User Authentication for Smart Home Networks Based on Mobile Apps Usage

End-user devices, such as mobile phones and tablets, have become essential tools for accessing smart homes. Consequently, user authentication, one of the most important security factors, needs to be considered to prevent unauthorized access to home devices. Although mobile phones are equipped with different means of authentication such as fingerprint readers, these methods are only employed at the time of access; hence, countermeasures should be developed to overcome potential threats. This paper presents a continuous user authentication model based on apps access usage on mobile devices. To validate the presented model, two public real-world datasets collected from real users over a long period, are used. The model is evaluated for its ability to differentiate between users utilizing shared apps at the same daily intervals. Moreover, various classification approaches regarding legitimate user classification in compliance with the history of apps usage are evaluated. The results demonstrate the capacity of the presented method to authenticate users with high true positive and true negative rates.

[1]  Qusay H. Mahmoud,et al.  Design and Implementation of a Contextual-Based Continuous Authentication Framework for Smart Homes , 2019, Applied System Innovation.

[2]  Lei Yang,et al.  Accurate online power estimation and automatic battery behavior based power model generation for smartphones , 2010, 2010 IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[3]  Maria Papadaki,et al.  Evaluation of anomaly-based IDS for mobile devices using machine learning classifiers , 2012, Secur. Commun. Networks.

[4]  Eyal de Lara,et al.  Ensemble: cooperative proximity-based authentication , 2010, MobiSys '10.

[5]  Maria Papadaki,et al.  Active authentication for mobile devices utilising behaviour profiling , 2014, International Journal of Information Security.

[6]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[7]  Florian Alt,et al.  Improving Accuracy, Applicability and Usability of Keystroke Biometrics on Mobile Touchscreen Devices , 2015, CHI.

[8]  Mehmet Fatih Amasyali,et al.  Classifier Ensembles with the Extended Space Forest , 2014, IEEE Transactions on Knowledge and Data Engineering.

[9]  Chelsea Dobbins,et al.  Lesson Learned from Collecting Quantified Self Information via Mobile and Wearable Devices , 2015, J. Sens. Actuator Networks.

[10]  Bruno Crispo,et al.  Hold and Sign: A Novel Behavioral Biometrics for Smartphone User Authentication , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[11]  Rama Chellappa,et al.  Continuous Authentication of Smartphones Based on Application Usage , 2018, IEEE Transactions on Biometrics, Behavior, and Identity Science.

[12]  Angelos Stavrou,et al.  Continuous Authentication on Mobile Devices Using Power Consumption, Touch Gestures and Physical Movement of Users , 2015, RAID.

[13]  Gokhan Memik,et al.  Into the wild: Studying real user activity patterns to guide power optimizations for mobile architectures , 2009, 2009 42nd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[14]  Sattar Hashemi,et al.  To Combat Multi-Class Imbalanced Problems by Means of Over-Sampling Techniques , 2016, IEEE Transactions on Knowledge and Data Engineering.

[15]  Qusay H. Mahmoud,et al.  A Behavior Profiling Model for User Authentication in IoT Networks based on App Usage Patterns , 2018, IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society.

[16]  Qusay H. Mahmoud,et al.  A User Authentication Model for IoT Networks Based on App Traffic Patterns , 2018, 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON).

[17]  Markus Jakobsson,et al.  Implicit Authentication through Learning User Behavior , 2010, ISC.

[18]  Nathan Clarke,et al.  Behaviour profiling for transparent authentication for mobile devices , 2011, ECIW 2011 2011.