Advanced user authentification for mobile devices

Access to the full-text thesis is no longer available at the author's request, due to 3rd party copyright restrictions. Access removed on 28.11.2016 by CS (TIS).Metadata merged with duplicate record ( http://hdl.handle.net/10026.1/1101 - now deleted) on 20.12.2016 by CS (TIS).Recent years have witnessed widespread adoption of mobile devices. Whereas initial popularity was driven by voice telephony services, capabilities are now broadening to allow an increasing range of data orientated services. Such services serve to extend the range of sensitive data accessible through such devices and will in turn increase the requirement for reliable authentication of users. This thesis considers the authentication requirements of mobile devices and proposes novel mechanisms to improve upon the current state of the art. The investigation begins with an examination of existing authentication techniques, and illustrates a wide range of drawbacks. A survey of end-users reveals that current methods are frequently misused and considered inconvenient, and that enhanced methods of security are consequently required. To this end, biometric approaches are identified as a potential means of overcoming the perceived constraints, offering an opportunity for security to be maintained beyond pointof- entry, in a continuous and transparent fashion. The research considers the applicability of different biometric approaches for mobile device implementation, and identifies keystroke analysis as a technique that can offer significant potential within mobile telephony. Experimental evaluations reveal the potential of the technique when applied to a Personal Identification Number (PIN), telephone number and text message, with best case equal error rates (EER) of 9%, 8% and 18% respectively. In spite of the success of keystroke analysis for many users, the results demonstrate the technique is not uniformly successful across the whole of a given population. Further investigation suggests that the same will be true for other biometrics, and therefore that no single authentication technique could be relied upon to account for all the users in all interaction scenarios. As such, a novel authentication architecture is specified, which is capable of utilising the particular hardware configurations and computational capabilities of devices to provide a robust, modular and composite authentication mechanism. The approach, known as IAMS (Intelligent Authentication Management System), is capable of utilising a broad range of biometric and secret knowledge based approaches to provide a continuous confidence measure in the identity of the user. With a high confidence, users are given immediate access to sensitive services and information, whereas with lower levels of confidence, restrictions can be placed upon access to sensitive services, until subsequent reassurance of a user's identity. The novel architecture is validated through a proof-of-concept prototype. A series of test scenarios are used to illustrate how IAMS would behave, given authorised and impostor authentication attempts. The results support the use of a composite authentication approach to enable the non-intrusive authentication of users on mobile devices.Orange Personal Communication Services Ltd

Harnessing the Power of Generative Models for Mobile Continuous and Implicit Authentication

Authenticating a user's identity lies at the heart of securing any information system. A trade off exists currently between user experience and the level of security the system abides by. Using Continuous and Implicit Authentication a user's identity can be verified without any active participation, hence increasing the level of security, given the continuous verification aspect, as well as the user experience, given its implicit nature. This thesis studies using mobile devices inertial sensors data to identify unique movements and patterns that identify the owner of the device at all times. We implement, and evaluate approaches proposed in related works as well as novel approaches based on a variety of machine learning models, specifically a new kind of Auto Encoder (AE) named Variational Auto Encoder (VAE), relating to the generative models family. We evaluate numerous machine learning models for the anomaly detection or outlier detection case of spotting a malicious user, or an unauthorised entity currently using the smartphone system. We evaluate the results under conditions similar to other works as well as under conditions typically observed in real-world applications. We find that the shallow VAE is the best performer semi-supervised anomaly detector in our evaluations and hence the most suitable for the design proposed. The thesis concludes with recommendations for the enhancement of the system and the research body dedicated to the domain of Continuous and Implicit Authentication for mobile security

Dynamic adversarial mining - effectively applying machine learning in adversarial non-stationary environments.

While understanding of machine learning and data mining is still in its budding stages, the engineering applications of the same has found immense acceptance and success. Cybersecurity applications such as intrusion detection systems, spam filtering, and CAPTCHA authentication, have all begun adopting machine learning as a viable technique to deal with large scale adversarial activity. However, the naive usage of machine learning in an adversarial setting is prone to reverse engineering and evasion attacks, as most of these techniques were designed primarily for a static setting. The security domain is a dynamic landscape, with an ongoing never ending arms race between the system designer and the attackers. Any solution designed for such a domain needs to take into account an active adversary and needs to evolve over time, in the face of emerging threats. We term this as the ‘Dynamic Adversarial Mining’ problem, and the presented work provides the foundation for this new interdisciplinary area of research, at the crossroads of Machine Learning, Cybersecurity, and Streaming Data Mining. We start with a white hat analysis of the vulnerabilities of classification systems to exploratory attack. The proposed ‘Seed-Explore-Exploit’ framework provides characterization and modeling of attacks, ranging from simple random evasion attacks to sophisticated reverse engineering. It is observed that, even systems having prediction accuracy close to 100%, can be easily evaded with more than 90% precision. This evasion can be performed without any information about the underlying classifier, training dataset, or the domain of application. Attacks on machine learning systems cause the data to exhibit non stationarity (i.e., the training and the testing data have different distributions). It is necessary to detect these changes in distribution, called concept drift, as they could cause the prediction performance of the model to degrade over time. However, the detection cannot overly rely on labeled data to compute performance explicitly and monitor a drop, as labeling is expensive and time consuming, and at times may not be a possibility altogether. As such, we propose the ‘Margin Density Drift Detection (MD3)’ algorithm, which can reliably detect concept drift from unlabeled data only. MD3 provides high detection accuracy with a low false alarm rate, making it suitable for cybersecurity applications; where excessive false alarms are expensive and can lead to loss of trust in the warning system. Additionally, MD3 is designed as a classifier independent and streaming algorithm for usage in a variety of continuous never-ending learning systems. We then propose a ‘Dynamic Adversarial Mining’ based learning framework, for learning in non-stationary and adversarial environments, which provides ‘security by design’. The proposed ‘Predict-Detect’ classifier framework, aims to provide: robustness against attacks, ease of attack detection using unlabeled data, and swift recovery from attacks. Ideas of feature hiding and obfuscation of feature importance are proposed as strategies to enhance the learning framework\u27s security. Metrics for evaluating the dynamic security of a system and recover-ability after an attack are introduced to provide a practical way of measuring efficacy of dynamic security strategies. The framework is developed as a streaming data methodology, capable of continually functioning with limited supervision and effectively responding to adversarial dynamics. The developed ideas, methodology, algorithms, and experimental analysis, aim to provide a foundation for future work in the area of ‘Dynamic Adversarial Mining’, wherein a holistic approach to machine learning based security is motivated

Early diagnosis of disorders based on behavioural shifts and biomedical signals

There are many disorders that directly affect people’s behaviour. The people that are suffering from such a disorder are not aware of their situation, and too often the disorders are identified by relatives or co-workers because they notice behavioural shifts. However, when these changes become noticeable, it is often too late and irreversible damages have already been produced. Early detection is the key to prevent severe health-related damages and healthcare costs, as well as to improve people’s quality of life. Nowadays, in full swing of ubiquitous computing paradigm, users’ behaviour patterns can be unobtrusively monitored by means of interactions with many electronic devices. The application of this technology for the problem at hand would lead to the development of systems that are able to monitor disorders’ onset and progress in an ubiquitous and unobtrusive way, thus enabling their early detection. Some attempts for the detection of specific disorders based on these technologies have been proposed, but a global methodology that could be useful for the early detection of a wide range of disorders is still missing. This thesis aims to fill that gap by presenting as main contribution a global screening methodology for the early detection of disorders based on unobtrusive monitoring of physiological and behavioural data. The proposed methodology is the result of a cross-case analysis between two individual validation scenarios: stress in the workplace and Alzheimer’s Disease (AD) at home, from which conclusions that contribute to each of the two research fields have been drawn. The analysis of similarities and differences between the two case studies has led to a complete and generalized definition of the steps to be taken for the detection of a new disorder based on ubiquitous computing.Jendearen portaeran eragin zuzena duten gaixotasun ugari daude. Hala ere, askotan, gaixotasuna pairatzen duten pertsonak ez dira euren egoerataz ohartzen, eta familiarteko edo lankideek identifikatu ohi dute berau jokabide aldaketetaz ohartzean. Portaera aldaketa hauek nabarmentzean, ordea, beranduegi izan ohi da eta atzerazeinak diren kalteak eraginda egon ohi dira. Osasun kalte larriak eta gehiegizko kostuak ekiditeko eta gaixoen bizi kalitatea hobetzeko gakoa, gaixotasuna garaiz detektatzea da. Gaur egun, etengabe zabaltzen ari den Nonahiko Konputazioaren paradigmari esker, erabiltzaileen portaera ereduak era diskretu batean monitorizatu daitezke, gailu teknologikoekin izandako interakzioari esker. Eskuartean dugun arazoari konponbidea emateko teknologi hau erabiltzeak gaixotasunen sorrera eta aurrerapena nonahi eta era diskretu batean monitorizatzeko gai diren sistemak garatzea ekarriko luke, hauek garaiz hautematea ahalbidetuz. Gaixotasun konkretu batzuentzat soluzioak proposatu izan dira teknologi honetan oinarrituz, baina metodologia orokor bat, gaixotasun sorta zabal baten detekzio goiztiarrerako erabilgarria izango dena, oraindik ez da aurkeztu. Tesi honek hutsune hori betetzea du helburu, mota honetako gaixotasunak garaiz hautemateko, era diskretu batean atzitutako datu fisiologiko eta konportamentalen erabileran oinarritzen den behaketa sistema orokor bat proposatuz. Proposatutako metodologia bi balidazio egoera desberdinen arteko analisi gurutzatu baten emaitza da: estresa lantokian eta Alzheimerra etxean, balidazio egoera bakoitzari dagozkion ekarpenak ere ondorioztatu ahal izan direlarik. Bi kasuen arteko antzekotasun eta desberdintasunen analisiak, gaixotasun berri bat nonahiko konputazioan oinarrituta detektatzeko jarraitu beharreko pausoak bere osotasunean eta era orokor batean definitzea ahalbidetu du

Analyzing Granger causality in climate data with time series classification methods

Attribution studies in climate science aim for scientifically ascertaining the influence of climatic variations on natural or anthropogenic factors. Many of those studies adopt the concept of Granger causality to infer statistical cause-effect relationships, while utilizing traditional autoregressive models. In this article, we investigate the potential of state-of-the-art time series classification techniques to enhance causal inference in climate science. We conduct a comparative experimental study of different types of algorithms on a large test suite that comprises a unique collection of datasets from the area of climate-vegetation dynamics. The results indicate that specialized time series classification methods are able to improve existing inference procedures. Substantial differences are observed among the methods that were tested

Internet and Biometric Web Based Business Management Decision Support

Internet and Biometric Web Based Business Management Decision Support MICROBE MOOC material prepared under IO1/A5 Development of the MICROBE personalized MOOCs content and teaching materials Prepared by: A. Kaklauskas, A. Banaitis, I. Ubarte Vilnius Gediminas Technical University, Lithuania Project No: 2020-1-LT01-KA203-07810