Abstract
As modern mobile devices are increasing in their capability and accessibility, they introduce additional demands in terms of security - particularly authentication. With the widely documented poor use of PINs, Active Authentication is designed to overcome the fundamental issue of usable and secure authentication through utilizing biometric-based techniques to continuously verify user identity. This paper proposes a novel text-based multimodal biometric approach utilizing linguistic analysis, keystroke dynamics and behavioral profiling. Experimental investigations show that users can be discriminated via their text-based entry, with an average Equal Error Rate (EER) of 3.3%. Based on these findings, a framework that is able to provide robust, continuous and transparent authentication is proposed. The framework is evaluated to examine the effectiveness of providing security and user convenience. The result showed that the framework is able to provide a 91% reduction in the number of intrusive authentication requests required for high security applications.
Chapter PDF
Similar content being viewed by others
Keywords
References
Ericsson.: Traffic and market report on the pulse of the networked society, http://www.ericsson.com/res/docs/2012/traffic_and_market_report_june_2012.pdf
Kaspersky Lab.: European Users Mobile Behaviour and Awareness of MobileThreats, http://www.kaspersky.com/news?id=207576289
Dimensional Research.: The impact of mobile devices on information security: A survey of IT professionals, http://www.checkpoint.com/downloads/products/check-point-mobile-security-survey-report.pdf
McAfee.: McAfee Reveals Consumers Fail To Protect Their Mobile Devices, http://www.mcafee.com/us/about/news/2013/q1/20130224-01.aspx
Clarke, N., Furnell, S.M.: Authentication of users on mobile telephones – A survey of attitudes and practices. Computer & Security 24(7), 519–527 (2005)
Karatzouni, S., Clarke, N., Furnell, M.: Utilising Biometric for transparent user authentication on mobile devices. In: 2nd Internet Technologies and Applications, pp. 549–557 (2007)
Li, F., Clarke, N., Papadaki, M., Dowland, P.: Behaviour Profiling for Transparent Authentication for Mobile Devices. In: Proceedings of the 10th European Conference on Information Warfare (ECIW), Tallinn, Estonia, pp. 307–314 (2011)
Sim, T., Zhang, S., Janakiraman, R., Kumar, S.: Continuous verification using multimodal biometrics. Pattern Analysis and Machine Intelligence 29(4), 687–700 (2007)
Kittler, J., Matas, J., Jonsson, K., Ramos Sanchez, M.U.: Combining Evidence in Personal Identity Verification Systems. Pattern Recognition Letters 18, 845–852 (1997)
Poh, N., Korczak, J.: Hybrid Biometric Person Authentication Using Face and Voice Features. In: Bigun, J., Smeraldi, F. (eds.) AVBPA 2001. LNCS, vol. 2091, pp. 348–353. Springer, Heidelberg (2001)
Snelick, R., Uludag, U., Mink, A., Indovina, M., Jain, A.K.: Large-Scale Evaluation of Multimodal Biometric Authentication Using State-of-the-Art Systems. IEEE Transactions on Pattern Analysis and Machine Intelligence 27(4), 450–455 (2005)
Cmo Council, http://www.fastcompany.com/3010237/bottom-line/texting-is-the-new-email-does-your-company-do-it-right
ComputerWeekly, http://www.computerweekly.com/news/2240205200/Apple-adopts-hands-off-approach-to-iPhone-fingerprint-scanner
MIT Technology Review, http://www.technologyreview.com/news/425805/new-google-smart-phone-recognizes-your-face/
Rudman, J.: The state of authorship attribution studies: Some problems and solutions. Computers and the Humanities 31, 351–365 (1998)
Halteren, V.H.: Linguistic Profiling for Author Recognition and Verification, In: 42nd Annual Meeting on Association for Computational Linguistics (ACL 2004). Association for Computational Linguistics, Morristown (2004)
Zheng, R., Li, J., Chen, H., Huang, Z.: A Framework for Authorship Identification of Online Messages: Writing-Style Features and Classification Techniques. Journal of the American Society for Information Science and Technology 53, 378–393 (2006)
Boukerche, A., Nitare, M.S.M.A.: Behavior-based intrusion detection in mobile phone systems. J. Parallel Distrib. Comput. 62(9), 1476–1490 (2002)
Damopoulos, D., Menesidou, S., Kambourakis, Papadaki, M., Clarke, N., Gritzalis, S.: Evaluation of Anomaly-Based IDS for Mobile Devices Using Machine Learning Classifiers. Security and Communication Networks 5(1), 3–14 (2012)
Buschkes, R., Kesdogan, D., Reichl, P.: How to increase security in mobile networks by anomaly detection. In: Proceedings of the 14th Annual Computer Security Applications Conference, pp. 3–12 (1998)
Hall, J., Barbeau, M., Kranakis, E.: Anomaly based intrusion detection using mobility profiles of public transportation users. In: Proceeding of IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, vol. 2, pp. 17–24 (2005)
Biopassword.: the keystroke dynamics approach, http://www.biopassword.com/bp2/welcome.asp
Behaviosec, http://www.behaviosec.com/products/enterprise/
Clarke, N., Furnell, S.M.: Authenticating Mobile Phone Users Using Keystroke Analysis. International Journal of Information Security, 1–14 (2006) ISSN: 1615-5262
Indovina, M., Uludag, U., Snelick, R., Mink, A., Jain, A.: Multimodal biometric authentication methods: a COTS approach. In: Proc. MMUA, pp. 99–106 (2003)
Eagle, N., Pentland, A., Lazer, D.: Inferring Social Network Structure using Mobile Phone Data. Proceeding of National Academy of Sciences (PNAS) 106, 15274–1578 (2009)
Ashbourne, J.: Biometric, Advanced identity verification. The complete guide. Springer (2000)
Jain, A.K., Nandakumar, K., Ross, A.: Score normalization in multimodal biometric systems. Pattern Recognition 38(12), 2270–2285 (2005)
Clarke, N., Furnell, S.M. and Reynolds P.L.: Biometric Authenticating for Mobile Devices. In: 3rd Australian Information Warfare and Security Conference, Western Australia, (2002)
Lederm, T., Clarke, N.L.: Risk assessment for mobile devices. In: Furnell, S., Lambrinoudakis, C., Pernul, G. (eds.) TrustBus 2011. LNCS, vol. 6863, pp. 210–221. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Saevanee, H., Clarke, N., Furnell, S., Biscione, V. (2014). Text-Based Active Authentication for Mobile Devices. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds) ICT Systems Security and Privacy Protection. SEC 2014. IFIP Advances in Information and Communication Technology, vol 428. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55415-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-55415-5_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55414-8
Online ISBN: 978-3-642-55415-5
eBook Packages: Computer ScienceComputer Science (R0)