Implicit Authentication through Learning User Behavior

  • Elaine Shi
  • Yuan Niu
  • Markus Jakobsson
  • Richard Chow
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6531)

Abstract

Users are increasingly dependent on mobile devices. However, current authentication methods like password entry are significantly more frustrating and difficult to perform on these devices, leading users to create and reuse shorter passwords and pins, or no authentication at all. We present implicit authentication - authenticating users based on behavior patterns. We describe our model for performing implicit authentication and assess our techniques using more than two weeks of collected data from over 50 subjects.

Keywords

security usability implicit authentication behavior modelling 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    em, A Python Package for Learning Gaussian Mixture Models with Expectation Maximization, http://www.ar.media.kyoto-u.ac.jp/members/david/softwares/em/
  2. 2.
    Bigun, J., Fierrez-Aguilar, J., Ortega-Garcia, J., Gonzalez-Rodriguez, J.: Combining biometric evidence for person authentication. In: Tistarelli, M., Bigun, J., Grosso, E. (eds.) Advanced Studies in Biometrics. LNCS, vol. 3161, pp. 1–18. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Brunelli, R., Falavigna, D.: Person identification using multiple cues. IEEE Transactions on Pattern Analysis and Machine Intelligence (1995)Google Scholar
  4. 4.
    Chang, K., Hightower, J., Kveton, B.: Inferring identity using accelerometers in television remote controls. In: Tokuda, H., Beigl, M., Friday, A., Brush, A.J.B., Tobe, Y. (eds.) Pervasive 2009. LNCS, vol. 5538, pp. 151–167. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Damiani, M.L., Silvestri, C.: Towards movement-aware access control. In: SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS (2008)Google Scholar
  6. 6.
    Dwork, C.: Differential privacy: A survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Falaki, H., Mahajan, R., Kandula, S., Lymberopoulos, D., Govindan, R., Estrin, D.: Diversity in smartphone usage. In: MobiSys (2010)Google Scholar
  8. 8.
    Furnell, S., Clarke, N., Karatzouni, S.: Beyond the pin: Enhancing user authentication for mobile devices. Computer Fraud and Security (2008)Google Scholar
  9. 9.
    Gafurov, D., Helkala, K., Søndrol, T.: Biometric gait authentication using accelerometer sensor. JCP 1(7), 51–59 (2006)CrossRefGoogle Scholar
  10. 10.
    Greenstadt, R., Beal, J.: Cognitive security for personal devices. In: AISec (2008)Google Scholar
  11. 11.
    Jakobsson, M., Juels, A.: Server-side detection of malware infection. In: NSPW (2009)Google Scholar
  12. 12.
    Kale, A., Cuntoor, N., Krüger, V.: Gait-Based Recognition of Humans Using Continuous HMMs. In: Proceedings of the Fifth IEEE International Conference on Automatic Face and Gesture Recognition, FGR 2002 (2002)Google Scholar
  13. 13.
    Leggett, G., Williams, J., Usnick, M.: Dynamic identity verification via keystroke characteristics. International Journal of Man-Machine Studies (1998)Google Scholar
  14. 14.
    Monrose, F., Rubin, A.: Authentication via keystroke dynamics. In: 4th ACM Conference on Computer and Communications Security, pp. 48–56 (1997)Google Scholar
  15. 15.
    Moore, A.: Lecture Notes: Gaussian Mixture Models, http://www.cs.cmu.edu/afs/cs/Web/People/awm/tutorials/gmm.html
  16. 16.
    Nisenson, M., Yariv, I., El-Yaniv, R., Meir, R.: Towards behaviometric security systems: Learning to identify a typist. In: Lavrač, N., Gamberger, D., Todorovski, L., Blockeel, H. (eds.) PKDD 2003. LNCS (LNAI), vol. 2838, pp. 363–374. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Rainie, L., Anderson, J.: The Future of the Internet III, http://www.pewinternet.org/Reports/2008/The-Future-of-the-Internet-III.aspx
  18. 18.
    Sastry, N., Shankar, U., Wagner, D.: Secure verification of location claims. In: Proceedings of the 2nd ACM Workshop on Wireless Security, WiSe 2003 (2003)Google Scholar
  19. 19.
    Schroeder, S.: Smartphones Are Selling Like Crazy, http://mashable.com/2010/02/05/smartphones-sales/
  20. 20.
    Shi, E., Niu, Y., Jakobsson, M., Chow, R.: Implicit Authentication through Learning User Behavior. Full online version, http://midgard.cs.ucdavis.edu/~niu/papers/isc2010full.pdf
  21. 21.
    Whitney, L.: Smartphones to dominate PCs in Gartner forecast, http://news.cnet.com/8301-1001_3-10434760-92.html

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Elaine Shi
    • 1
  • Yuan Niu
    • 2
  • Markus Jakobsson
    • 3
  • Richard Chow
    • 1
  1. 1.Palo Alto Research CenterUSA
  2. 2.University of CaliforniaDavisUSA
  3. 3.FatSkunkUSA

Personalised recommendations