|Abstract: ||近年來，多數的機密與隱私資訊皆透過數位技術儲存於近端裝置或遠端資訊系統。因此，確保數位資訊存取的安全性，成為一項重要的議題。目前，主要存取數位資訊的方式是透過電腦與行動裝置，且普遍以密碼進行使用者認證。基本上，密碼在認證過程，需直接與使用者互動，屬侵入式(Intrusive)的安全機制；而且有遺忘、盜用與肩窺(Shoulder Surfing)的問題。根據近年的市調，有60%–80%的智慧型手機使用者會因便利性而關閉侵入式安全機制。因此，研發非侵入式使用者認證機制(Nonintrusive Authentication Mechanism)是必要的。 行為特徵(例如：滑鼠游標動態、步態或觸控手勢)，是透過量測個體行為所得到的結果與數據，具備獨特性、一致性與可靠性。其取得方式，可透過感應器以侵入式或非侵入式兩種模式。因此，以行為特徵研發電腦系統或行動裝置上的非侵入式使用者認證機制，是一可行方案。在目前的研究中，電腦系統採用滑鼠游標動態是一個可連續識別使用者的有效方法，且此類行為特徵可在被動且不需要額外硬體支援的情境下取得；另一方面，手機內建的感應器(如：觸控螢幕、方位與加速度感測器)亦被用於開發非侵入式認證機制。為提升電腦系統與行動裝置的安全性，本論文分別以滑鼠游標動態與智慧型手機內建感測器為基礎的行為特徵，研發創新的非侵入式認證機制。|
Recently, the information security has become an important issue since confidential information have been digitalized and stored in local storage and/or remote systems. Computers and smartphones are two commonly used devices for accessing these information. PIN codes and passwords are widely adopted authentication mechanisms for the computer systems and smartphones, they may not be sufficient to protect the confidential information of users against the growing threat posed by cyber-criminals. The reason is that passwords may be forgotten or stolen via shoulder surfing; moreover, they are intrusive; that is, they require explicit interaction with users. Furthermore, recent surveys reported that 60%–80% of smartphone users disable these authentication features to avoid the inconvenience these features cause. Therefore, nonintrusive authentication mechanisms, which could transparently authenticate users, have to be developed. Behavioral biometrics, such as mouse dynamics, gait, and touch gestures, are the measurements and data derived from an individual’s actions; moreover, each of them is unique, consistent, and reliable. Therefore, it is possible to adopt behavioral biometrics for developing nonintrusive authentication mechanisms since they could be intrusively and/or nonintrusively acquired via hardware devices or sensors. Previous studies have reported that mouse dynamics is effective for nonintrusive authentication because it could be passively collected without an additional hardware. On the other hand, the smartphone-built-in sensors, such as touchscreen, orientation sensor and accelerometer, have been adopted to propose nonintrusive authentication mechanisms for smartphone users. This dissertation therefore separately adopts mouse dynamics and smartphone-built-in sensors to propose novel nonintrusive authentication approaches for improving the security of the computer systems and smartphones.