SenSec: Mobile security through passive sensing

We introduce a new mobile system framework, SenSec, which uses passive sensory data to ensure the security of applications and data on mobile devices. SenSec constantly collects sensory data from accelerometers, gyroscopes and magnetometers and constructs the gesture model of how a user uses the device. SenSec calculates the sureness that the mobile device is being used by its owner. Based on the sureness score, mobile devices can dynamically request the user to provide active authentication (such as a strong password), or disable certain features of the mobile devices to protect user's privacy and information security. In this paper, we model such gesture patterns through a continuous n-gram language model using a set of features constructed from these sensors. We built mobile application prototype based on this model and use it to perform both user classification and user authentication experiments. User studies show that SenSec can achieve 75% accuracy in identifying the users and 71.3% accuracy in detecting the non-owners with only 13.1% false alarms.

[1]  Claude E. Shannon,et al.  A Mathematical Theory of Communications , 1948 .

[2]  Matthias Baldauf,et al.  A survey on context-aware systems , 2007, Int. J. Ad Hoc Ubiquitous Comput..

[3]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[4]  T. Gilovich,et al.  The Perceiver as Perceived: Everyday Intuitions About the Correspondence Bias , 1999 .

[5]  Xian Ke,et al.  Typing patterns: a key to user identification , 2004, IEEE Security & Privacy Magazine.

[6]  Jun Yang,et al.  SenGuard: Passive user identification on smartphones using multiple sensors , 2011, 2011 IEEE 7th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[7]  W. Frawley Mind as Action , 1998, Trends in Cognitive Sciences.

[8]  Jun Han,et al.  ACComplice: Location inference using accelerometers on smartphones , 2012, 2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012).

[9]  Sahin Albayrak,et al.  Monitoring Smartphones for Anomaly Detection , 2008, Mob. Networks Appl..

[10]  Kirsi Helkala,et al.  Biometric Gait Authentication Using Accelerometer Sensor , 2006, J. Comput..

[11]  Katayoun Farrahi,et al.  Extracting Mobile Behavioral Patterns with the Distant N-Gram Topic Model , 2012, 2012 16th International Symposium on Wearable Computers.

[12]  Gregory D. Abowd,et al.  The smart floor: a mechanism for natural user identification and tracking , 2000, CHI Extended Abstracts.

[13]  Ying Zhang,et al.  Towards Accountable Mobility Model: A Language Approach on User Behavior Modeling in Office WLAN , 2011, 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN).

[14]  Wei-Ying Ma,et al.  Understanding mobility based on GPS data , 2008, UbiComp.

[15]  Ying Zhang,et al.  n-Gram Geo-trace Modeling , 2011, Pervasive.

[16]  Branislav Kveton,et al.  Inferring Identity Using Accelerometers in Television Remote Controls , 2009, Pervasive.

[17]  Markus Jakobsson,et al.  Implicit Authentication through Learning User Behavior , 2010, ISC.

[18]  Peng-Wen Chen,et al.  A Language Approach to Modeling Human Behaviors , 2010, LREC.

[19]  Markus Jakobsson,et al.  Implicit authentication for mobile devices , 2009 .

[20]  Zhigang Liu,et al.  The Jigsaw continuous sensing engine for mobile phone applications , 2010, SenSys '10.

[21]  Laurent Gomez,et al.  Context-aware security and secure context-awareness in ubiquitous computing environments , 2006, Ann. UMCS Informatica.