Scalable Behavioral Authentication

Islam, Morshedul; Kneppers, Marc

doi:10.1109/access.2021.3065921

Cited by 2 publications

(2 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the past, different approaches for authenticating the users of mobile devices have been developed. These approaches use either statistical features extracted on touch gestures [52], [67], [33], [69], [68], [44], [26], values that are captured by the sensors for identifying the user based on its motions [51], [38], [18], [22], [14], [70], [50], [37], [15], [30], [49], [65], [25], or correlate the touch gestures and motion sensors [29], [16], [20], [21]. However, these existing approaches are 1) restricted to identifying a user among a set of known users, thus can only detect intruders that were part of the training data [30], [33], [52], [65], [67], 2) require training the model when a new user joins the system limiting their scalability [15], [24], [70], or 3) work only in certain situations and not in a continuous way, e.g., when picking up the phone [19], [20], [21].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms

Fereidooni¹,

Koenig²,

Rieger³

et al. 2023

Proceedings 2023 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Mobile applications are widely used for online services sharing a large amount of personal data online. One-time authentication techniques such as passwords and physiological biometrics (e.g., fingerprint, face, and iris) have their own advantages but also disadvantages since they can be stolen or emulated, and do not prevent access to the underlying device, once it is unlocked. To address these challenges, complementary authentication systems based on behavioural biometrics have emerged. The goal is to continuously profile users based on their interaction with the mobile device. However, existing behavioural authentication schemes are not (i) user-agnostic meaning that they cannot dynamically handle changes in the user-base without model re-training, or (ii) do not scale well to authenticate millions of users. In this paper, we present AuthentiSense, a user-agnostic, scalable, and efficient behavioural biometrics authentication system that enables continuous authentication and utilizes only motion patterns (i.e., accelerometer, gyroscope and magnetometer data) while users interact with mobile apps. Our approach requires neither manually engineered features nor a significant amount of data for model training. We leverage a few-shot learning technique, called Siamese network, to authenticate users at a large scale. We perform a systematic measurement study and report the impact of the parameters such as interaction time needed for authentication and n-shot verification (comparison with enrollment samples) at the recognition stage. Remarkably, AuthentiSense achieves high accuracy of up to 97% in terms of F1-score even when evaluated in a few-shot fashion that requires only a few behaviour samples per user (3 shots). Our approach accurately authenticates users only after 1 second of user interaction. For AuthentiSense, we report a FAR and FRR of 0.023 and 0.057, respectively.

show abstract

Section: Related Workmentioning

confidence: 99%

“…The solution by Islam et al requires the users to solve a challenge, e.g., draw a circle [44]. However, with this explicit authentication action, there is no advantage compared to standard explicit authentication approaches, e.g., scanning the fingerprint.…”

Section: A Touch and Typing Behaviormentioning

confidence: 99%