Advertisement

User Behaviour-Based Mobile Authentication System

  • Adnan Bin Amanat AliEmail author
  • Vasaki Ponnusamy
  • Anbuselvan Sangodiah
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 924)

Abstract

Android is one of the most popular operating systems being used in smartphones and is facing security issues. Many authentication techniques are being used, and most of them are based on username, password or PIN. These techniques are considered weak because of several drawbacks such as passwords and PIN can be guessed, forgotten or stolen. When the mobile phone is stolen, misplaced or in the possession of the third party, an unauthorized user can get access to the applications and features of the mobile phone. Furthermore, after a one-time login, no further credentials are required. Therefore, a better security authentication system is needed to overcome this problem. This study proposes an identity management framework that can secure mobile application’s data from an unauthorized user. The proposed framework consists of various features that are extracted from phone swiping behaviour. The framework is comprised of enrolment and authentication phases. In the enrolment phase, the system learns the user behaviour, and in the authentication phase, it is able to accept or reject the current user based on his behaviour.

Keywords

Continuous authentication Behavioural Touch screen Sensors Security 

Notes

Acknowledgements

This research is funded by Universiti Tunku Abdul Rahman (UTAR) under the UTAR Research Fund (UTARRF): 6200/V02.

Informed consent was obtained from all individual participants included in the study.

References

  1. 1.
    Killourhy, K.S., Maxion, R.A.: Comparing anomaly-detection algorithms for keystroke dynamics. In: Proceedings of International Conference on Dependable Systems and Networks, pp. 125–134 (2009)Google Scholar
  2. 2.
    Roh, J.H., Lee, S.H., Kim, S.: Keystroke dynamics for authentication in smartphone. In: 2016 International Conference on Information and Communication Technology Convergence, ICTC 2016, pp. 1155–1159 (2016)Google Scholar
  3. 3.
    Clarke, N., Karatzouni, S., Furnell, S.: Flexible and transparent user authentication for mobile devices. IFIP Adv. Inf. Commun. Technol. 297, 1–12 (2009)CrossRefGoogle Scholar
  4. 4.
    Clarke, N.L., Furnell, S.M.: Authenticating mobile phone users using keystroke analysis. Int. J. Inf. Secur. 6(1), 1–14 (2007)CrossRefGoogle Scholar
  5. 5.
    Nauman, M., Ali, T.: TOKEN: trustable keystroke-based authentication for web-based applications on smartphones. Commun. Comput. Inf. Sci. 76, 286–297 (2010)Google Scholar
  6. 6.
    Zahid, S., Shahzad, M., Khayam, S.A.: Keystroke-based user identification on smart phones. In: International Workshop on Recent Advances in Intrusion Detection, pp. 224–243 (2009)Google Scholar
  7. 7.
    Zheng, N., Bai, K., Huang, H., Wang, H.: You are how you touch: user verification on smartphones via tapping behaviors. In: Proceedings—International Conference on Network Protocols, ICNP 2014, pp. 221–232 (2014)Google Scholar
  8. 8.
    Biddle, R., Chiasson, S., Van Oorschot, P.C.: Graphical passwords: learning from the first twelve years. Security V, 1–43 (2009)CrossRefzbMATHGoogle Scholar
  9. 9.
    Takahashi, H., Ogura, K., Bista, B.B., Takata, T.: A user authentication scheme using keystrokes for smartphones while moving. In: International Symposium on Information Theory and Its Applications, no. C, pp. 310–314 (2016)Google Scholar
  10. 10.
    Chang, T.Y., Tsai, C.J., Lin, J.H.: A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices. J. Syst. Softw. 85(5), 1157–1165 (2012)CrossRefGoogle Scholar
  11. 11.
    Jermyn, I., Mayer, A., Monrose, F., Reiter, M.K., Rubin, A.D.: The design and analysis of graphical passwords. In: Proceedings of 8th USENIX Security Symposium, vol. 8, p. 1 (1999)Google Scholar
  12. 12.
    Bergadano, F., Gunetti, D., Picardi, C.: User authentication through keystroke dynamics. ACM Trans. Inf. Syst. Secur. 5(4), 367–397 (2002)CrossRefGoogle Scholar
  13. 13.
    De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H.: Touch me once and i know it’s you! In: Proceedings of 2012 ACM Annual Conference on Human Factors in Computing Systems, CHI ’12, p. 987 (2012)Google Scholar
  14. 14.
    Sae-Bae, N., Ahmed, K., Isbister, K., Memon, N.: Biometric-rich gestures: a novel approach to authentication on multi-touch devices. In: SIGCHI Conference on Human Factors in Computing Systems, p. 977 (2012)Google Scholar
  15. 15.
    Riva, O., Qin, C., Strauss, K.: Progressive authentication: deciding when to authenticate on mobile phones. In: Proceedings of the 21 st USENIX Conference on Security Symposium, pp. 1–16 (2011)Google Scholar
  16. 16.
    Teh, P.S., Teoh, A.B.J., Yue, S.: A survey of keystroke dynamics biometrics. Sci. World J. 2013 (2013)Google Scholar
  17. 17.
    Babaeizadeh, M., Bakhtiari, M., Maarof, M.A.: Keystroke dynamic authentication in mobile cloud computing. Int. J. Comput. Appl. 90(1), 975–8887 (2014)Google Scholar
  18. 18.
    Jeong, H., Choi, E.: User authentication using profiling in mobile cloud computing. AASRI Procedia 2, 262–267 (2012)CrossRefGoogle Scholar
  19. 19.
    Putri, A.N., Asnar, Y.D.W., Akbar, S.: A continuous fusion authentication for Android based on keystroke dynamics and touch gesture. In: Proceedings of 2016 International Conference on Data and Software Engineering, ICoDSE 2016 (2017)Google Scholar
  20. 20.
    Abdulhakim Alariki, A., Abdul Manaf, A., Mojtaba Mousavi, S.: Features extraction scheme for behavioral biometric authentication in touchscreen mobile devices. Int. J. Appl. Eng. Res. 11(18), 973–4562 (2016)Google Scholar
  21. 21.
    Teh, P.S., Zhang, N., Teoh, A.B.J., Chen, K.: A survey on touch dynamics authentication in mobile devices. Comput. Secur. 59, 210–235 (2016)CrossRefGoogle Scholar
  22. 22.
    Saini, B.S., Kaur, N., Bhatia, K.S.: Keystroke dynamics for mobile phones: a survey. Indian J. Sci. Technol. 9(6), 1–8 (2016)CrossRefGoogle Scholar
  23. 23.
    Bhardwaj, I., Londhe, N.D., Kopparapu, S.K.: Study of imposter attacks on novel fingerprint dynamics based verification system. IEEE Access 5, 595–606CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Adnan Bin Amanat Ali
    • 1
    Email author
  • Vasaki Ponnusamy
    • 1
  • Anbuselvan Sangodiah
    • 1
  1. 1.Faculty of Information and Communication TechnologyUniversiti Tunku Abdul RahmanKamparMalaysia

Personalised recommendations