
without the need of any specialized hardware. Results from comprehensive
experiments show that the mean false positive rate of OpenSesame is around

4. INTRODUCTION
Nowadays, smart phones are no longer the devices that are
only used to call or text others. Screen locker is a
fundamental utility for smart phones to prevent the device
from unauthorized use. Classical screen lockers have been
proposed long time back. Some of them are:
• Slide to Unlock
• PIN
• Graphical password and so on...

5. To enhance the security as well as the flexibility, many
biometric authentication methods are introduced for screen
lockers. The secrets of these methods cannot be easily spied
and reproduced since they identify based on the user’s natural
features. The biometric measures are grouped into two main
categories:
• Physiological biometrics
• Behavior biometrics
By behavior biometrics, different users wave their smart phones
to produce distinct features. These features derive from user’s

6. WAVING CHARACTERIZATION
WAVING SENSING
• Precisely characterizing user’s waving actions, selecting
appropriate sensors is necessary. As the tremendous
growth of MEMS technology, there are many powerful
sensors equipped in our smart phone today, such as
camera, microphone, proximity sensor, accelerometer,
gyroscope, and magnetic sensor etc.
• The selected sensor should be able to depict the
handwaving. In addition, it should be energy-efficient,
stable, cheap, and compatible for wide deployment in
most kinds of smart phones.
• The accelerometer allows smart phones to detect the

7. DATA COLLECTION
• For investigating the uniqueness of handwaving, we collect the waving
action data from 200 distinct smart phone users. For each specific user,
he is asked to shake the smart phone for more than 10 seconds and
repeat for three times.
• The data is collected in two sampling modes: fast and normal modes.
• In the fast mode, the accelerometer samples every 10 to 20 milliseconds,
corresponding to the acceleration value change rate. rate.There are 100
users’ traces collected using this mode. In the normal mode, the
sampling interval is 200 milliseconds and 100 users’ traces are sampled.
• All the raw waving action are recorded as a sequence of tuples
represented as (xt, yt, zt)

8. WAVING MEASUREMENT
• The traces are illustrated in a 3-D acceleration space,
short for A-Space, where the raw tuple (xt, yt, zt) are
connected in time order.

9. We define the waving function to measure the global
geometric properties of the waving shapes, which is formally
given by:
f = S(A)
where A = {(xt0 , yt0 , zt0 ), (xt1 , yt1 , zt1 ) · · · , (xtn , ytn
, ztn )}. A is a set of raw waving tuples collected during t0
and tn.
The waving function considers A as input and outputs a
feature vector f . A good waving function should have the
following properties:
 Efficiency
 Invariance

10. For meeting above four requirements, we propose four waving
functions, S1, S2, S3, S4, as follows:
S1: The centroid C is computed first and then two random
points A and B in the A-Space are cho- sen. The angle
∠ACB among these three points are measured. The selection of
random points is repeated for N times. At a result, N angles
output and the corresponding PDF of these angles is reported
as the
feature vector.
S2: This waving function is similar to the S1. The difference is
that all of these three points are randomly selected. One angle
among the three angles formed by these three points is
recorded. As the result, the corresponding PDF of these angles

11. S3: While both S1 and S2 concentrate on the angle
parameter, the other two waving functions, S3 and S4, focus
on the distances among the points. S3 randomly selects N
points and calculates the Euclidean distance between the
centroid and these N selected points. Fi- nally, the
corresponding PDF of distances is calculated as the feature
vector.
S4: Randomly selects N pair of points and calculates their
Euclidean distance. The PDF of these distances is the
feature vector.

13. OPENSESAME
OVERVIEW
 Sensing: This component is straightforward used
to record the user’s handwaving action data.
 Filter: In practice, we find that there always exist
some silent periods when no waving or very low
level sensing data is detected. For better feature
extraction, we use filter component to wipe out the
silent periods.

14. Fetcher: The filtered raw tuples is feeded into
fetcher component in which four waving functions
are applied to fetch the waving features.
Classifier: To discriminate the authorized users
and unauthorized users, the Support Vector
Machine(SVM) is employed in our system for
classification.
Matcher: In the last component, the extracted
feature is used to determine whether it matches the
pre-defined one.

15. FILTER
Silent periods will seriously affect the accuracy of
OpenSesame, we must filter those data captured during this
periods. The i th raw tuple with composed acceleration value
Ai is wiped out if it satisfies the equation:
where b is called the tolerant static period, representing
the amount of acceleration points used to determine the
stability of an acceleration point. The α is the threshold to
filter the silent points.

16. Comparing the features before and after filtering

17. FETCHER
• After the filter component, we need to generate the
feature vector of the user’s handwaving action.
• Using the field set as an input has two shortcomings.
•
• First, the amount of acceleration points in a field set is
large, usually more than 1000.
• Second, to unlock the smart phone, the user is required
to shake his smart phone for a period to generate same
amount of waving data.

18. • The waving action of user always shows the property
of repeating.
• Inorder to generate the feature vectors: we first
select a window with size w, where w is much
smaller than the size of the field set of data.
• Then we apply the waving function on this input and
deliver the PDF of the feature vectors to describe the
feature of the waving action.

19. CLASSIFIER
• The feature classifier is designed to generate a standard
to discriminate authorizeds user and unauthorized users
with the feature vectors of the input waving action data
• In OpenSesame, the support vector machine, SVM for short,
is selected as the classifier. The SVM classifier is used to
classify a group of linear-inseparable training tuples into
two classes.
•

20. • By injecting enough amount of training tuples into the
SVM classifier, a classification model can be achieve to
verify the authentication data of user.
• In OpenSesame, the label of the training tuple is
either+1 or −1.
• When y = +1, the tuple is generated from the class of
unauthorized users. On the contrary, y = −1 means the
tuple belongs to the authorized user’s class.

21. MATCHER
• The matcher component is performed when the user
activates the authentication interface of OpenSesame and
wants to unlock the smart phone.
• The user shakes the smart phone to input his waving
action as the authentication data.
• The most important requirement is that the feature
matching phase has to be processed within a short time
period, say 1 or 2 seconds.

22. • To reduce the response time, two aspects need to be
considered. The first issue is to reduce the amount of
repetition when doing authentication. This can be achieved
by reducing the false negative rate of authentication.
• The second issue is to reduce the waving time in the
matcher component.By using a small waving function input
with window size w, the waving time can be reduced .
• We calculate the real-time stability of the i th point as Pi
𝑥=𝑖−𝑏
𝑖
(Ax − 𝑦=𝑖−𝑏
𝑖 𝐴𝑦
𝑏+1
)
2
.
• Once the real-time stability value is greater than the
threshold, acceleration point Pi is set to be the initial point,
and the waving action detection terminates when
acceleration point sequence {Pi , Pi+1, ..., Pi+w} is

23. IMPLEMENTATION AND
EVALUATION
Implementation App

24. • We implement OpenSesame in Android-based
smart phones. The version of Android system is
2.3.3. the app is developed with Android-SDK
using Java SE.
• We use the open source library tool, LIBSVM [16],
to perform the classification of SVM. LIBSVM is an
integrated software for support vector
classification. The version we used is LIBSVM-
3.12.

25. METRICS
We evaluate OpenSesame in terms of the authentication
accuracy. The authentication accuracy is measured via the
following metrics:
 False Negative Rate (FNR)
 True Positive Rate (TPR)
 False Positive Rate (FPR)

26. EXPERIMENT SETUP
• For investigating the uniqueness of handwaving, we
collect the waving action data from 200 distinct smart
phone users.
• Then he pushes the button of ‘start’ on the screen and
begins to wave the smart phone until the hint sound is
played by the smart phone.
• This waving process lasts for more than 10 seconds.
The user repeats the above action for three times to
terminate the data collection.

27. IMPACT OF WAVING
FUNCTIONSThere are four waving functions to parameterize the A- Space
representation of handwaving and maintains the window size as 50
tuples.

28. IMPACT OF SVM
• Window size is an important factor.

29. • We change the windows size from 5 to 50 with the
increment of 5 and employ S4 for testing.
• The average FNR decreases from 20% to 8% and the
average FPR reduces from 42% to 18% as the window size
increases. This shows that the larger window helps
improve the accuracy.
• The number of training tuples also affect the accuracy

30. IMPACT OF SAMPLING
RATE

31. IMPACT OF USER MOTION

32. IMPACT OF SMART
PHONE’S ORIENTATION

33. CONCLUSION
We propose a novel behavioral biometric- based
authentication approach called OpenSesame for smart phone.
We design four waving functions to fetch the unique pattern of
user’s handwaving actions. By applying the SVM classifier, the
smart phone can accurately verify the authorized user with the
pattern of handwaving action. Experiment results based on
200 distinct users’ handwaving actions show that the
OpenSesame reaches high level of se- curity and robustness,
and achieves good user’s experience.

34. REFERENCES
• D. Florencio and C. Herley, “A large-scale study of web password
habits,” in Proc. of ACM WWW, 2007.
• J. Bonneau, “The science of guessing: analyzing an anonymized
corpus of 70 million passwords,” in Proc. of IEEE Security and
Privacy (SP), 2012.
• H.-A. Park, J. W. Hong, J. H. Park, J. Zhan, and D. H. Lee,
“Combined authentication-based multilevel access control in
mobile application for dailylifeservice,” IEEE Transactions on
Mobile Com- puting, 2010

35. THANK YOU ALL