PersonaIA: A Lightweight Implicit Authentication System Based on Customized User Behavior Selection

Yang, Yingyuan; Sun, Jianhua; Guo, Linke

doi:10.1109/tdsc.2016.2645208

Cited by 15 publications

(32 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2019, Quintal et al [48] analysed the mobile user continuous authentications in IoT, and classified these authentication factors into event capture types such as password, fingerprint, applications start and end, network connection and disconnection, continuous sequence of events, such as gestures, and derived behavioural features, such as application choice, and demonstrated that all factors are correlated with the actual user identity. Currently, lots of multimodal continuous authentications are proposed in smartphone, IoT [49][50][51].…”

Section: Multimodal-fusion-based Authentication Schemesmentioning

confidence: 99%

Design and Implementation of Continuous Authentication Mechanism Based on Multimodal Fusion Mechanism

Guan

Zhang

2021

Security and Communication Networks

View full text Add to dashboard Cite

Most of the current authentication mechanisms adopt the “one-time authentication,” which authenticate users for initial access. Once users have been authenticated, they can access network services without further verifications. In this case, after an illegal user completes authentication through identity forgery or a malicious user completes authentication by hijacking a legitimate user, his or her behaviour will become uncontrollable and may result in unknown risks to the network. These kinds of insider attacks have been increasingly threatening lots of organizations, and have boosted the emergence of zero trust architecture. In this paper, we propose a Multimodal Fusion-based Continuous Authentication (MFCA) scheme, which collects multidimensional behaviour characteristics during the online process, verifies their identities continuously, and locks out the users once abnormal behaviours are detected to protect data privacy and prevent the risk of potential attack. More specifically, MFCA integrates the behaviours of keystroke, mouse movement, and application usage and presents a multimodal fusion mechanism and trust model to effectively figure out user behaviours. To evaluate the performance of the MFCA, we designed and implemented the MFCA system and the experimental results show that the MFCA can detect illegal users in quick time with high accuracy.

show abstract

Section: Multimodal-fusion-based Authentication Schemesmentioning

confidence: 99%

Design and Implementation of Continuous Authentication Mechanism Based on Multimodal Fusion Mechanism

Guan

Zhang

2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…This means that the user does not have to actively take a security measure (e.g. PIN input), but the system checks and analyses the behavior of the user in the background [22]. In this context, we speak of dynamic or continuous authentication because user behavior is checked while the device or application is being used.…”

Section: Behavioral Biometrics 33mentioning

confidence: 99%

The Authentication Dilemma

Wiercioch¹,

Teufel²,

Teufel³

2018

JSW

View full text Add to dashboard Cite

The design of user authentication has a significant impact on IT security or cybersecurity in general. Studies show that users put more weight on faster and more convenient access to an electronic device than on the security aspect. Classical authentication methods such as passwords are less effective because of their low practicality; around one third of users do not use passwords at all. In view of the increasing digitization and spread of smart and mobile devices, biometrics, i.e. behavior-based methods for the automatic identification of individuals, provides a user-friendly solution to the security question. In particular, behavioral biometrics as an implicit method offers a high degree of practicability with a relatively high level of security. Of course, biometric authentication cannot guarantee 100% security. Both, research and practice are facing an authentication dilemma: Increasing security is usually at the expense of user friendliness-and vice versa. The challenge is to optimize practicability and security in the authentication process.

show abstract

“…When legitimate and illegitimate users have vastly different behaviors, existing IA schemes can achieve high authentication accuracy. However, based on our preliminary simulation using the Friends and Family Dataset [29], [30], more than 70% of users' behavior data samples overlap and cannot be separated by simply setting a threshold 1 . As an example, we randomly selected two participants from the dataset, one as the legitimate user and the other as the illegitimate user, and converted their SVM output to probabilistic behavior scores.…”

Section: A System Overviewmentioning

confidence: 99%

“…Rich behavioral data gathered by various sensors embedded in smart devices facilitates the implicit authentication of users based on their behaviors [1]- [3]. In general, IA systems authenticate a user by matching her real-time behavior to her historical behavior.…”

Section: Introductionmentioning

confidence: 99%

“…However, it is highly challenging to achieve such balance due to the dynamically changing behaviors of users. On the one hand, we need the system to cope with a user's behavior deviation [1], e.g., a change of routine, and not falsely reject the user (usability). On the other hand, the system needs to differentiate between a legitimate user's changed behavior and other users' behaviors to prevent falsely accepting adversaries (security).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Dynamic Multi-level Privilege Control in Behavior-based Implicit Authentication Systems Leveraging Mobile Devices

Yang

Huang

Guo

et al. 2018

Preprint

Self Cite

View full text Add to dashboard Cite

Implicit authentication (IA) is gaining popularity over recent years due to its use of user behavior as the main input, relieving users from explicit actions such as remembering and entering passwords. However, such convenience comes at a cost of authentication accuracy and delay which we propose to improve in this paper. Authentication accuracy deteriorates as users' behaviors change as a result of mood, age, a change of routine, etc. Current authentication systems handle failed authentication attempts by locking the user out of her mobile device. It is unsuitable for IA whose accuracy deterioration induces high false reject rate, rendering the IA system unusable. Furthermore, existing IA systems leverage computationally expensive machine learning which can introduce large authentication delay. It is challenging to improve the authentication accuracy of these systems without sacrificing authentication delay. In this paper, we propose a multi-level privilege control (MPC) scheme that dynamically adjusts users' access privilege based on their behavior change. MPC increases the system's confidence on users' legitimacy even when their behaviors deviate from historical data, thus improving authentication accuracy. It is a lightweight feature added to the existing IA schemes that helps avoid frequent and expensive retraining of machine learning models, thus improving authentication delay. We demonstrate that MPC increases authentication accuracy by 18.63% and reduces authentication delay by 7.02 minutes on average, using a public dataset that contains comprehensive user behavior data.

show abstract

PersonaIA: A Lightweight Implicit Authentication System Based on Customized User Behavior Selection

Cited by 15 publications

References 21 publications

Design and Implementation of Continuous Authentication Mechanism Based on Multimodal Fusion Mechanism

Design and Implementation of Continuous Authentication Mechanism Based on Multimodal Fusion Mechanism

The Authentication Dilemma

Dynamic Multi-level Privilege Control in Behavior-based Implicit Authentication Systems Leveraging Mobile Devices

Contact Info

Product

Resources

About