Zachary Deridder,Nyle Siddiqui,Thomas Reither,Rushit Dave,Brendan Pelto,Naeem Seliya,Mounika Vanamala

DOI: https://doi.org/10.48550/arXiv.2207.13648

IF: 6.4588

2022-07-27

Human-Computer Interaction

Abstract:As technology grows and evolves rapidly, it is increasingly clear that mobile devices are more commonly used for sensitive matters than ever before. A need to authenticate users continuously is sought after as a single-factor or multi factor authentication may only initially validate a user, which does not help if an impostor can bypass this initial validation. The field of touch dynamics emerges as a clear way to non intrusively collect data about a user and their behaviors in order to develop and make imperative security related decisions in real time. In this paper we present a novel dataset consisting of tracking 25 users playing two mobile games Snake.io and Minecraft each for 10 minutes, along with their relevant gesture data. From this data, we ran machine learning binary classifiers namely Random Forest and K Nearest Neighbor to attempt to authenticate whether a sample of a particular users actions were genuine. Our strongest model returned an average accuracy of roughly 93% for both games, showing touch dynamics can differentiate users effectively and is a feasible consideration for authentication schemes. Our dataset can be observed at https://github.com/zderidder/MC-Snake-Results

Nyle Siddiqui,Rushit Dave,Naeem Seliya

DOI: https://doi.org/10.48550/arXiv.2110.11080

IF: 5.414

2021-10-15

Machine Learning

Abstract:Mouse dynamics has grown in popularity as a novel irreproducible behavioral biometric. Datasets which contain general unrestricted mouse movements from users are sparse in the current literature. The Balabit mouse dynamics dataset produced in 2016 was made for a data science competition and despite some of its shortcomings, is considered to be the first publicly available mouse dynamics dataset. Collecting mouse movements in a dull administrative manner as Balabit does may unintentionally homogenize data and is also not representative of realworld application scenarios. This paper presents a novel mouse dynamics dataset that has been collected while 10 users play the video game Minecraft on a desktop computer. Binary Random Forest (RF) classifiers are created for each user to detect differences between a specific users movements and an imposters movements. Two evaluation scenarios are proposed to evaluate the performance of these classifiers; one scenario outperformed previous works in all evaluation metrics, reaching average accuracy rates of 92%, while the other scenario successfully reported reduced instances of false authentications of imposters.

Nyle Siddiqui,Rushit Dave,Naeem Seliya

DOI: https://doi.org/10.1109/icecet52533.2021.9698532

2021-12-09

Abstract:Mouse dynamics has grown in popularity as a novel, irreproducible behavioral biometric. Datasets which contain general, unrestricted mouse movements from users are sparse in the current literature. The Balabit mouse dynamics dataset, produced in 2016, was made for a data science competition and despite some of its shortcomings, is considered to be the first publicly available mouse dynamics dataset. Collecting mouse movements in a dull, administrative manner, as Balabit does, may unintentionally homogenize data and is also not representative of real-world application scenarios. This paper presents a novel mouse dynamics dataset that has been collected while 10 users play the video game Minecraft on a desktop computer. Binary Random Forest (RF) classifiers are created for each user to detect differences between a specific user's movements and an imposter's movements. Two evaluation scenarios are proposed to evaluate the performance of these classifiers; one scenario outperformed previous works in all evaluation metrics, reaching average accuracy rates of 92%, while the other scenario successfully reported reduced instances of false authentications of imposters.

Ensar Arif Sağbaş,Serkan Ballı

DOI: https://doi.org/10.1007/s00521-023-09360-9

2024-01-08

Neural Computing and Applications

Abstract:Smartphones utilize various authentication methods, including passwords, fingerprints, and face recognition. While this information is quite practical and easy to remember, it introduces several security issues. The primary concerns involve theft, password forgetfulness, or unauthorized password copying. Implementing behavioral biometrics for user authentication adds an extra layer of security. The main contribution of this study is the utilization of soft keyboard typing behavior, a behavioral biometric, for continuous user recognition. To achieve this, the phone's grip style and typing characteristics of users are scrutinized using data collected from motion sensors and the touchscreen panel. Another challenge in mobile device authentication pertains to recognition accuracy and processing time. To expedite and optimize data classification, a hybrid classification structure is suggested. This structure incorporates correlation-based feature selection and a straightforward logistic regression method, offering rapid and highly accurate classification outcomes—a further contribution of this study. Experimental results demonstrate that user identification can be accomplished in as little as 0.03 ms, with a classification accuracy of up to 93%. Continuous authentication systems offer greater security compared to one-time authentication systems. Nevertheless, these systems might not always yield the most precise results. Overcoming this challenge necessitates the development of an efficient software architecture. In line with this, an additional contribution of this study is an explanation of how to construct a continuous authentication system using the developed architecture.

computer science, artificial intelligence

Mario Frank,Ralf Biedert,Eugene Ma,Ivan Martinovic,Dawn Song

DOI: https://doi.org/10.1109/TIFS.2012.2225048

2012-10-09

Abstract:We investigate whether a classifier can continuously authenticate users based on the way they interact with the touchscreen of a smart phone. We propose a set of 30 behavioral touch features that can be extracted from raw touchscreen logs and demonstrate that different users populate distinct subspaces of this feature space. In a systematic experiment designed to test how this behavioral pattern exhibits consistency over time, we collected touch data from users interacting with a smart phone using basic navigation maneuvers, i.e., up-down and left-right scrolling. We propose a classification framework that learns the touch behavior of a user during an enrollment phase and is able to accept or reject the current user by monitoring interaction with the touch screen. The classifier achieves a median equal error rate of 0% for intra-session authentication, 2%-3% for inter-session authentication and below 4% when the authentication test was carried out one week after the enrollment phase. While our experimental findings disqualify this method as a standalone authentication mechanism for long-term authentication, it could be implemented as a means to extend screen-lock time or as a part of a multi-modal biometric authentication system.

Cryptography and Security,Machine Learning

Yanyan Li,Mengjun Xie,Jiang Bian

DOI: https://doi.org/10.1109/cns.2016.7860464

2017-01-01

Abstract:Many studies have been conducted to apply behavioral biometric authentication on/with mobile devices and they have shown promising results. However, the concern about the verification accuracy of behavioral biometrics is still common given the dynamic nature of behavioral biometrics. In this paper, we address the accuracy concern from a new perspective-behavior segments, that is, segments of a gesture instead of the whole gesture as the basic building block for behavioral biometric authentication. With this unique perspective, we propose a new behavioral biometric authentication method called SEGAUTH, which can be applied to various gesture or motion based authentication scenarios. SEGAUTH can achieve high accuracy by focusing on each user's distinctive gesture segments that frequently appear across his or her gestures. In SEGAUTH, a time series derived from a gesture/motion is first partitioned into segments and then transformed into a set of string tokens in which the tokens representing distinctive, repetitive segments are associated with higher genuine probabilities than those tokens that are common across users. An overall genuine score calculated from all the tokens derived from a gesture is used to determine the user's authenticity. We have assessed the effectiveness of SEGAUTH using 4 different datasets. Our experimental results demonstrate that SEGAUTH can achieve higher accuracy consistently than existing popular methods on the evaluation datasets.

Zhihao Shen,Shun Li,Xi Zhao,Jianhua Zou

DOI: https://doi.org/10.1109/tifs.2022.3160361

IF: 7.231

2022-01-01

IEEE Transactions on Information Forensics and Security

Abstract:With the wide use of smartphones, more private data are collected and saved in the smartphones. This raises higher requirements for secure and effective user authentication scheme. Continuous authentication leverages behavioral biometrics as identity information and shows promising characteristics for user verification in a continuous and passive means. However, most studies require users to operate the smartphones in a specific mobile application or perform user-defined touch operations. This paper studies the continuous authentication on smartphones in the wild, where it is hard to characterize touching behavior accurately due to the complexity of usage context and cross-use of various types of touch gestures. Towards this end, in this paper, we propose a continuous authentication framework using multiple modalities, named as MMAuth, which integrates the heterogeneous information of user identity from multiple modalities (e.g., motion movement pattern, touch dynamics, usage context). A time-extended behavioral feature set (TEB) and a deep learning based one-class classifier (DeSVDD) are developed for performing more accurate authentication. Evaluations are conducted using a novel unconstrained smartphone usage dataset collected from 100 volunteers in real world as well as a public laboratory dataset. Extensive experimental results demonstrate that the state-of-the-art authentication performance of MMAuth in both unconstrained and laboratory environment, and the effectiveness of its two proposed modules (the TEB feature set and the DeSVDD classifier). Additional experiments on system robustness, in terms of usability to different touch gestures, sensitivity to various mobile applications, and scalability to user space, are also provided to examine the applicability of MMAuth.

Chao Shen,Yuanxun Li,Yufei Chen,Xiaohong Guan,Roy A. Maxion

DOI: https://doi.org/10.1109/tifs.2017.2737969

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The increasing use of smartphones as personal computing platforms to access personal information has stressed the demand for secure and usable authentication techniques, and for constantly protecting privacy. Smartphone sensors can measure users' unique behavioral characteristics when they interact with smartphones, based on different habits, gestures, and angle preferences of touch actions. This paper investigates the reliability and applicability of using motion-sensor behavior for active and continuous smartphone authentication across various operational scenarios, and presents a systematic evaluation of the distinctiveness and permanence properties of the behavior. For each sample of sensor behavior, kinematic information sequences are extracted and analyzed, which are characterized by statistic-, frequency-, and wavelet-domain features, to provide accurate and fine-grained characterization of users' touch actions. A Markov-based decision procedure, using one-class learning techniques, is developed and applied to the feature space for performing authentication. Analyses are conducted using the sensor data of 520 200 touch actions from 102 subjects across various operational scenarios. Extensive experiments show that motion-sensor behavior exhibits sufficient discriminability and stability for active and continuous authentication, and can achieve a false-rejection rate of 5.03% and a false-acceptance rate of 3.98%. Additional experiments on usability to operation length, sensitivity to application scenario, scalability to user size, contribution to different sensors, and response to behavior change are provided to further explore the effectiveness and applicability. We also implement an authentication system into the Android system that can react to the presence of the legitimate user.

Soumik Mondal,Patrick Bours

DOI: https://doi.org/10.1016/j.neucom.2016.11.031

IF: 6

2017-03-01

Neurocomputing

Abstract:In this paper we focus on a context independent continuous authentication system that reacts on every separate action performed by a user. We contribute with a robust dynamic trust model algorithm that can be applied to any continuous authentication system, irrespective of the biometric modality. We also contribute a novel performance reporting technique for continuous authentication. Our proposed approach was validated with extensive experiments with a unique behavioural biometric dataset. This dataset was collected under complete uncontrolled condition from 53 users by using our data collection software. We considered both keystroke and mouse usage behaviour patterns to prevent a situation where an attacker avoids detection by restricting to one input device because the system only checks the other input device. During our research, we developed a feature selection technique that could be applied to other pattern recognition problems.The best result obtained in this research is that 50 out of 53 genuine users are never inadvertently locked out by the system, while the remaining 3 genuine users (i. e. 5.7%) are sometimes locked out, on average after 2265 actions. Furthermore, there are only 3 out of 2756 impostors not been detected, i.e. only 0.1% of the impostors go undetected. Impostors are detected on average after 252 actions.

computer science, artificial intelligence

Nyle Siddiqui,Rushit Dave,Mounika Vanamala,Naeem Seliya

DOI: https://doi.org/10.3390/make4020023

2022-05-19

Machine Learning and Knowledge Extraction

Abstract:Static authentication methods, like passwords, grow increasingly weak with advancements in technology and attack strategies. Continuous authentication has been proposed as a solution, in which users who have gained access to an account are still monitored in order to continuously verify that the user is not an imposter who had access to the user credentials. Mouse dynamics is the behavior of a user’s mouse movements and is a biometric that has shown great promise for continuous authentication schemes. This article builds upon our previous published work by evaluating our dataset of 40 users using three machine learning and three deep learning algorithms. Two evaluation scenarios are considered: binary classifiers are used for user authentication, with the top performer being a 1-dimensional convolutional neural network (1D-CNN) with a peak average test accuracy of 85.73% across the top-10 users. Multi-class classification is also examined using an artificial neural network (ANN) which reaches an astounding peak accuracy of 92.48%, the highest accuracy we have seen for any classifier on this dataset.

English Else

Zhihao Shen,Shun Li,Xi Zhao,Jianhua Zou

DOI: https://doi.org/10.1109/jiot.2023.3289935

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Touch behavior biometric has been widely studied for continuous authentication on mobile devices, which provides a more secure authentication in an implicit process. However, the existing touch behavior biometric-based authentication systems suffer from two issues. First, the existing touch behavior representation methods are hard to characterize touch operations under complex usage context. Second, the authentication accuracy of existing authentication models is inclined to degrade over time in a long-term real-life usage scenario due to change in data distribution caused by varying touch behavior. Toward this end, in this article, we develop IncreAuth, an incremental learning-based continuous authentication framework, which allows to provide effective stable authentication performance in the long-term smartphone usage scenario. Specifically, we first propose a novel context-aware feature set to characterize touch behavior patterns in complex usage context. Then, we develop an authentication model GBDTNN, which integrates the advantages of a gradient boosting decision tree model for processing our high-dimensional feature set and neural network model for efficient online updating. A behavior drift-based online updating mechanism is also designed to learn both long-term and short-term touch behavior patterns. To evaluate our framework, we construct a large-scale smartphone usage data set over two months collected from the unconstrained environment. Extensive experiments demonstrate that IncreAuth achieves the state-of-the-art and stable authentication accuracy over time and low system overheads.

Rajesh Kumar,Partha Pratim Kundu,Diksha Shukla,Vir V. Phoha

DOI: https://doi.org/10.48550/arXiv.1708.04399

2017-08-15

Abstract:In this paper, we propose a novel continuous authentication system for smartphone users. The proposed system entirely relies on unlabeled phone movement patterns collected through smartphone accelerometer. The data was collected in a completely unconstrained environment over five to twelve days. The contexts of phone usage were identified using k-means clustering. Multiple profiles, one for each context, were created for every user. Five machine learning algorithms were employed for classification of genuine and impostors. The performance of the system was evaluated over a diverse population of 57 users. The mean equal error rates achieved by Logistic Regression, Neural Network, kNN, SVM, and Random Forest were 13.7%, 13.5%, 12.1%, 10.7%, and 5.6% respectively. A series of statistical tests were conducted to compare the performance of the classifiers. The suitability of the proposed system for different types of users was also investigated using the failure to enroll policy.

Human-Computer Interaction,Cryptography and Security

Guannan Wu,Jian Wang,Yongrong Zhang,Shuai Jiang

DOI: https://doi.org/10.3390/s18010179

IF: 3.9

2018-01-01

Sensors

Abstract:Wearable devices have flourished over the past ten years providing great advantages to people and, recently, they have also been used for identity authentication. Most of the authentication methods adopt a one-time authentication manner which cannot provide continuous certification. To address this issue, we present a two-step authentication method based on an own-built fingertip sensor device which can capture motion data (e.g., acceleration and angular velocity) and physiological data (e.g., a photoplethysmography (PPG) signal) simultaneously. When the device is worn on the user's fingertip, it will automatically recognize whether the wearer is a legitimate user or not. More specifically, multisensor data is collected and analyzed to extract representative and intensive features. Then, human activity recognition is applied as the first step to enhance the practicability of the authentication system. After correctly discriminating the motion state, a one-class machine learning algorithm is applied for identity authentication as the second step. When a user wears the device, the authentication process is carried on automatically at set intervals. Analyses were conducted using data from 40 individuals across various operational scenarios. Extensive experiments were executed to examine the effectiveness of the proposed approach, which achieved an average accuracy rate of 98.5% and an F1-score of 86.67%. Our results suggest that the proposed scheme provides a feasible and practical solution for authentication.

Jiajia Li,Qian Yi,Ming K. Lim,Shuping Yi,Pengxing Zhu,Xingjun Huang

DOI: https://doi.org/10.1109/tifs.2024.3480363

IF: 7.231

2024-11-02

IEEE Transactions on Information Forensics and Security

Abstract:Continuous authentication based on behavioral biometrics is effective and crucial as user behaviors are not easily copied. However, relying solely on one behavioral biometric limits the accuracy of continuous authentication. Therefore, a continuous authentication system based on multimodal behavioral biometrics fusion is proposed in this study, which fuses three modalities: contextual behavior, mouse behavior, and information interaction behavior. The multimodal dataset of user behavior is collected through a self-built website, and the behavioral feature sets for each modality are then created. An improved generative adversarial network method is used to align the datasets of the three modalities. The autoencoder with long short-term memory is employed for unsupervised anomaly detection of time-series behaviors and enables continuous authentication for each modality. The multimodal fusion is achieved using the meta-model of the stacked generalization method, and the final decision for continuous authentication is then determined. The experimental results demonstrate that the proposed multimodal fusion method significantly outperforms the unimodal and provides an effective way to improve the accuracy and user-friendliness of continuous authentication. This study offers insights into user behavior analysis, behavioral anomaly detection, and multimodal behavior fusion.

computer science, theory & methods,engineering, electrical & electronic

Chao Shen,Yunpeng Li,Tianwen Yu,Sheng Yuan,Xiao Yi,Xiaohong Guan

DOI: https://doi.org/10.1109/wcica.2016.7578519

2016-01-01

Abstract:Existing smartphone authentication methods (e.g., PIN) typically provide one-time identity verification, but the verified user is still subject to session hijacking or masquerading attacks. This paper presents a framework and performance analysis of a sensor-based smartphone authentication system that continuously verifies the presence of a smartphone user. When a user touches the smartphone screen, motion-sensor data are extracted and analyzed to obtain descriptive features for accurately depicting users' touch habit and rhythm. Then a one-class learning algorithm is employed in the feature space to perform the continuous authentication task. Based on touch-tapping data collected from over 50 users, we conduct a series of experiments to validate the efficacy of our proposed approach. Our experimental results show that our verification system achieves a relatively high accuracy with an equal-error rate of 11.05%. Additional experiment on usability to the observation window size is provided to further examine the effectiveness. Our authentication system can be seamlessly integrated with extant smartphone authentication mechanisms, and is non-intrusive to users and does not need extra hardware.

Sara Kokal,Laura Pryor,Rushit Dave

DOI: https://doi.org/10.48550/arXiv.2204.09088

2022-04-20

Abstract:Mobile devices have been manufactured and enhanced at growing rates in the past decades. While this growth has significantly evolved the capability of these devices, their security has been falling behind. This contrast in development between capability and security of mobile devices is a significant problem with the sensitive information of the public at risk. Continuing the previous work in this field, this study identifies key Machine Learning algorithms currently being used for behavioral biometric mobile authentication schemes and aims to provide a comprehensive review of these algorithms when used with touch dynamics and phone movement. Throughout this paper the benefits, limitations, and recommendations for future work will be discussed.

Cryptography and Security,Artificial Intelligence

Huanran Wang,Hui He,Chen Song,Hao Tang,Yanwei Sun,Yanchen Qiao,Weizhe Zhang

DOI: https://doi.org/10.1155/2022/6339407

IF: 1.968

2022-01-01

Security and Communication Networks

Abstract:Recently, mobile technology has become closely linked with our daily activities. Smartphones are used for multiple personal tasks involving private information, such as communication, healthcare, and banking. Therefore, there is a high demand for user-friendly authentication methods that prevent unauthorized access to sensitive information. This paper proposes a novel feature representation tactic for continuous authentication named Multiple Channels Biological Graph (MCBG). Unlike conventional techniques, MCBG divides the smartphone usage scenarios into more fine-grained cases, including the operation interval features. To this end, we extract the screen touch and handheld features from multiple built-in sensors without extra user interaction. We conduct experiments on 180 participants (130 adults and 50 minors) and investigate the sufficiency of different sensor combinations required to authenticate identity accurately. Results show that our MCBG-based model achieves 99.38% authentication accuracy within 1.9 seconds. Furthermore, MCBG also represents the intrinsic differences between grown-ups and minors, achieving 96% identification accuracy.

Jagmohan Chauhan,Hassan Jameel Asghar,Mohamed Ali Kaafar,Anirban Mahanti

DOI: https://doi.org/10.48550/arXiv.1412.2855

2014-12-09

Cryptography and Security

Abstract:We study the feasibility of touch gesture behavioural biometrics for implicit authentication of users on a smartglass (Google Glass) by proposing a continuous authentication system using two classifiers: SVM with RBF kernel, and a new classifier based on Chebyshev's concentration inequality. Based on data collected from 30 volunteers, we show that such authentication is feasible both in terms of classification accuracy and computational load on smartglasses. We achieve a classification accuracy of up to 99% with only 75 training samples using behavioural biometric data from four different types of touch gestures. To show that our system can be generalized, we test its performance on touch data from smartphones and found the accuracy to be similar to smartglasses. Finally, our experiments on the permanence of gestures show that the negative impact of changing user behaviour with time on classification accuracy can be best alleviated by periodically replacing older training samples with new randomly chosen samples.

Laura Pryor,Jacob Mallet,Rushit Dave,Naeem Seliya,Mounika Vanamala,Evelyn Sowells Boone

DOI: https://doi.org/10.48550/arXiv.2205.08371

2022-05-07

Cryptography and Security

Abstract:The amount of secure data being stored on mobile devices has grown immensely in recent years. However, the security measures protecting this data have stayed static, with few improvements being done to the vulnerabilities of current authentication methods such as physiological biometrics or passwords. Instead of these methods, behavioral biometrics has recently been researched as a solution to these vulnerable authentication methods. In this study, we aim to contribute to the research being done on behavioral biometrics by creating and evaluating a user authentication scheme using behavioral biometrics. The behavioral biometrics used in this study include touch dynamics and phone movement, and we evaluate the performance of different single-modal and multi-modal combinations of the two biometrics. Using two publicly available datasets - BioIdent and Hand Movement Orientation and Grasp (H-MOG), this study uses seven common machine learning algorithms to evaluate performance. The algorithms used in the evaluation include Random Forest, Support Vector Machine, K-Nearest Neighbor, Naive Bayes, Logistic Regression, Multilayer Perceptron, and Long Short-Term Memory Recurrent Neural Networks, with accuracy rates reaching as high as 86%.

Xiaozi Liu,Chao Shen,Yufei Chen

DOI: https://doi.org/10.1007/978-3-319-97909-0_71

2018-01-01

Abstract:Analyzing smartphone users' behavioral characteristics for recognizing the identities has received growing interest from security and biometric researchers. Extant smartphone authentication methods usually provide one-time identity verification in some specific applications, but the authenticated user is still subject to masquerader attacks or session hijacking. This paper presents a novel smartphone authentication approach by analyzing multi-source user-machine usage behavior (i.e., power consumption, physical sensors, and touchscreen interactions), which can continuously verify the presence of a smartphone user. Extensive experiments are conducted to show that our authentication approach can be up to a relatively high accuracy with an equal-error rate of 5.5%. This approach can also be seamlessly integrated with existing authentication methods, which does not need additional hardware and is transparent to users.