Skip to main content
SpringerLink
Log in
Book cover

International Conference on E-Business and Telecommunications

ICETE 2016: E-Business and Telecommunications pp 241–265Cite as

A Methodology for Silent and Continuous Authentication in Mobile Environment

  • Conference paper
  • First Online:

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 764))

Abstract

Since the pervasiveness of mobile technologies has been increasing, sensitive user information is often stored on mobile devices. Currently, mobile devices do not verify the identity of the user after the login. This enables attackers full access to sensitive data and applications on the device, if they obtain the password or grab the device after login. In order to mitigate this risk, we propose a continuous and silent monitoring process based on a set of features: orientation, touch and cell tower. The assumption is that the features are representative of smartphone owner interaction with the device and this is the reason why the features can be useful to distinguish the owner from an impostor. Results show that our system, modeling the user behavior of 21 volunteer participants, obtains encouraging results, since we measured a precision in distinguishing an impostor from the owner between 99% and 100%.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://android.googlesource.com/platform/frameworks/native/+/master/include/android/window.h.

  2. 2.

    http://www.cs.waikato.ac.nz/ml/weka/.

  3. 3.

    https://play.google.com/store/apps/details?id=org.telegram.messenger&hl=it.

  4. 4.

    https://play.google.com/store/apps/details?id=com.whatsapp&hl=it.

References

  1. Akula, S., Devisetty, V.: Image based registration and authentication system. In: Proceedings of Midwest Instruction and Computing Symposium, vol. 4 (2004)

    Google Scholar 

  2. Davis, D., Monrose, F., Reiter, M.K.: On user choice in graphical password schemes. In: USENIX Security Symposium, vol. 13, p. 11 (2004)

    Google Scholar 

  3. Dhamija, R., Perrig, A.: Déjà Vu: a user study using images for authentication (2000)

    Google Scholar 

  4. Sae-Bae, N., Memon, N.: A simple and effective method for online signature verification. In: BIOSIG, pp. 1–12. IEEE (2013)

    Google Scholar 

  5. Shepherd, S.: Continuous authentication by analysis of keyboard typing characteristics. In: European Convention on Security and Detection, pp. 111–114. IET (1995)

    Google Scholar 

  6. Monrose, F., Rubin, A.: Authentication via keystroke dynamics. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 48–56. ACM (1997)

    Google Scholar 

  7. Bhattacharyya, D., Ranjan, R., Farkhod Alisherov, A., Choi, M.: Biometric authentication: a review. Int. J. u- e-Serv. Sci. Technol. 2(3), 13–28 (2009)

    Google Scholar 

  8. Bailey, K.O., Okolica, J.S., Peterson, G.L.: User identification and authentication using multi-modal behavioral biometrics. Comput. Secur. 43, 77–89 (2014)

    Article  Google Scholar 

  9. Joyce, R., Gupta, G.: Identity authentication based on keystroke latencies. Commun. ACM 33(2), 168–176 (1990)

    Article  Google Scholar 

  10. Brown, M., Rogers, S.J.: User identification via keystroke characteristics of typed names using neural networks. Int. J. Man Mach. Stud. 39(6), 999–1014 (1993)

    Article  Google Scholar 

  11. Ahmed, A.A.E., Traore, I.: Anomaly intrusion detection based on biometrics. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, IAW 2005, pp. 452–453. IEEE (2005)

    Google Scholar 

  12. Shen, C., Cai, Z., Guan, X., Cai, J.: A hypo-optimum feature selection strategy for mouse dynamics in continuous identity authentication and monitoring. In: 2010 IEEE International Conference on Information Theory and Information Security (ICITIS), pp. 349–353. IEEE (2010)

    Google Scholar 

  13. Gamboa, H., Fred, A.: A behavioral biometric system based on human-computer interaction. In: Defense and Security, International Society for Optics and Photonics, pp. 381–392 (2004)

    Google Scholar 

  14. Canfora, G., Notte, P.D., Mercaldo, F., Visaggio, C.A.: Silent and continuous authentication in mobile environment. In: Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (ICETE 2016) - Volume 4: SECRYPT, pp. 97–108, Lisbon, Portugal, 26–28 July 2016 (2016)

    Google Scholar 

  15. Koreman, J., Morris, A., Wu, D., Jassim, S., Sellahewa, H., Ehlers, J., Chollet, G., Aversano, G., Bredin, H., Garcia-Salicetti, S., et al.: Multi-modal biometric authentication on the securephone PDA. In: Proceedings of the MMUA workshop on Multimodal User Authentication (2006)

    Google Scholar 

  16. Nicholson, A.J., Corner, M.D., Noble, B.D.: Mobile device security using transient authentication. IEEE Trans. Mob. Comput. 5(11), 1489–1502 (2006)

    Article  Google Scholar 

  17. Dunphy, P., Heiner, A.P., Asokan, N.: A closer look at recognition-based graphical passwords on mobile devices. In: Proceedings of the Sixth Symposium on Usable Privacy and Security, p. 3. ACM (2010)

    Google Scholar 

  18. De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touch me once and I know it’s you!: Implicit authentication based on touch screen patterns. In: Proceedings of the SIGCHI, pp. 987–996. ACM (2012)

    Google Scholar 

  19. Zheng, N., Bai, K., Huang, H., Wang, H.: You are how you touch: user verification on smartphones via tapping behaviors. In: ICNP, pp. 221–232. IEEE (2014)

    Google Scholar 

  20. Seo, H., Kim, E., Kim, H.K.: A novel biometric identification based on a users input pattern analysis for intelligent mobile devices. Int. J. Adv. Rob. Syst. 9, 1–10 (2012)

    Article  Google Scholar 

  21. Riva, O., Qin, C., Strauss, K., Lymberopoulos, D.: Progressive authentication: deciding when to authenticate on mobile phones. In: Presented as part of the 21st USENIX Security Symposium (USENIX Security 12), pp. 301–316 (2012)

    Google Scholar 

  22. Kwapisz, J.R., Weiss, G.M., Moore, S.A.: Cell phone-based biometric identification. In: 2010 Fourth IEEE International Conference on Biometrics: Theory Applications and Systems (BTAS), pp. 1–7. IEEE (2010)

    Google Scholar 

  23. Frank, M., Biedert, R., Ma, E.D., Martinovic, I., Song, D.: Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE Trans. Inf. Forensics Secur. 8(1), 136–148 (2013)

    Article  Google Scholar 

  24. Killourhy, K.S., Maxion, R.A.: Comparing anomaly-detection algorithms for keystroke dynamics. In: IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009, pp. 125–134. IEEE (2009)

    Google Scholar 

  25. Bo, C., Zhang, L., Jung, T., Han, J., Li, X.Y., Wang, Y.: Continuous user identification via touch and movement behavioral biometrics. In: 2014 IEEE International Performance Computing and Communications Conference (IPCCC), pp. 1–8. IEEE (2014)

    Google Scholar 

  26. Murmuria, R., Stavrou, A., Barbará, D., Fleck, D.: Continuous authentication on mobile devices using power consumption, touch gestures and physical movement of users. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 405–424. Springer, Cham (2015). doi:10.1007/978-3-319-26362-5_19

    Chapter  Google Scholar 

  27. Gascon, H., Uellenbeck, S., Wolf, C., Rieck, K.: Continuous authentication on mobile devices by analysis of typing motion behavior. In: Sicherheit, pp. 1–12 (2014)

    Google Scholar 

  28. Clarke, N., Mekala, A.: Transparent handwriting verification for mobile devices. In: Proceedings of the Sixth International Network Conference (INC 2006), pp. 11–14, Plymouth, UK. Citeseer (2006)

    Google Scholar 

  29. Brocardo, M.L., Traore, I.: Continuous authentication using micro-messages. In: Privacy, Security and Trust (PST), pp. 179–188. IEEE (2014)

    Google Scholar 

  30. Wu, J.S., Lin, W.C., Lin, C.T., Wei, T.E.: Smartphone continuous authentication based on keystroke and gesture profiling. In: 2015 International Carnahan Conference on Security Technology (ICCST), pp. 191–197. IEEE (2015)

    Google Scholar 

  31. Piuri, V., Scotti, F.: Fingerprint biometrics via low-cost sensors and webcams. In: 2nd IEEE International Conference on Biometrics: Theory, Applications and Systems, BTAS 2008, pp. 1–6. IEEE (2008)

    Google Scholar 

  32. Kotropoulos, C., Samaras, S.: Mobile phone identification using recorded speech signals. In: 2014 19th International Conference on Digital Signal Processing (DSP), pp. 586–591. IEEE (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Engineering, University of Sannio, Benevento, Italy

    Gerardo Canfora & Corrado Aaron Visaggio

  2. Koine srl, Benevento, Italy

    Paolo di Notte

  3. Institute for Informatics and Telematics, National Research Council of Italy (CNR), Pisa, Italy

    Francesco Mercaldo

Authors
  1. Gerardo Canfora
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paolo di Notte
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Francesco Mercaldo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Corrado Aaron Visaggio
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Corrado Aaron Visaggio .

Editor information

Editors and Affiliations

  1. Department of Computer and Information Science, Fordham University, Bronx, New York, USA

    Mohammad S. Obaidat

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Canfora, G., di Notte, P., Mercaldo, F., Visaggio, C.A. (2017). A Methodology for Silent and Continuous Authentication in Mobile Environment. In: Obaidat, M. (eds) E-Business and Telecommunications. ICETE 2016. Communications in Computer and Information Science, vol 764. Springer, Cham. https://doi.org/10.1007/978-3-319-67876-4_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67876-4_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67875-7

  • Online ISBN: 978-3-319-67876-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation