TY - GEN
T1 - Modeling interactive sensor-behavior with smartphones for implicit and active user authentication
AU - Chen, Yufei
AU - Shen, Chao
AU - Wang, Zhao
AU - Yu, Tianwen
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/6/13
Y1 - 2017/6/13
N2 - While the public enjoy the convenience aroused by the proliferation of the smartphones, they also face the risk of exposing their sensitive and secure information to attackers. Extant smartphone authentication methods (e.g., PIN and fingerprint) typically provide one-time identity verification, but the verified user is still subject to session hijacking or masquerading attacks. In this paper, we propose a framework and performance analysis of using onboard-sensor behavior for continuous user authentication on smartphones, which can implicitly and continuously verifies the presence of a smartphone user. When a user carries the smartphone to do daily activities, time-, frequency- and wavelet-domain features are extracted from smartphone sensor data for accurately depicting users' motion patterns. A decision procedure based on one-class learning algorithms is developed and employed in the feature space to perform the continuous authentication task. Analyses are conducted based on sensor-interaction data on five typical daily activities with 27,681 samples across five phonecarrying positions. Extensive experiments in two specific scenarios are included to examine the efficacy of the proposed approach, which achieves a relatively high accuracy with the equal-error rate achieves 2.40% and 5.50% respectively. Our authentication system can be seamlessly integrated with extant smartphone authentication mechanisms, and is nonintrusive to users and does not need extra hardware.
AB - While the public enjoy the convenience aroused by the proliferation of the smartphones, they also face the risk of exposing their sensitive and secure information to attackers. Extant smartphone authentication methods (e.g., PIN and fingerprint) typically provide one-time identity verification, but the verified user is still subject to session hijacking or masquerading attacks. In this paper, we propose a framework and performance analysis of using onboard-sensor behavior for continuous user authentication on smartphones, which can implicitly and continuously verifies the presence of a smartphone user. When a user carries the smartphone to do daily activities, time-, frequency- and wavelet-domain features are extracted from smartphone sensor data for accurately depicting users' motion patterns. A decision procedure based on one-class learning algorithms is developed and employed in the feature space to perform the continuous authentication task. Analyses are conducted based on sensor-interaction data on five typical daily activities with 27,681 samples across five phonecarrying positions. Extensive experiments in two specific scenarios are included to examine the efficacy of the proposed approach, which achieves a relatively high accuracy with the equal-error rate achieves 2.40% and 5.50% respectively. Our authentication system can be seamlessly integrated with extant smartphone authentication mechanisms, and is nonintrusive to users and does not need extra hardware.
UR - http://www.scopus.com/inward/record.url?scp=85022216257&partnerID=8YFLogxK
U2 - 10.1109/ISBA.2017.7947694
DO - 10.1109/ISBA.2017.7947694
M3 - Conference Proceeding
AN - SCOPUS:85022216257
T3 - 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017
BT - 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2017 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA 2017
Y2 - 22 February 2017 through 24 February 2017
ER -