Multi-source Interactive Behavior Analysis for Continuous User Authentication on Smartphones
Analyzing smartphone users’ behavioral characteristics for recognizing the identities has received growing interest from security and biometric researchers. Extant smartphone authentication methods usually provide one-time identity verification in some specific applications, but the authenticated user is still subject to masquerader attacks or session hijacking. This paper presents a novel smartphone authentication approach by analyzing multi-source user-machine usage behavior (i.e., power consumption, physical sensors, and touchscreen interactions), which can continuously verify the presence of a smartphone user. Extensive experiments are conducted to show that our authentication approach can be up to a relatively high accuracy with an equal-error rate of 5.5%. This approach can also be seamlessly integrated with existing authentication methods, which does not need additional hardware and is transparent to users.
KeywordsContinuous authentication Motion sensor Smartphone security
This research was supported in part by National Natural Science Foundation of China (U1736205, 61773310, 61403301), China Postdoctoral Science Foundation (2014M560783), Special Foundation of China Postdoctoral Science (2015T81032), Natural Science Foundation of Shaanxi Province (2015JQ6216), Application Foundation Research Program of SuZhou (SYG201444), Open Projects Program of National Laboratory of Pattern Recognition, and Fundamental Research Funds for the Central Universities (xjj2015115). Chao Shen is the corresponding author.
- 1.Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., Beznosov, K.: Know your enemy: the risk of unauthorized access in smartphones by insiders. In: Proceedings of the 15th International Conference on Human-computer Interaction with Mobile Devices and Services, pp. 271–280. ACM, New York (2013)Google Scholar
- 2.Karlson, A.K., Brush, A.B., Schechter, S.: Can I borrow your phone?: understanding concerns when sharing mobile phones. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2009, pp. 1647–1650. ACM (2009)Google Scholar
- 6.Shen, C., Cai, Z., Guan, X.: Continuous authentication for mouse dynamics: a pattern-growth approach. In: Proceedings of IEEE/IFIP DSN (2012)Google Scholar
- 8.Tsapeli, F., Musolesi, M.: Investigating causality in human behavior from smartphone sensor data: a quasi-experimental approach. EPJ Data Sci. 4(1) (2015)Google Scholar
- 9.Yu, C.C.: Degradation model for device reliability. In: Proceedings of 18th International Reliability Physics Symposium, pp. 52–54 (1980)Google Scholar
- 11.Hu, C., Tam, S.C., Hsu, F.C., Ko, P.K., Chan, T.Y., Terrill, K.W.: Hot-electron-induced MOSFET degradation-model, monitor, and improvement. IEEE Trans. Electron Devices ED-32, 375–385 (1985)Google Scholar
- 12.Murmuria, R., Stavrou, A., Barbará, D., Fleck, D.: Continuous authentication on mobile devices using power consumption, touch gestures and physical movement of users. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 405–424. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26362-5_19CrossRefGoogle Scholar
- 14.Alzubaidi, A., Kalita, J.: Authentication of smartphone users using behavioral biometrics. J. IEEE Commun. Surv. Tutorials 1998–2026 (2016)Google Scholar
- 22.Chang, C.C., Lin, C.J.: LIBSVM: a library for support vector machines. ACM Trans. Intell. Syst. Technol. 2(3) (2011)Google Scholar