Skip to main content

An Evaluation of Behavioural Profiling on Mobile Devices

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNISA,volume 8533)


With more than 6.3 billion subscribers around the world, mobile de-vices play a significant role in people’s daily life. People rely upon them to carry out a wide variety of tasks, such as accessing emails, shopping online, micro-payments and e-banking. It is therefore essential to protect the sensitive information that is stored on the device against misuse. The majority of these mobile devices are still dependent upon passwords and Personal Identification Numbers (PIN) as a form of user authentication. However, the weakness of these point-of-entry techniques is well documented. Furthermore, current point-of-entry authentication will only serve to provide a one-off authentication decision with the time between an authentication and access control decision effectively becoming independent. Through transparent authentication, identity verification can be performed continuously; thereby more closely associating the authentication and access control decisions. The challenge is in providing an effective solution to the trade-off between effective security and usability.

With the purpose of providing enhanced security, this paper describes a behavioural profiling framework, which utilizes application or service usage to verify individuals in a continuous manner. In order to examine the effectiveness a series of simulations were conducted by utilising real users’ mobile applications usage. The dataset contains 76 users’ application activities over a four-week period, including 30,428 log entries for 103 unique applications (e.g. telephone, text message and web surfing). The simulations results show that the framework achieved a False Rejection Rate (FRR) of 12.91% and a False Acceptant Rate (FAR) of 4.17%. In contrast with point of entry approaches, the behavioural profiling technique provides a significant improvement in both device security and user convenience. An end-user trial was undertaken to assist in investigating the perceptions surrounding the concept of behavioural profiling technique – an approach that is conceptually associated with privacy concerns. The survey revealed that participants were strongly in favour (71%) of using the behavioural approach as a supplement of the point-of-entry technique to protect their devices. The results also provided an interesting insight into the perceived privacy issues with the approach, with 38% of the participants stating they do not care about their personal information being recorded.


  • behavioural profiling
  • authentication
  • non-intrusive
  • transparent


  1. Apple Inc., iPhone 5s: Using the touch ID kb/HT5883 (2014), (accessed: January 09, 2014)

  2. Checkpoint, The impact of mobile devices on information security (2013), (accessed: January 05, 2014)

  3. Clarke, N.: Transparent User Authentication. Springer, Berlin (2011)

    CrossRef  Google Scholar 

  4. Clarke, N.L., Furnell, S.M.: Authentication of users on mobile telephones—a survey of attitudes and practices. Computer Security 24(7), 519–527 (2005)

    CrossRef  Google Scholar 

  5. Clarke, N.L., Mekala, A.R.: The application of signature recognition to trans-parent handwriting verification for mobile devices. Information Management & Computer Security 15(3), 214–225 (2007)

    CrossRef  Google Scholar 

  6. Clarke, N.L., Furnell, S.M.: Authenticating Mobile Phone Users Using Keystroke Analysis. International Journal of Information Security, 1–14 (2006) ISSN:1615-5262

    Google Scholar 

  7. DARPA, Active Authentication, DARPA (2011), (accessed: January 17, 2014)

  8. Derawi, M.O., Nickel, C., Bours, P., Busch, C.: Unobtrusive User-Authentication on Mobile Phones Using Biometric Gait Recognition. In: Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (2010)

    Google Scholar 

  9. Eagle, N., Pentland, A., Lazer, D.: Inferring social network structure using mobile phone data. Proceedings of the National Academy of Sciences (PNAS) 106, 15274–15278 (2009)

    CrossRef  Google Scholar 

  10. FaceLock (2014), (date accessed: January 08, 2014)

  11. Gartner, Gartner Says Mobile App Stores Will See Annual Downloads Reach 102 Billion in 2013 (2013), (accessed: October 10, 2014)

  12. Huth, A., Orlando, M., Pesante, L.: Password Security, Protection, and Management (2012), (accessed: January 09, 2014)

  13. IDC, Android Pushes Past 80% Market Share While Windows Phone Shipments Leap 156.0% Year Over Year in the Third Quarter (2013), (accessed: January 23, 2014)

  14. ITU, Global ICT developments (2014), (accessed: January 06, 2014)

  15. Kurkovsky, S., Syta, E.: Digital natives and mobile phones: A survey of practices and attitudes about privacy and security. In: Proceedings of the IEEE International Symposium on Technology and Society (ISTAS), pp. 441–449 (2010)

    Google Scholar 

  16. Lazou, A., Weir, G.: Perceived risk and sensitive data on mobile devices. Cyberforensics. University of Strathclyde, Glasgow, pp. 183–196 (2011) ISBN 9780947649784

    Google Scholar 

  17. Li, F., Clarke, N.L., Papadaki, M., Dowland, P.S.: Active authentication for mobile devices utilising behaviour profiling. International Journal of Information Security (2013), doi:10.1007/s10207-013-0209-6

    Google Scholar 

  18. Portioresearch, Fast growth of apps user base in booming Asia Pacific market (2013), (accessed January 10, 2014)

  19. Prabhakar, S., Pankanti, S., Jain, A.K.: Biometric recognition: security and privacy concerns. IEEE Security & Privacy 1(2), 33–42 (2003)

    CrossRef  Google Scholar 

  20. Weinstein, E., Ho, P., Heisele, B., Poggio, T., Steele, K., Agarwal, A.: Handheld face identification technology in a pervasive computing environment. In: Pervasive 2002, Zurich, Switzerland, pp. 48–54 (2002)

    Google Scholar 

  21. Woo, R., Park, A., Hazen, T.: The MIT Mobile Device Speaker Verification Corpus: Data collection and preliminary experiments. In: Proceeding of Odyssey, The Speaker & Language Recognition Workshop, San Juan, Puerto Rico (June 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Li, F., Wheeler, R., Clarke, N. (2014). An Evaluation of Behavioural Profiling on Mobile Devices. In: Tryfonas, T., Askoxylakis, I. (eds) Human Aspects of Information Security, Privacy, and Trust. HAS 2014. Lecture Notes in Computer Science, vol 8533. Springer, Cham.

Download citation

  • DOI:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-07619-5

  • Online ISBN: 978-3-319-07620-1

  • eBook Packages: Computer ScienceComputer Science (R0)