260 research outputs found
Implicit Sensor-based Authentication of Smartphone Users with Smartwatch
Smartphones are now frequently used by end-users as the portals to
cloud-based services, and smartphones are easily stolen or co-opted by an
attacker. Beyond the initial log-in mechanism, it is highly desirable to
re-authenticate end-users who are continuing to access security-critical
services and data, whether in the cloud or in the smartphone. But attackers who
have gained access to a logged-in smartphone have no incentive to
re-authenticate, so this must be done in an automatic, non-bypassable way.
Hence, this paper proposes a novel authentication system, iAuth, for implicit,
continuous authentication of the end-user based on his or her behavioral
characteristics, by leveraging the sensors already ubiquitously built into
smartphones. We design a system that gives accurate authentication using
machine learning and sensor data from multiple mobile devices. Our system can
achieve 92.1% authentication accuracy with negligible system overhead and less
than 2% battery consumption.Comment: Published in Hardware and Architectural Support for Security and
Privacy (HASP), 201
Privacy-Protecting Techniques for Behavioral Data: A Survey
Our behavior (the way we talk, walk, or think) is unique and can be used as a biometric trait. It also correlates with sensitive attributes like emotions. Hence, techniques to protect individuals privacy against unwanted inferences are required. To consolidate knowledge in this area, we systematically reviewed applicable anonymization techniques. We taxonomize and compare existing solutions regarding privacy goals, conceptual operation, advantages, and limitations. Our analysis shows that some behavioral traits (e.g., voice) have received much attention, while others (e.g., eye-gaze, brainwaves) are mostly neglected. We also find that the evaluation methodology of behavioral anonymization techniques can be further improved
Comprehensive Survey: Biometric User Authentication Application, Evaluation, and Discussion
This paper conducts an extensive review of biometric user authentication
literature, addressing three primary research questions: (1) commonly used
biometric traits and their suitability for specific applications, (2)
performance factors such as security, convenience, and robustness, and
potential countermeasures against cyberattacks, and (3) factors affecting
biometric system accuracy and po-tential improvements. Our analysis delves into
physiological and behavioral traits, exploring their pros and cons. We discuss
factors influencing biometric system effectiveness and highlight areas for
enhancement. Our study differs from previous surveys by extensively examining
biometric traits, exploring various application domains, and analyzing measures
to mitigate cyberattacks. This paper aims to inform researchers and
practitioners about the biometric authentication landscape and guide future
advancements
Behavioural Authentication Based on Smartphone Protected Personal Communication Data
International audienceSmartphones have become ubiquitous in everyday life, storing and generating a huge amount of sensitive personal data which make them vulnerable to increasing security and privacy threats. While protecting smartphones has become a necessity, existing traditional authentication methods, which are mainly PINs and passwords, are facing remarkable drawbacks and behavioural biometrics-based authentication was adopted as the best alternative to ensure better protection. This paper presents a comparative study of many behavioural authentica-tion solutions using smartphone personal communication data. Different approaches are compared such as using Distance Minimization, K-means and Support Vector Machine (SVM) as classification method. The data privacy protection by using the BioHashing algorithm is also considered in the paper. The authentication approaches were tested on a dataset of 93 users with more than 16.000 samples and show promising results with an EER of 10% without any data protection with the One Class SVM method and an EER remarkably lower than 1% for the 3 adopted methods with data privacy protection
Behavioral authentication for security and safety
The issues of both system security and safety can be dissected integrally from the perspective of behavioral appropriateness. That is, a system that is secure or safe can be judged by whether the behavior of certain agent(s) is appropriate or not. Specifically, a so-called appropriate behavior involves the right agent performing the right actions at the right time under certain conditions. Then, according to different levels of appropriateness and degrees of custodies, behavioral authentication can be graded into three levels, i.e., the authentication of behavioral Identity, Conformity, and Benignity. In a broad sense, for the security and safety issue, behavioral authentication is not only an innovative and promising method due to its inherent advantages but also a critical and fundamental problem due to the ubiquity of behavior generation and the necessity of behavior regulation in any system. By this classification, this review provides a comprehensive examination of the background and preliminaries of behavioral authentication. It further summarizes existing research based on their respective focus areas and characteristics. The challenges confronted by current behavioral authentication methods are analyzed, and potential research directions are discussed to promote the diversified and integrated development of behavioral authentication
- …