Jianfeng Guan,Xuetao Li,Ying Zhang

DOI: https://doi.org/10.1155/2021/6669429

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:Most of the current authentication mechanisms adopt the “one-time authentication,” which authenticate users for initial access. Once users have been authenticated, they can access network services without further verifications. In this case, after an illegal user completes authentication through identity forgery or a malicious user completes authentication by hijacking a legitimate user, his or her behaviour will become uncontrollable and may result in unknown risks to the network. These kinds of insider attacks have been increasingly threatening lots of organizations, and have boosted the emergence of zero trust architecture. In this paper, we propose a Multimodal Fusion-based Continuous Authentication (MFCA) scheme, which collects multidimensional behaviour characteristics during the online process, verifies their identities continuously, and locks out the users once abnormal behaviours are detected to protect data privacy and prevent the risk of potential attack. More specifically, MFCA integrates the behaviours of keystroke, mouse movement, and application usage and presents a multimodal fusion mechanism and trust model to effectively figure out user behaviours. To evaluate the performance of the MFCA, we designed and implemented the MFCA system and the experimental results show that the MFCA can detect illegal users in quick time with high accuracy.

Chao Shen,He Zhang,Zhenyu Yang,Xiaohong Guan

DOI: https://doi.org/10.1109/SMC.2016.7844515

2016-01-01

Abstract:Continuous authentication offers the ability to continuously verify users' identity for accessing to the protected resource. Although current explorations such as face and fingerprint verification have seen varying rates of success, three main problems may limit their applicability in the context of information protection and access control: they can be of low availability in some practical scenarios, they can be intrusive, and they commonly require costly equipment. This paper presents a multimodal biometrics authentication system that can continuously verify the presence of a logged-in user. Three passive biometric modalities are currently used - keystroke (i.e., behavioral biometric), face (i.e., physiological biometric), and skin color (i.e., soft biometric) - but our approach can also be readily extended to include more modalities. By fusing these three passive biometrics, the continuous authentication system combines both temporal and modality information holistically, and can keep verifying who is using the computing system, without troubling users' routine activities. Based on real data resulting from our implementation, we find the results to be very promising with a false-acceptance rate of 0% and a false-rejection rate of 0.72%. Additional experiment on the size of observation window is provided to further examine the applicability of the proposed approach.

Tianming Zhao,Yan Wang,Jian Liu,Jerry Cheng,Yingying Chen,Jiadi Yu

DOI: https://doi.org/10.1109/jiot.2021.3128290

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Traditional one-time user authentication is vulnerable to attacks when an adversary can obtain unauthorized privileges after a user's initial login. Continuous user authentication (CA) has recently shown its great potential by enabling seamless user authentication with few users' participation. We devise a low-cost system that can exploit users' pulsatile signals from photoplethysmography (PPG) sensors in commodity wearable devices to perform CA. Our system requires zero user effort and applies to practical scenarios that have nonclinical PPG measurements with human motion artifacts (MAs). We explore the uniqueness of the human cardiac system and develop adaptive MA filtering methods to mitigate the impacts of transient and continuous activities from daily life. Furthermore, we identify general fiducial features and develop an adaptive classifier that can authenticate users continuously based on their cardiac characteristics with little additional training effort. Experiments with our wrist-worn PPG sensing platform on 20 participants under practical scenarios demonstrate that our system can achieve a high CA accuracy of over 90% and a low false detection rate of 4% in detecting random attacks. We show that our MA mitigation approaches can improve the CA accuracy by around 39% under both transient and continuous daily activity scenarios.

Soumik Mondal,Patrick Bours

DOI: https://doi.org/10.1016/j.neucom.2016.11.031

IF: 6

2017-03-01

Neurocomputing

Abstract:In this paper we focus on a context independent continuous authentication system that reacts on every separate action performed by a user. We contribute with a robust dynamic trust model algorithm that can be applied to any continuous authentication system, irrespective of the biometric modality. We also contribute a novel performance reporting technique for continuous authentication. Our proposed approach was validated with extensive experiments with a unique behavioural biometric dataset. This dataset was collected under complete uncontrolled condition from 53 users by using our data collection software. We considered both keystroke and mouse usage behaviour patterns to prevent a situation where an attacker avoids detection by restricting to one input device because the system only checks the other input device. During our research, we developed a feature selection technique that could be applied to other pattern recognition problems.The best result obtained in this research is that 50 out of 53 genuine users are never inadvertently locked out by the system, while the remaining 3 genuine users (i. e. 5.7%) are sometimes locked out, on average after 2265 actions. Furthermore, there are only 3 out of 2756 impostors not been detected, i.e. only 0.1% of the impostors go undetected. Impostors are detected on average after 252 actions.

computer science, artificial intelligence

Rasana Manandhar,Shaya Wolf,Mike Borowczak

DOI: https://doi.org/10.48550/arXiv.1903.03132

2019-03-08

Abstract:Emerging technology demands reliable authentication mechanisms, particularly in interconnected systems. Current systems rely on a single moment of authentication, however continuous authentication systems assess a users identity utilizing a constant biometric analysis. Spy Hunter, a continuous authentication mechanism uses keystroke dynamics to validate users over blocks of data. This easily-incorporated periodic biometric authentication system validates genuine users and detects intruders quickly. Because it verifies users in the background, Spy Hunter is not constrained to a password box. Instead, it is flexible and can be layered with other mechanisms to provide high-level security. Where other continuous authentication techniques rely on scripted typing, Spy Hunter validates over free text in authentic environments. This is accomplished in two phases, one where the user is provided a prompt and another where the user is allowed free access to their computer. Additionally, Spy Hunter focuses on the timing of different keystrokes rather than the specific key being pressed. This allows for anonymous data to authenticate users and avoids holding personal data. Utilizing a couple K-fold cross-validation techniques, Spy Hunter is assessed based on how often the system falsely accepts an intruder, how often the system falsely rejects a genuine user, and the time it takes to validate a users identity. Spy Hunter maintains error rates below 6% and identifies users in minimal numbers of keystrokes. Continuous authentication provides higher level security than one-time verification processes and Spy Hunter expands on the possibilities for behavioral analysis based on keystroke dynamics.

Cryptography and Security,Machine Learning

Heewoong Lee,Deok Gyu Lee,Kihyo Nam,Mun‐Kweon Jeong

DOI: https://doi.org/10.1111/exsy.13806

IF: 3.3

2024-12-05

Expert Systems

Abstract:Biometric technology, which performs continuous authentication based on user behaviour, has been developed in various ways depending on the type of device, input device, and sensor. Research on continuous authentication technology in PC‐based systems with few sensors installed is based on data from physical devices that extract and analyse features from keyboard and mouse input patterns. Among these, previous studies on continuous authentication through keyboard input performed continuous authentication using the key hold delay time that occurs when one key is pressed, the key interval delay time that occurs due to the interaction between fingers, and the key press delay time. However, the keyboard‐based continuous authentication model has limitations in increasing accuracy due to a small number of features. Therefore, in this paper, when a user inputs a sentence using a QWERTY keyboard in a PC system, the function is subdivided by reflecting the characteristics of each finger and used for continuous authentication. The features extracted by reflecting the characteristics of the finger were subdivided into a total of 151 latencies, and Support Vector Data Description (SVDD), decision tree and CNN were used as continuous authentication models. Experimental data was collected through the user's input of randomly displayed sentences, and features were created based on this. User keystroke behaviour was used to validate the continuous authentication in the artificial intelligence model. Validation metrics included thresholds for classification accuracy (ACC), ROC curves, false rejection rate (FRR), equal error rate (EER), and false acceptance rate (FAR). As a result of the experiment, it was found that continuous authentication including the user's finger input pattern was superior to the existing method.

computer science, artificial intelligence, theory & methods

Zhihao Shen,Shun Li,Xi Zhao,Jianhua Zou

DOI: https://doi.org/10.1109/tkde.2023.3277879

IF: 9.235

2024-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Continuous authentication, which provides identity verification using behavioral biometrics in an implicit and transparent manner, has shown potentials for protecting privacy. As the most common way of human-computer interaction, touch behavior pattern of each user has been proven distinctive and widely adopted for continuous authentication. However, most touch based solutions rely on the touchscreen signals obtained from high-level application programming interfaces, which are hard to characterize fine-grained appearance and contour profile of contact fingertips as well as dynamic sliding information in a touch gesture. In this paper, we propose a continuous authentication framework called CT-Auth, which leverages raw capacitive value collected from capacitive touchscreen on smartphone as a descriptor of touch behavior for authentication. Specifically, we first develop a three-dimensional convolution neural network model for capturing intra-gesture spatial-temporal feature and a structure extraction model for capturing structural information between moving fingertips of a touch gesture and touchscreen. A recurrent neural network based model is also applied for capturing temporal patterns among a sequence of touch gestures. To evaluate the effectiveness of our framework, we recruit 100 volunteers over 2 months and collect a large-scale dataset in the unconstrained conditions. Extensive experiments reveal that CT-Auth provides the state-of-the-art authentication accuracy.

Abbas Acar,Hidayet Aksu,A. Selcuk Uluagac,Kemal Akkaya

DOI: https://doi.org/10.48550/arXiv.1802.10417

2018-03-06

Abstract:One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session without reducing the user convenience. Continuous authentication can address this issue. However, existing methods are either not reliable or not usable. In this paper, we introduce a usable and reliable method called Wearable Assisted Continuous Authentication (WACA). WACA relies on the sensor based keystroke dynamics, where the authentication data is acquired through the built in sensors of a wearable (e.g., smartwatch) while the user is typing. We implemented the WACA framework and evaluated its performance on real devices with real users. The empirical evaluation of WACA reveals that WACA is feasible and its error rate is as low as 1 percent with 30 seconds of processing time and 2 3% for 20 seconds. The computational overhead is minimal. Furthermore, we tested WACA against different attack scenarios. WACA is capable of identifying insider threats with very high accuracy (99.2%) and also robust against powerful adversaries such as imitation and statistical attackers.

Cryptography and Security

Chao Shen,Zhongmin Cai,Xiaohong Guan

DOI: https://doi.org/10.1109/DSN.2012.6263955

2012-01-01

Abstract:Mouse dynamics is the process of identifying individual users based on their mouse operating characteristics. Although previous work has reported some promising results, mouse dynamics is still a newly emerging technique and has not reached an acceptable level of performance. One of the major reasons is intrinsic behavioral variability. This study presents a novel approach by using pattern-growth-based mining method to extract frequent-behavior segments in obtaining stable mouse characteristics, employing one-class classification algorithms to perform the task of continuous user authentication. Experimental results show that mouse characteristics extracted from frequent-behavior segments are much more stable than those from holistic behavior, and the approach achieves a practically useful level of performance with FAR of 0.37% and FRR of 1.12%. These findings suggest that mouse dynamics suffice to be a significant enhancement for a traditional authentication system. Our dataset is publicly available to facilitate future research.

Gabriel Dahia,Leone Jesus,Maurício Pamplona Segundo

DOI: https://doi.org/10.1002/widm.1365

2020-03-24

WIREs Data Mining and Knowledge Discovery

Abstract:The shortcomings of conventional access control systems for high‐security environments have led to the concert of continuous authentication. Contrary to traditional verification, in which users are authenticated only once at the start of their session, continuous authentication systems regularly check users' identities to prevent hijackings. The challenges in this area involve balancing the security of protected assets by quickly detecting intruders with the system usability for genuine users. Biometric recognition plays a major role within this context, as it is the main way to assure that users are who they claim to be. A comparative analysis of the latest works revealed different aspects of this problem. First, some biometrics traits among those applied for continuous authentication are more suitable for this task than others. Second, systems combining multiple traits have advantages over those relying on a single one. Finally, many works fail to report proper evaluation metrics. With this in mind, we were able to identify new opportunities for researchers in the field. We highlight the potential for mining new datasets on the internet, which would benefit validation and benchmarking, and how recent deep learning techniques could address some of the open challenges in the area.This article is categorized under: Technologies > PredictionTechnologies > Machine LearningApplication Areas > Science and Technology

Cong Wu,Kun He,Jing Chen,Ruiying Du,Yang Xiang

DOI: https://doi.org/10.1109/jiot.2020.3006870

IF: 10.6

2020-12-01

IEEE Internet of Things Journal

Abstract:Relieving users from the burden of remembering and inputting authentication information explicitly, such as passwords/PINs and lock patterns, implicit authentication mechanisms have gained an increasing concern. When providing authentication, the existing implicit methods only depend on a specific behavior, such as typing on the screen, performing gestures, or taking a walk. However, in real applications, a user's behavioral characteristics are also decided by the context where behavior is performed. Thus, those existing methods show limited authentication accuracy and usability. To address these issues, we propose CaIAuth, a reliable context-aware implicit authentication framework, which profiles users' behavior and context characteristics in a holistic fashion. It observes the states of context-sensing entities for different smartphone usage patterns and builds a context-aware model to distinguish between legitimate users and illegal ones. We conducted extensive experiments to evaluate system performance with a large data set collected from 142 subjects. The experimental results show that our system achieves a low equal error rate (EER) (e.g., less 7%) and is resilient against common threats, including zero-effect attack and mimicry attack. In addition, CaIAuth achieves a low authentication delay and overhead.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chen Xiaojun,Wei Zicheng,Pu Yiguo,Shi Jinqiao

DOI: https://doi.org/10.1016/j.procs.2013.05.111

2013-01-01

Procedia Computer Science

Abstract:Insider threat becomes a more and more serious problem to organizations. Identify theft is a common attack method among various attack methods from insider. And it is very hard to detection since the attacker acts as a legal identity. Existing researches focus on Human Computer Interaction (HCI) behavior such as keystroke dynamics or mouse dynamics to detection this kind of attack. Based on an obvious observable that different applications show different HCI behavioral patterns (rich-key-operations or rich-mice-operations), we demonstrate that single authentication method is not efficient always in full time work period. In this paper, we provide an ensemble re-authentication approach to detection identify theft in real time, which combine the classification of keystroke-classifier and mice-classifier to determine whether the current operations is produced by the real legitimate user or not. Our experiment proves this new approach is efficient and can provide consistent detection ability with high accuracy.

Guannan Wu,Jian Wang,Yongrong Zhang,Shuai Jiang

DOI: https://doi.org/10.3390/s18010179

IF: 3.9

2018-01-01

Sensors

Abstract:Wearable devices have flourished over the past ten years providing great advantages to people and, recently, they have also been used for identity authentication. Most of the authentication methods adopt a one-time authentication manner which cannot provide continuous certification. To address this issue, we present a two-step authentication method based on an own-built fingertip sensor device which can capture motion data (e.g., acceleration and angular velocity) and physiological data (e.g., a photoplethysmography (PPG) signal) simultaneously. When the device is worn on the user's fingertip, it will automatically recognize whether the wearer is a legitimate user or not. More specifically, multisensor data is collected and analyzed to extract representative and intensive features. Then, human activity recognition is applied as the first step to enhance the practicability of the authentication system. After correctly discriminating the motion state, a one-class machine learning algorithm is applied for identity authentication as the second step. When a user wears the device, the authentication process is carried on automatically at set intervals. Analyses were conducted using data from 40 individuals across various operational scenarios. Extensive experiments were executed to examine the effectiveness of the proposed approach, which achieved an average accuracy rate of 98.5% and an F1-score of 86.67%. Our results suggest that the proposed scheme provides a feasible and practical solution for authentication.

Jiajia Li,Qian Yi,Ming K. Lim,Shuping Yi,Pengxing Zhu,Xingjun Huang

DOI: https://doi.org/10.1109/tifs.2024.3480363

IF: 7.231

2024-11-02

IEEE Transactions on Information Forensics and Security

Abstract:Continuous authentication based on behavioral biometrics is effective and crucial as user behaviors are not easily copied. However, relying solely on one behavioral biometric limits the accuracy of continuous authentication. Therefore, a continuous authentication system based on multimodal behavioral biometrics fusion is proposed in this study, which fuses three modalities: contextual behavior, mouse behavior, and information interaction behavior. The multimodal dataset of user behavior is collected through a self-built website, and the behavioral feature sets for each modality are then created. An improved generative adversarial network method is used to align the datasets of the three modalities. The autoencoder with long short-term memory is employed for unsupervised anomaly detection of time-series behaviors and enables continuous authentication for each modality. The multimodal fusion is achieved using the meta-model of the stacked generalization method, and the final decision for continuous authentication is then determined. The experimental results demonstrate that the proposed multimodal fusion method significantly outperforms the unimodal and provides an effective way to improve the accuracy and user-friendliness of continuous authentication. This study offers insights into user behavior analysis, behavioral anomaly detection, and multimodal behavior fusion.

computer science, theory & methods,engineering, electrical & electronic

Jinxiao Wu,Xuanshu Luo,Siwei Chen,Yongqiang Lyu,Xiangyang Ji,Yan Meng,Dongsheng Wang

DOI: https://doi.org/10.1109/tmc.2024.3443208

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:Continuous authentication (CA) based on wrist photoplethysmogram (PPG) has been increasingly studied, but still requires further extensive investigation on PPG reliability over time and heart rates for real-world deployments. In this paper, we first analyze the inadequacy of current research, i.e., limited generalization capability for new users and insufficient experiments due to the absence of across-session data under different heart rates (HR). To address these problems, we then propose a unified and scalable feature extraction framework for wrist PPG-based CA. Given a continuous PPG waveform, our framework first encodes the PPG of each period separately, then extracts variability features contained in consecutive multi-period PPG for user authentication. On two datasets with a total of 155 subjects, we evaluate the performances of our system using different across-session levels and HR intervals, respectively. Despite more stringent experimental settings, we achieve even better performances than in previous studies. Using the subject-exclusive cross-validation protocol, our system reaches an average accuracy of 92.1% under the constraint of equal error rates in across-session evaluation, and average accuracy ranges from 86.4% (high HR) to 91.4% (low HR) for different HR intervals.

Yutong Shi,Xiujuan Wang,Kangfeng Zheng,Siwei Cao

DOI: https://doi.org/10.1007/s00530-022-00997-5

IF: 3.9

2022-01-01

Multimedia Systems

Abstract:Biometric authentication has advantages over traditional authentication based on passwords or pin number (PIN) in that it is based on the user's inherent characteristics which is not easily stolen or lost. Keystroke dynamics and mouse dynamics are biometrics that study the behavior patterns of human–computer interaction (HCI). Personal keystroke pattern and mouse-movement pattern are difficult to imitate and can, therefore, be used for personal identity authentication. Keystrokes and mouse movements can potentially authenticate users without affecting the use of computers and other devices to improve system security. In real environments, authentication methods that fuse keystroke dynamics and mouse dynamics are less accurate. In this paper, a new method of user authentication using complex real-environment HCI data is presented, which is called authentication adaptation network (AAN). In this method, heterogeneous domain adaptation (HDA) method is used for user authentication based on keystroke dynamics and mouse dynamics for the first time. All representative time windows and dimensionality reduction targets of keystroke dynamics features are compared to determine the parameters of AAN to ensure the robustness of the algorithm, and the effectiveness of the algorithm is demonstrated by validation experiments and comparison with the methods proposed in previous studies. Finally, experiments using the collected real-environment HCI dataset obtained 89.22% user authentication accuracy, which indicate that the proposed method achieves an encouraging performance.

Shihong Zou,Huizhong Sun,Guosheng Xu,Chenyu Wang,Xuanwen Zhang,Ruijie Quan

DOI: https://doi.org/10.1155/2023/3673113

IF: 1.968

2023-04-27

Security and Communication Networks

Abstract:Since the continuous authentication (CA) system based on smartphone sensors has been facing the challenge of the low-data regime under some practical scenarios, which leads to low accuracy of CA, it needs to be solved urgently. To this end, currently, the generative adversarial networks (GAN) provide a powerful method to train the result generative model that could generate very convincing verisimilar data. The framework of the GAN and its variants shed much light on improving the performance of CA. Therefore, in this article, we propose a continuous authentication system on smartphones based on a Wasserstein generative adversarial network (WGAN) for sensor data augmentation, which utilizes accelerometers, gyroscopes, and magnetometers of smartphone sensors to sense phone movements caused by user operation behavior. Specifically, based on sensor data under different user activities, the WGAN is used to create additional data in training data for data augmentation. With the augmented data, we design a convolutional neural network to learn and extract deep features from sensor data, and then use four classifiers of RF, OCSVM, DT, and KNN to train these features. Finally, we train and test on the HMOG dataset, and the results show that the EER of the authentication system is between 3.68% and 6.39% on the sensor data with a time window of 2 s.

computer science, information systems,telecommunications

Qi Li,Hao Chen

DOI: https://doi.org/10.1145/3316615.3316691

2019-01-01

Abstract:The rapid development of smartphones has greatly facilitated our lives. At the same time, securing the data stored and accessed from smartphones makes it important to authenticate the user. However, current smartphones perform one-time authentication at the entrance while they don't authenticate users continuously when in use, which brings serious privacy and security issues, such as collisions and social engineering to bypass the authentication. This paper introduces CDAS (Continuous Dynamic Authentication System), which uses the Support Vector Machine (SVM) to construct user's behavior model by collecting his touch data to judge him authorized whether or not. CDAS works independently in the background without interacting with users most time. Therefore, CDAS is featured with security, efficiency and continuity. We conducted a two-week experiment involving more than 20 users which shows that the system we design achieves a high accuracy, a low False Accept Rate (FAR) and a low False Reject Rate (FRR), which indicates that CDAS ensures the security and enjoys a promising prospect.

Tianming Zhao,Yan Wang,Jian Liu,Yingying Chen,Jerry Cheng,Jiadi Yu

DOI: https://doi.org/10.1109/INFOCOM41043.2020.9155526

2020-01-01

Abstract:Traditional one-time user authentication processes might cause friction and unfavorable user experience in many widely-used applications. This is a severe problem in particular for security-sensitive facilities if an adversary could obtain unauthorized privileges after a user’s initial login. Recently, continuous user authentication (CA) has shown its great potential by enabling seamless user authentication with few active participation. We devise a low-cost system exploiting a user’s pulsatile signals from the photoplethysmography (PPG) sensor in commercial wrist-worn wearables for CA. Compared to existing approaches, our system requires zero user effort and is applicable to practical scenarios with non-clinical PPG measurements having motion artifacts (MA). We explore the uniqueness of the human cardiac system and design an MA filtering method to mitigate the impacts of daily activities. Furthermore, we identify general fiducial features and develop an adaptive classifier using the gradient boosting tree (GBT) method. As a result, our system can authenticate users continuously based on their cardiac characteristics so little training effort is required. Experiments with our wrist-worn PPG sensing platform on 20 participants under practical scenarios demonstrate that our system can achieve a high CA accuracy of over 90% and a low false detection rate of 4% in detecting random attacks.

Chao Shen,Yong Zhang,Zhongmin Cai,Tianwen Yu,Xiaohong Guan

DOI: https://doi.org/10.1109/icb.2015.7139046

2015-01-01

Abstract:The increasing use of smartphones to access sensitive and privacy data has given rise to the need of secure authentication technique. Existing authentication mechanisms on smartphones can only provide one-time verification, but the verified users are still vulnerable to the session hijacking. In this article, we propose a transparent and continuous authentication system based on users' touch interaction data. We consider four common types of touch operations, and extract behavioral features to characterize users' touch behavior. Distance-measurement technique is applied to mitigate the behavioral variability. Then a multiple decision procedure is developed to perform continuous authentication, in which one-class classification algorithms are applied for classification. The efficacy of our approach is validated through a series of experiments in four real-world application scenarios. Our experimental results show that the proposed approach could verify a user in an accurate and timely manner, and suffice to be an enhancement for traditional authentication mechanisms in smartphones.