5,210 research outputs found
Secure Pick Up: Implicit Authentication When You Start Using the Smartphone
We propose Secure Pick Up (SPU), a convenient, lightweight, in-device,
non-intrusive and automatic-learning system for smartphone user authentication.
Operating in the background, our system implicitly observes users' phone
pick-up movements, the way they bend their arms when they pick up a smartphone
to interact with the device, to authenticate the users.
Our SPU outperforms the state-of-the-art implicit authentication mechanisms
in three main aspects: 1) SPU automatically learns the user's behavioral
pattern without requiring a large amount of training data (especially those of
other users) as previous methods did, making it more deployable. Towards this
end, we propose a weighted multi-dimensional Dynamic Time Warping (DTW)
algorithm to effectively quantify similarities between users' pick-up
movements; 2) SPU does not rely on a remote server for providing further
computational power, making SPU efficient and usable even without network
access; and 3) our system can adaptively update a user's authentication model
to accommodate user's behavioral drift over time with negligible overhead.
Through extensive experiments on real world datasets, we demonstrate that SPU
can achieve authentication accuracy up to 96.3% with a very low latency of 2.4
milliseconds. It reduces the number of times a user has to do explicit
authentication by 32.9%, while effectively defending against various attacks.Comment: Published on ACM Symposium on Access Control Models and Technologies
(SACMAT) 201
Implicit Smartphone User Authentication with Sensors and Contextual Machine Learning
Authentication of smartphone users is important because a lot of sensitive
data is stored in the smartphone and the smartphone is also used to access
various cloud data and services. However, smartphones are easily stolen or
co-opted by an attacker. Beyond the initial login, it is highly desirable to
re-authenticate end-users who are continuing to access security-critical
services and data. Hence, this paper proposes a novel authentication system for
implicit, continuous authentication of the smartphone user based on behavioral
characteristics, by leveraging the sensors already ubiquitously built into
smartphones. We propose novel context-based authentication models to
differentiate the legitimate smartphone owner versus other users. We
systematically show how to achieve high authentication accuracy with different
design alternatives in sensor and feature selection, machine learning
techniques, context detection and multiple devices. Our system can achieve
excellent authentication performance with 98.1% accuracy with negligible system
overhead and less than 2.4% battery consumption.Comment: Published on the IEEE/IFIP International Conference on Dependable
Systems and Networks (DSN) 2017. arXiv admin note: substantial text overlap
with arXiv:1703.0352
Performance Evaluation of Mobile Sensor for Context Awareness User Authentication
With the increase of smart devices and their capacities, their use for different services have also increased. As much as this is an advantage, it has posed additional risks because of the confidential information stored on them. This has increased the need for additional security on these systems. Most of the methods used for user authentication pose certain drawbacks that are either easy to circumvent or cumbersome to use. As a result, multi-level means of authentication is needed to improve the security of mobile devices. Sensors are playing a vital role in the mobile ecosystem to enhance different services. These sensors can be leveraged upon as a solution for user authentication. This research analyzed and evaluated different mobile device sensors for continuous and transparent user authentication. The mobile data used includes gyroscope, accelerometer, linear accelerometer, proximity, gravity, and magnetometer sensors’ data. Using a Feedforward Neural network for data classification after extracting features from the different sensors available in the mobile device; the most effective was selected by evaluating performance of the different sensors. The best sensor, the accelerometer was further experimented on. The experiment showed that smartphone accelerometer sensor exhibits sufficient discriminability, stability, and reliability for active and continuous authentication, by achieving a performance of 6.55% for the best overall EER.With the increase of smart devices and their capacities, their use for different services have also increased. As much as this is an advantage, it has posed additional risks because of the confidential information stored on them. This has increased the need for additional security on these systems. Most of the methods used for user authentication pose certain drawbacks that are either easy to circumvent or cumbersome to use. As a result, multi-level means of authentication is needed to improve the security of mobile devices. Sensors are playing a vital role in the mobile ecosystem to enhance different services. These sensors can be leveraged upon as a solution for user authentication. This research analyzed and evaluated different mobile device sensors for continuous and transparent user authentication. The mobile data used includes gyroscope, accelerometer, linear accelerometer, proximity, gravity, and magnetometer sensors’ data. Using a Feedforward Neural network for data classification after extracting features from the different sensors available in the mobile device; the most effective was selected by evaluating performance of the different sensors. The best sensor, the accelerometer was further experimented on. The experiment showed that smartphone accelerometer sensor exhibits sufficient discriminability, stability, and reliability for active and continuous authentication, by achieving a performance of 6.55% for the best overall EER
Implicit Sensor-based Authentication of Smartphone Users with Smartwatch
Smartphones are now frequently used by end-users as the portals to
cloud-based services, and smartphones are easily stolen or co-opted by an
attacker. Beyond the initial log-in mechanism, it is highly desirable to
re-authenticate end-users who are continuing to access security-critical
services and data, whether in the cloud or in the smartphone. But attackers who
have gained access to a logged-in smartphone have no incentive to
re-authenticate, so this must be done in an automatic, non-bypassable way.
Hence, this paper proposes a novel authentication system, iAuth, for implicit,
continuous authentication of the end-user based on his or her behavioral
characteristics, by leveraging the sensors already ubiquitously built into
smartphones. We design a system that gives accurate authentication using
machine learning and sensor data from multiple mobile devices. Our system can
achieve 92.1% authentication accuracy with negligible system overhead and less
than 2% battery consumption.Comment: Published in Hardware and Architectural Support for Security and
Privacy (HASP), 201
- …