Implicit and Continuous Authentication of Smart Home Users

  • Noureddine AmraouiEmail author
  • Amine Besrour
  • Riadh Ksantini
  • Belhassen Zouari
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 926)


This paper presents a security framework that continuously authenticates smart homes users in order to make sure that only authorized ones are allowed to control their Internet of Things (IoT) devices while, at the same time, preventing them in case of performing abnormal and dangerous control actions. To do so, control commands under normal operation of both users and devices, are first implicitly traced to build a One Class Support Vector Machine (OCSVM) model as a baseline from which deviations (i.e., anomalous commands) should be detected and rejected, while normal observations (i.e., normal commands) should be considered as legitimate and allowed to be executed. Experiments conducted on our artificial datasets show the efficiency of such user behavior-based approach achieving at least 95.29% and 4.12% of True Positive (TP) and False Positive (FP) rates, respectively.


  1. 1.
  2. 2.
    Garcia-Font, V., Garrigues, C., Rifà-Pous, H.: A comparative study of anomaly detection techniques for smart city wireless sensor networks. Sens. J. 16, 868 (2016)CrossRefGoogle Scholar
  3. 3.
    Haim, B., Menahem, E., Wolfsthal, Y., Meenan, C.: Visualizing insider threats: an effective interface for security analytics. In: 22nd ACM International Conference on Intelligent User Interfaces Companion, pp. 39–42 (2017)Google Scholar
  4. 4.
    Liao, Q., Li, H., Kang, S., Liu, C.: Application layer DDoS attack detection using cluster with label based on sparse vector decomposition and rhythm matching. Secur. Commun. Netw. J 8, 3111–3120 (2015)CrossRefGoogle Scholar
  5. 5.
    Mathew, S., Petropoulos, M., Ngo, H.Q., Upadhyaya, S.: A data-centric approach to insider attack detection in database systems. In: 13th International Workshop on Recent Advances in Intrusion Detection, pp. 382–401, Berlin (2010)Google Scholar
  6. 6.
    Mazzawi, H., Dalal, G., Rozenblat, D., et al.: Anomaly detection in large databases using behavioral patterning. In: 33rd International Conference on Data Engineering, San Diego, pp. 1140–1149 (2017)Google Scholar
  7. 7.
    Najafabadi, M.M., Khoshgoftaar, T.M., Calvert, C., Kemp, C.: User behavior anomaly detection for application layer DDoS attacks. In: 18th International Conference on Information Reuse and Integration, San Diego, pp. 154–161 (2017)Google Scholar
  8. 8.
    Rath, A.T., Colin, J.N.: Strengthening access control in case of compromised accounts in smart home. In: 13th International Conference on Wireless and Mobile Computing, Networking and Communications, pp. 1–8, Rome (2017)Google Scholar
  9. 9.
    Ruan, X., Wu, Z., Wang, H., Jajodia, S.: Profiling online social behaviors for compromised account detection. Trans. Inf. Forensics Secur. J 11, 176–187 (2016)CrossRefGoogle Scholar
  10. 10.
    Scholkopf, B., Platt, J., Taylor, J.S., et al.: Estimating the support of a high-dimensional distribution. Neural Comput. J 13, 1443–1471 (2001)CrossRefGoogle Scholar
  11. 11.
    Viswanath, B., Bashir, M.A., Crovella, M., et al.: Towards detecting anomalous user behavior in online social networks. In: 23rd USENIX Security Symposium, San Diego, pp. 223–238 (2014)Google Scholar
  12. 12.
    Wang, C., Yang, B.: Composite Behavioral Modeling for Identity Theft Detection in Online Social Networks (2018). arXiv preprint arXiv:1801.06825

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Noureddine Amraoui
    • 1
    Email author
  • Amine Besrour
    • 1
  • Riadh Ksantini
    • 1
  • Belhassen Zouari
    • 1
  1. 1.Higher School of Communications of TunisArianaTunisia

Personalised recommendations