Continuous authentication of smartphone users based on activity pattern recognition using passive mobile sensing

Smartphones are inescapable devices, which are becoming more and more intelligent and context-aware with emerging sensing, networking, and computing capabilities. They offer a captivating platform to the users for performing a wide variety of tasks including socializing, communication, sending or receiving emails, storing and accessing personal data etc. at anytime and anywhere. Nowadays, loads of people tend to store different types of private and sensitive data in their smartphones including bank account details, personal identifiers, accounts credentials, and credit card details. A lot of people keep their personal e-accounts logged in all the time in their mobile devices. Hence, these mobile devices are prone to different security and privacy threats and attacks from the attackers. Commonly used approaches for securing mobile devices such as passcode, PINs, pattern lock, face recognition, and fingerprint scan are vulnerable and exposed to several attacks including smudge attacks, side-channel attacks, and shoulder-surfing attacks. To address these challenges, a novel continuous authentication scheme is presented in this study, which recognizes smartphone users on the basis of their physical activity patterns using accelerometer, gyroscope, and magnetometer sensors of smartphone. A series of experiments are performed for user recognition using different machine learning classifiers, where six different activities are analyzed for multiple locations of smartphone on the user's body. SVM classifier achieved the best results for user recognition with an overall average accuracy of 97.95%. A comprehensive analysis of the user recognition results validates the efficiency of the proposed scheme

Detection and recognition of moving video objects: Kalman filtering with deep learning

© 2021. All rights reserved. Research in object recognition has lately found that Deep Convolutional Neuronal Networks (CNN) provide a breakthrough in detection scores, especially in video applications. This paper presents an approach for object recognition in videos by combining Kalman filter with CNN. Kalman filter is first applied for detection, removing the background and then cropping object. Kalman filtering achieves three important functions: predicting the future location of the object, reducing noise and interference from incorrect detections, and associating multi-objects to tracks. After detection and cropping the moving object, a CNN model will predict the category of object. The CNN model is built based on more than 1000 image of humans, animals and others, with architecture that consists of ten layers. The first layer, which is the input image, is of 100 * 100 size. The convolutional layer contains 20 masks with a size of 5 * 5, with a ruling layer to normalize data, then max-pooling. The proposed hybrid algorithm has been applied to 8 different videos with total duration of is 15.4 minutes, containing 23100 frames. In this experiment, recognition accuracy reached 100%, where the proposed system outperforms six existing algorithms

Continuous Authentication using Inertial-Sensors of Smartphones and Deep Learning

The legitimacy of users is of great importance for the security of information systems. The authentication process is a trade-off between system security and user experience. E.g., forced password complexity or multi-factor authentication can increase protection, but the application becomes more cumbersome for the users. Therefore, it makes sense to investigate whether the identity of a user can be verified reliably enough, without his active participation, to replace or supplement existing login processes. This master thesis examines if the inertial sensors of a smartphone can be leveraged to continuously determine whether the device is currently in possession of its legitimate owner or by another person. To this end, an approach proposed in related studies will be implemented and examined in detail. This approach is based on the use of a so-called Siamese artificial neural network to transform the measured values of the sensors into a new vector that can be classified more reliably. It is demonstrated that the reported results of the proposed approach can be reproduced under certain conditions. However, if the same model is used under conditions that are closer to a real-world application, its reliability decreases significantly. Therefore, a variant of the proposed approach is derived whose results are superior to the original model under real conditions. The thesis concludes with concrete recommendations for further development of the model and provides methodological suggestions for improving the quality of research in the topic of "Continuous Authentication".Für die Sicherheit von Informationssystemen ist die Legitimierung der Nutzer von großer Bedeutung. Der Authentifizierungsprozess ist dabei eine Gratwanderung zwischen Sicherheit des Systems und Benutzerfreundlichkeit. So können etwa erzwungene Passwortkomplexität oder Multi-Faktor-Authentifizierung den Schutz erhöhen, für Anwender wird die Bedienung jedoch umständlicher. Daher stellt sich die Frage, ob die Identität des Nutzers auch ohne seine aktive Mitwirkung zuverlässig genug verifiziert werden kann, um dadurch Anmeldeprozesse sinnvoll ersetzen oder ergänzen zu können. In dieser Masterarbeit wird die Frage untersucht, ob mithilfe der Inertialsensoren eines Smartphones kontinuierlich ermittelt werden kann, ob sich das Gerät gerade in Besitz seines rechtmäßigen Eigentümers befindet, oder von einem Dritten getragen wird. Hierzu wird ein in der Forschungsliteratur vorgeschlagener Ansatz nach implementiert und genauer untersucht. Der Ansatz basiert auf der Verwendung eines sogenannten siamesischen künstlichen neuronalen Netzwerks, um die Messwerte der Sensoren in einen anderen Vektor zu transformieren, der zuverlässiger klassifiziert werden kann. Im Ergebnis wird gezeigt, dass sich die berichteten Ergebnisse des vorgeschlagenen Ansatzes unter bestimmten Voraussetzungen reproduzieren lassen. Wird das gleiche Modell unter Bedingungen eingesetzt, die einer realen Anwendung näher kommen, nimmt die Zuverlässigkeit jedoch massiv ab. Daher wird eine Variante des genutzten Ansatzes hergeleitet, deren Ergebnisse dem ursprünglichen Modell unter realen Bedingungen überlegen sind. Die Arbeit schließt mit konkreten Empfehlungen zur Weiterentwicklung des Modells und gibt methodische Anregungen zur Qualitätssteigerung der Forschung in diesem Themenfeld der "Continuous Authentication"

Transparent User Authentication For Mobile Applications

The use of smartphones in our daily lives has grown steadily, due to the combination of mobility and round-the-clock multi-connectivity. In particular, smartphones are used to perform activities, such as sending emails, transferring money via mobile Internet banking, making calls, texting, surfing the Internet, viewing documents, storing medical, confidential and personal information, shopping online and playing games. Some active applications are considered sensitive and confidential and the risks are high in the event of the loss of any sensitive data or privacy breaches. In addition, after the point of entry, using techniques such as a PIN or password, the user of the device can perform almost all tasks, of different risk levels, without having to re-authenticate periodically to re-validate the user’s identity. Furthermore, the current point-of-entry authentication mechanisms consider all the applications on a mobile device to have the same level of importance and so do not apply any further access control rules. As a result, with the rapid growth of smartphones for use in daily life, securing the sensitive data stored upon them makes authentication of paramount importance. In this research, it is argued that within a single mobile application there are different processes operating on the same data but with differing risks attached. The unauthorised disclosure or modification of mobile data has the potential to lead to a number of undesirable consequences for the user. Thus, there is no single level of risk associated with a given application and the risk level changes during use. In this context, a novel mobile applications data risk assessment model is proposed to appreciate the risk involved within an application (intra-process security). Accordingly, there is a need to suggest a method to be applied continuously and transparently (i.e., without obstructing the user’s activities) to authenticate legitimate users, which is maintained beyond point of entry, without the explicit involvement of the user. To this end, a transparent and continuous authentication mechanism provides a basis for convenient and secure re-authentication of the user. The mechanism is used to gather user data in the background without requiring any dedicated activity, by regularly and periodically checking user behaviour to provide continuous monitoring for the protection of the smartphone. In order to investigate the feasibility of the proposed system, a study involving data collected from 76 participants over a one-month period using 12 mobile applications was undertaken. A series of four experiments were conducted based upon data from one month of normal device usage. The first experiment sought to explore the intra-process (i.e., within-app) and inter-process (i.e., access-only app) access levels across different time windows. The experimental results show that this approach achieved desirable outcomes for applying a transparent authentication system at an intra-process level, with an average of 6% intrusive authentication requests. Having achieved promising experimental results, it was identified that there were some users who undertook an insufficient number of activities on the device and, therefore, achieved a high level of intrusive authentication requests. As a result, there was a need to investigate whether a specific combination of time windows would perform better with a specific type of user. To do this, the numbers of intrusive authentication requests were computed based on three usage levels (high, medium and low) at both the intra- and inter-process access levels. This approach achieved better results when compared with the first set of results: the average percentage of intrusive authentication requests was 3%, which indicates a clear enhancement. The second and third experiments investigated only the intra-process and inter-process, respectively, to examine the effect of the access level. Finally, the fourth experiment investigated the impact of specific biometric modalities on overall system performance. In this research study, a Non-Intrusive Continuous Authentication (NICA) framework was applied by utilising two security mechanisms: Alert Level (AL) and Integrity Level (IL). During specific time windows, the AL process is used to seek valid samples. If there are no samples, the identity confidence is periodically reduced by a degradation function, which is 10% of current confidence in order to save power while the mobile device is inactive. In the case of the mobile user requesting to perform a task, the IL is applied to check the legitimacy of that user. If the identity confidence level is equal to or greater than the specified risk action level, transparent access is allowed. Otherwise, an intrusive authentication request is required in order to proceed with the service. In summary, the experimental results show that this approach achieved sufficiently high results to fulfil the security obligations. The shortest time window of AL= 2 min / IL = 5 min produced an average intrusive authentication request rate of 18%, whereas the largest time window (AL= 20 min / IL = 20 min) provided 6%. Interestingly, when the participants were divided into three levels of usage, the average intrusive authentication request rate was 12% and 3% for the shortest time window (AL = 2 min / IL = 5 min) and the largest time window (AL= 20 min / IL = 20), respectively. Therefore, this approach has been demonstrated to provide transparent and continuous protection to ensure the validity of the current user by understanding the risk involved within a given application.Royal Embassy of Saudi Arabia Cultural Bureau in U