Continuous User Authentication Using Machine Learning and Multi-finger Mobile Touch Dynamics with a Novel Dataset

As technology grows and evolves rapidly, it is increasingly clear that mobile devices are more commonly used for sensitive matters than ever before. A need to authenticate users continuously is sought after as a single-factor or multi-factor authentication may only initially validate a user, which doesn't help if an impostor can bypass this initial validation. The field of touch dynamics emerges as a clear way to non-intrusively collect data about a user and their behaviors in order to develop and make imperative security-related decisions in real time. In this paper we present a novel dataset consisting of tracking 25 users playing two mobile games - Snake.io and Minecraft - each for 10 minutes, along with their relevant gesture data. From this data, we ran machine learning binary classifiers - namely Random Forest and K-Nearest Neighbor - to attempt to authenticate whether a sample of a particular user's actions were genuine. Our strongest model returned an average accuracy of roughly 93% for both games, showing touch dynamics can differentiate users effectively and is a feasible consideration for authentication schemes. Our dataset can be observed at https://github.com/zderidder/MC-Snake-Results