Skip to main content
SpringerLink
Log in

Continuous Authentication

Authenticating individuals frequently during sessions to assure valid identity

  • Chapter
  • First Online:
Advances in User Authentication

Part of the book series: Infosys Science Foundation Series ((ISFSASE))

Abstract

Users are now all time connected to the cyber world through different devices and media. It has become essential to check regularly (by monitoring the system and user behavior) whether the user who logged on with valid credential is the same person currently accessing/using resources.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 89.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Guidorizzi RP (2013) Security: active authentication. IT Prof 15(4):4–7

    Google Scholar 

  2. Jagadeesan H, Hsiao MS (2011) Continuous authentication in computers. Continuous Authentication Using Biometrics: Data, Models, Metrics: Data, Models, Metrics (2011):40

    Google Scholar 

  3. Fathy ME, Patel VM, Chellappa R (2015) Face-based active authentication on mobile devices. In: 2015 IEEE international conference on acoustics, speech and signal processing (ICASSP). IEEE, pp 1687–1691

    Google Scholar 

  4. Viola P, Jones MJ (2004) Robust real-time face detection. Int J Comput Vision 57(2):137–154

    Google Scholar 

  5. Niinuma K, Jain AK (2010) Continuous user authentication using temporal information. In: SPIE Defense, Security, and Sensing. International Society for Optics and Photonics, pp 76670L–76670L

    Google Scholar 

  6. Mahbub U, Patel VM, Chandra D, Barbello B, Chellappa R (2016) Partial face detection for continuous authentication. arXiv:1603.09364

  7. Abramson M, Aha DW (2013) User authentication from web browsing behavior. Naval Research Lab, Washington DC

    Google Scholar 

  8. Kumar R, Tomkins A (2010) A characterization of online browsing behavior. In: Proceedings of the 19th international conference on World Wide Web. ACM, pp 561–570

    Google Scholar 

  9. Preuveneers D, Joosen W (2015) SmartAuth: dynamic context fingerprinting for continuous user authentication. In: Proceedings of the 30th annual ACM symposium on applied computing. ACM, pp 2185–2191

    Google Scholar 

  10. Domingos P, Hulten G (2000) Mining high-speed data streams. In: Proceedings of the sixth ACM SIGKDD international conference on knowledge discovery and data mining. ACM, pp 71–80

    Google Scholar 

  11. Karnan M, Akila M, Krishnaraj N (2011) Biometric personal authentication using keystroke dynamics: a review. Appl Soft Comput 11(2):1565–1573

    Google Scholar 

  12. Feng T, Zhao X, Carbunar B, Shi W (2013) Continuous mobile authentication using virtual key typing biometrics. In: 12th IEEE international conference on trust, security and privacy in computing and communications (TrustCom). IEEE, pp 1547–1552

    Google Scholar 

  13. Gascon H, Uellenbeck S, Wolf C, Rieck K (2014) Continuous authentication on mobile devices by analysis of typing motion behavior. Sicherheit, pp 1–12

    Google Scholar 

  14. Chang JM, Fang CC, Ho KH, Kelly N, Wu PY, Ding Y, Chu C, Gilbert S, Kamal AE, Kung SY (2013) Capturing cognitive fingerprints from keystroke dynamics. IT Prof 15(4):24–28

    Google Scholar 

  15. Stamatatos E (2009) A survey of modern authorship attribution methods. J Am Soc Inform Sci Technol 60(3):538–556

    Article  Google Scholar 

  16. Olsson J (2008). Forensic linguistics, 2nd edn. London: Continuum. ISBN: 978-0826461094

    Google Scholar 

  17. Juola P, Noecker JI, Stolerman A, R MV, Brennan P, Greenstadt Rachel (2013) Keyboard-behavior-based authentication. IT Prof 15(4):8–11

    Article  Google Scholar 

  18. Fathy ME, Patel VM, Yeh T, Zhang Y, Chellappa R, Davis LS (2014) Screen-based active user authentication. Pattern Recogn Lett 42:122–127

    Article  Google Scholar 

  19. Patel VM, Yeh T, Fathy ME, Zhang Y, Chen Y, Chellappa R, Davis L (2013) Screen fingerprints: a novel modality for active authentication. IT Prof 15(4):38–42

    Article  Google Scholar 

  20. Rashid A, Baron A, Rayson P, May-Chahal C, Greenwood P, Walkerdine J (2013) Who am I? Analyzing digital personas in cybercrime investigations. Computer 4:54–61

    Article  Google Scholar 

  21. Sitova Z, Sedenka J, Yang Q, Peng G, Zhou G, Gasti P, Balagani K (2015) HMOG: a new biometric modality for continuous authentication of smartphone users. arXiv: 1501.01199

    Google Scholar 

  22. Deutschmann I, Nordstrom P, Nilsson L (2013) Continuous authentication using behavioral biometrics. IT Prof 15(4):12–15

    Article  Google Scholar 

  23. Snapshots: DHS S&T, DARPA co-leading development of higher-level mobile device authentication methods. https://www.dhs.gov/science-and-technology/news/2016/07/20/snapshots-dhs-st-darpa-co-leading-development-higher-level. Accessed on 20 July 2016

  24. Fridman L, Weber S, Greenstadt R, Kam M (2015) Active authentication on mobile devices via stylometry. Appl Usage, Web Browsing, GPS Location. arXiv:1503.08479

  25. Li F, Clarke N, Papadaki M, Dowland P (2014) Active authentication for mobile devices utilising behaviour profiling. Int J Inform Secur 13(3):229–244

    Google Scholar 

  26. Chair Z, Varshney PK (1986) Optimal data fusion in multiple sensor detection systems. IEEE Trans Aerosp Electron Syst 1(1986):98–101

    Google Scholar 

  27. Saevanee H, Clarke N, Furnell S, Biscione V (2014) Text-based active authentication for mobile devices. In: ICT systems security and privacy protection. Springer, Berlin, pp 99–112

    Google Scholar 

  28. Wu J, Ishwar P, Konrad J (2016) Two-stream CNNs for authentication and identification: learning user gesture style. In: IEEE conference on computer vision and pattern recognition (CVPR) biometrics workshop

    Google Scholar 

  29. Shotton J, Sharp T, Kipman A, Fitzgibbon A, Finocchio M, Blake A, Cook M, Moore R (2013) Real-time human pose recognition in parts from single depth images. Commun ACM 56(1):116–124

    Google Scholar 

  30. Myers CS, Rabiner LR (1981) A comparative study of several dynamic time-warping algorithms for connected-word recognition. Bell Syst Tech J 60(7):1389–1409

    Google Scholar 

  31. Primo A, Phoha VV, Kumar R, Serwadda A (2014) Context-aware active authentication using smartphone accelerometer measurements. In: IEEE conference on computer vision and pattern recognition workshops (CVPRW), IEEE, pp 98–105

    Google Scholar 

  32. Fridman A, Stolerman A, Acharya S, Brennan P, Juola P, Greenstadt R, Kam M (2013) Decision fusion for multimodal active authentication. IT Prof 4:29–33

    Google Scholar 

  33. Lee WH, Lee RB (2015) Multi-sensor authentication to improve smartphone security. In: Conference on information systems security and privacy, pp 1–11

    Google Scholar 

  34. Bamasag OO, Youcef-Toumi K (2015) Towards continuous authentication in internet of things based on secret sharing scheme. In: Proceedings of the WESS’15: workshop on embedded systems security. ACM, p 1

    Google Scholar 

  35. Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613

    Google Scholar 

  36. Diez FP, Touceda DS, Cámara JMS, Zeadally S (2015) Toward self-authenticable wearable devices. IEEE Wireless Commun 37

    Google Scholar 

  37. www.nist.gov

  38. http://www.ffiec.gov/pdf/authentication_guidance.pdf

  39. DARPA’s Active Authentication (2014) Date accessed 15 Nov 2015. http://www.smartcardalliance.org/wp-content/uploads/karime.pdf

  40. The Identity Ecosystem Steering Group (IDESG) developed identity ecosystem framework (IDEF). www.IDESG.org

  41. http://www.proctoru.com/safety.php

  42. http://vproctor.com/

  43. Guidorizzi R (2012) Active authentication moving beyond passwords. Second round table: from biometric to augmented human recognition, 10 May 2012

    Google Scholar 

  44. DARPA’s Active Authentication: moving beyond passwords. http://www.connectidexpo.com/creo_files/expo2014-slides/connectID%20slides.pdf. Accessed on 17 Mar 2014

  45. https://www.pinterest.com/explore/sentence-structure/

  46. Bank C (2014) Gestures and animations: the pillars of mobile design. 1351. https://uxmag.com/articles/gestures-animations-the-pillars-of-mobile-design. Accessed on 1 Dec 2014

  47. Grant TD (2007) Quantifying evidence for forensic authorship analysis. Int J Speech Lang Law 14(1):1–25

    Google Scholar 

  48. Chen MC, Anderson JR, Sohn MH (2001) What can a mouse cursor tell us more? Correlation of eye/mouse movements on web browsing. In: CHI’01 extended abstracts on human factors in computing systems. ACM, pp 281–282

    Google Scholar 

  49. The National Strategy for Trusted Identities in Cyberspace (NSTIC or Strategy), 15 April 2011. https://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf

  50. Kayacik HG, Just M, Baillie L, Aspinall D, Micallef N (2014) Data driven authentication: on the effectiveness of user behaviour modelling with mobile device sensors. arXiv:1410.7743

  51. Zhu J, Wu P, Wang X, Zhang J (2013) Sensec: mobile security through passive sensing. In: International conference on computing, networking and communications (ICNC). IEEE, pp 1128–1133

    Google Scholar 

  52. Buthpitiya S, Zhang Y, Dey AK, Griss M (2011) N-gram geo-trace modeling. In: International conference on pervasive computing. Springer, Berlin, pp 97–114

    Google Scholar 

  53. Trojahn M, Ortmeier F (2013) Toward mobile authentication with keystroke dynamics on mobile phones and tablets. In: 27th international conference on advanced information networking and applications workshops (WAINA). IEEE, pp 697–702

    Google Scholar 

  54. Li L, Zhao X, Xue G (2013) Unobservable re-authentication for smartphones. In: NDSS

    Google Scholar 

  55. Nickel C, Wirtl T, Busch C (2012) Authentication of smartphone users based on the way they walk using k-NN algorithm. In: Eighth international conference on intelligent information hiding and multimedia signal processing (IIH-MSP). IEEE, pp 16–20

    Google Scholar 

  56. Guidorizzi RP (2014) DARPA’s active authentication: moving beyond passwords

    Google Scholar 

  57. Serwadda A, Balagani K, Wang Z, Koch P, Govindarajan S, Pokala R, Goodkind A, Brizan DG, Rosenberg A, Phoha VV (2013) Scan-based evaluation of continuous keystroke authentication systems. IT Prof 4:20–23

    Google Scholar 

  58. Chang JM, Fang CC, Ho KH, Kelly N, Wu PY, Ding Y, Chu C, Gilbert S, Kamal AE, Kung SY (2013) Capturing cognitive fingerprints from keystroke dynamics. IT Prof 15(4):24–28

    Google Scholar 

  59. Zhong Y, Deng Y, Jain AK (2012) Keystroke dynamics for user authentication. In: IEEE computer society conference on computer vision and pattern recognition workshops (CVPRW), IEEE, pp 117–123

    Google Scholar 

  60. Locklear H, Sitova Z, Govindarajan S, Goodkind A, Brizan DG, Gasti P, Rosenberg A, Phoha V, Balagani KS (2014) Continuous authentication with cognition-centric text production and revision features. In: International joint conference on biometrics (IJCB), Clearwater, Florida

    Google Scholar 

  61. Primo A, Phoha VV, Kumar R, Serwadda A (2014) Context-aware active authentication using smartphone accelerometer measurements. In: The IEEE conference on computer vision and pattern recognition (CVPR) workshops

    Google Scholar 

  62. Klieme E, Engelbrecht KP, Möller S (2014) Poster: towards continuous authentication based on mobile messaging app usage

    Google Scholar 

  63. Feng T, Liu Z, Kwon KA, Shi W, Carbunar B, Jiang Y, Nguyen N (2012) Continuous mobile authentication using touchscreen gestures. In: IEEE conference on technologies forhomeland security (HST). IEEE, pp 451–456

    Google Scholar 

  64. Serwadda A, Wang Z, Koch P, Govindarajan S, Pokala R, Goodkind A, Brizan DG, Rosenberg A, Phoha VV, Balagani K (2013) Scan-based evaluation of continuous keystroke authentication systems. IT Prof 4(15):20–23

    Google Scholar 

  65. Deutschmann I, Lindholm J (2013) Behavioral biometrics for DARPA’s active authentication program. In: Biometrics Special Interest Group (BIOSIG). IEEE, pp 1–8

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, The University of Memphis, Memphis, TN, USA

    Dipankar Dasgupta, Arunava Roy & Abhijit Nag

Authors
  1. Dipankar Dasgupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arunava Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abhijit Nag
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dipankar Dasgupta .

Review Questions

Review Questions

  • Question 1:

What is continuous authentication? Discuss four characteristics for good continuous authentication system.

  • Question 2:

What are the features to be considered for Keystroke dynamics? Explain them.

  • Question 3:

How web browsing behavior distinguishes the users in continuous authentication systems?

  • Question 4:

Describe the key features of cognitive fingerprint and how is it used in continuous authentication?

  • Question 5:

What type of temporal information is used in continuous authentication? Briefly discuss.

  • Question 6:

What is meant by HMOG? Describe this feature for continuous authentication for mobile devices.

  • Question 7:

What is the difference between multi-modal and uni-modal continuous authentication?

  • Question 8:

Describe a multi-modal continuous authentication where keystroke and mouse are one of the modalities for authentication.

  • Question 9:

Describe the text-based biometrics as multi-modal behavioral biometrics.

  • Question 10:

What features of application usage and screen fingerprints are used for continuous authentication?

Multiple-choice Questions

  • Question 1

Which of the following(s) is not considered as cognitive fingerprint for active authentication?

A. User search

B. Stylometry

C. Covert games

D. How people talks

  • Question 2

What is the most common behavioral biometric used for both static and continuous authentication?

A. Keystroke and Mouse

B. Fingerprint

C. Face recognition in mobile device

D. Voice recognition

  • Question 3

Which of the following characteristic is required for a good continuous authentication system?

A. Physiological attributes

B. Application-oriented

C. Hardware-oriented

D. Non-intrusiveness

  • Question 4

Which characteristic is NOT required for a good continuous authentication system?

A. Non-intrusiveness

B. Application-independent

C. hardware-dependent

D. fast

  • Question 5

Which metric is better for continuous authentication using keystroke dynamics?

A. EER

B. number of keystrokes before detecting imposter

C. FAR

D. FNMR

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Dasgupta, D., Roy, A., Nag, A. (2017). Continuous Authentication. In: Advances in User Authentication. Infosys Science Foundation Series(). Springer, Cham. https://doi.org/10.1007/978-3-319-58808-7_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-58808-7_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-58806-3

  • Online ISBN: 978-3-319-58808-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation