Text-Based Active Authentication for Mobile Devices

  • Hataichanok Saevanee
  • Nathan Clarke
  • Steven Furnell
  • Valerio Biscione
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 428)


As modern mobile devices are increasing in their capability and accessibility, they introduce additional demands in terms of security - particularly authentication. With the widely documented poor use of PINs, Active Authentication is designed to overcome the fundamental issue of usable and secure authentication through utilizing biometric-based techniques to continuously verify user identity. This paper proposes a novel text-based multimodal biometric approach utilizing linguistic analysis, keystroke dynamics and behavioral profiling. Experimental investigations show that users can be discriminated via their text-based entry, with an average Equal Error Rate (EER) of 3.3%. Based on these findings, a framework that is able to provide robust, continuous and transparent authentication is proposed. The framework is evaluated to examine the effectiveness of providing security and user convenience. The result showed that the framework is able to provide a 91% reduction in the number of intrusive authentication requests required for high security applications.


Active authentication Transparent authentication Continuous authentication Multimodal Biometric Mobile devices 


  1. 1.
    Ericsson.: Traffic and market report on the pulse of the networked society,
  2. 2.
    Kaspersky Lab.: European Users Mobile Behaviour and Awareness of MobileThreats,
  3. 3.
    Dimensional Research.: The impact of mobile devices on information security: A survey of IT professionals,
  4. 4.
    McAfee.: McAfee Reveals Consumers Fail To Protect Their Mobile Devices,
  5. 5.
    Clarke, N., Furnell, S.M.: Authentication of users on mobile telephones – A survey of attitudes and practices. Computer & Security 24(7), 519–527 (2005)CrossRefGoogle Scholar
  6. 6.
    Karatzouni, S., Clarke, N., Furnell, M.: Utilising Biometric for transparent user authentication on mobile devices. In: 2nd Internet Technologies and Applications, pp. 549–557 (2007)Google Scholar
  7. 7.
    Li, F., Clarke, N., Papadaki, M., Dowland, P.: Behaviour Profiling for Transparent Authentication for Mobile Devices. In: Proceedings of the 10th European Conference on Information Warfare (ECIW), Tallinn, Estonia, pp. 307–314 (2011)Google Scholar
  8. 8.
    Sim, T., Zhang, S., Janakiraman, R., Kumar, S.: Continuous verification using multimodal biometrics. Pattern Analysis and Machine Intelligence 29(4), 687–700 (2007)CrossRefGoogle Scholar
  9. 9.
    Kittler, J., Matas, J., Jonsson, K., Ramos Sanchez, M.U.: Combining Evidence in Personal Identity Verification Systems. Pattern Recognition Letters 18, 845–852 (1997)CrossRefGoogle Scholar
  10. 10.
    Poh, N., Korczak, J.: Hybrid Biometric Person Authentication Using Face and Voice Features. In: Bigun, J., Smeraldi, F. (eds.) AVBPA 2001. LNCS, vol. 2091, pp. 348–353. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Snelick, R., Uludag, U., Mink, A., Indovina, M., Jain, A.K.: Large-Scale Evaluation of Multimodal Biometric Authentication Using State-of-the-Art Systems. IEEE Transactions on Pattern Analysis and Machine Intelligence 27(4), 450–455 (2005)CrossRefGoogle Scholar
  12. 12.
  13. 13.
  14. 14.
  15. 15.
    Rudman, J.: The state of authorship attribution studies: Some problems and solutions. Computers and the Humanities 31, 351–365 (1998)CrossRefGoogle Scholar
  16. 16.
    Halteren, V.H.: Linguistic Profiling for Author Recognition and Verification, In: 42nd Annual Meeting on Association for Computational Linguistics (ACL 2004). Association for Computational Linguistics, Morristown (2004)Google Scholar
  17. 17.
    Zheng, R., Li, J., Chen, H., Huang, Z.: A Framework for Authorship Identification of Online Messages: Writing-Style Features and Classification Techniques. Journal of the American Society for Information Science and Technology 53, 378–393 (2006)CrossRefGoogle Scholar
  18. 18.
    Boukerche, A., Nitare, M.S.M.A.: Behavior-based intrusion detection in mobile phone systems. J. Parallel Distrib. Comput. 62(9), 1476–1490 (2002)CrossRefzbMATHGoogle Scholar
  19. 19.
    Damopoulos, D., Menesidou, S., Kambourakis, Papadaki, M., Clarke, N., Gritzalis, S.: Evaluation of Anomaly-Based IDS for Mobile Devices Using Machine Learning Classifiers. Security and Communication Networks 5(1), 3–14 (2012)CrossRefGoogle Scholar
  20. 20.
    Buschkes, R., Kesdogan, D., Reichl, P.: How to increase security in mobile networks by anomaly detection. In: Proceedings of the 14th Annual Computer Security Applications Conference, pp. 3–12 (1998)Google Scholar
  21. 21.
    Hall, J., Barbeau, M., Kranakis, E.: Anomaly based intrusion detection using mobility profiles of public transportation users. In: Proceeding of IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, vol. 2, pp. 17–24 (2005)Google Scholar
  22. 22.
    Biopassword.: the keystroke dynamics approach,
  23. 23.
  24. 24.
    Clarke, N., Furnell, S.M.: Authenticating Mobile Phone Users Using Keystroke Analysis. International Journal of Information Security, 1–14 (2006) ISSN: 1615-5262Google Scholar
  25. 25.
    Indovina, M., Uludag, U., Snelick, R., Mink, A., Jain, A.: Multimodal biometric authentication methods: a COTS approach. In: Proc. MMUA, pp. 99–106 (2003)Google Scholar
  26. 26.
    Eagle, N., Pentland, A., Lazer, D.: Inferring Social Network Structure using Mobile Phone Data. Proceeding of National Academy of Sciences (PNAS) 106, 15274–1578 (2009)Google Scholar
  27. 27.
    Ashbourne, J.: Biometric, Advanced identity verification. The complete guide. Springer (2000)Google Scholar
  28. 28.
    Jain, A.K., Nandakumar, K., Ross, A.: Score normalization in multimodal biometric systems. Pattern Recognition 38(12), 2270–2285 (2005)CrossRefGoogle Scholar
  29. 29.
    Clarke, N., Furnell, S.M. and Reynolds P.L.: Biometric Authenticating for Mobile Devices. In: 3rd Australian Information Warfare and Security Conference, Western Australia, (2002) Google Scholar
  30. 30.
    Lederm, T., Clarke, N.L.: Risk assessment for mobile devices. In: Furnell, S., Lambrinoudakis, C., Pernul, G. (eds.) TrustBus 2011. LNCS, vol. 6863, pp. 210–221. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2014

Authors and Affiliations

  • Hataichanok Saevanee
  • Nathan Clarke
    • 2
  • Steven Furnell
    • 2
  • Valerio Biscione
    • 1
  1. 1.Centre for Robotics and Neural SystemsPlymouth UniversityPlymouthUK
  2. 2.Security Research InstituteEdith Cowan UniversityPerthAustralia

Personalised recommendations