MultiLock: Mobile Active Authentication based on Multiple Biometric and Behavioral Patterns

In this paper we evaluate how discriminative are behavior-based signals obtained from the smartphone sensors. The main aim is to evaluate these signals for person recognition. The recognition based on these signals increases the security of devices, but also implies privacy concerns. We consider seven different data channels and their combinations. Touch dynamics (touch gestures and keystroking), accelerometer, gyroscope, WiFi, GPS location and app usage are all collected during human-mobile interaction to authenticate the users. We evaluate two approaches: one-time authentication and active authentication. In one-time authentication, we employ the information of all channels available during one session. For active authentication we take advantage of mobile user behavior across multiple sessions by updating a confidence value of the authentication score. Our experiments are conducted on the semi-uncontrolled UMDAA-02 database. This database comprises of smartphone sensor signals acquired during natural human-mobile interaction. Our results show that different traits can be complementary and multimodal systems clearly increase the performance with accuracies ranging from 82.2% to 97.1% depending on the authentication scenario. These results confirm the discriminative power of these signals.

[1]  Julian Fierrez,et al.  Benchmarking Touchscreen Biometrics for Mobile Authentication , 2018, IEEE Transactions on Information Forensics and Security.

[2]  Julian Fiérrez,et al.  Multiple classifiers in biometrics. Part 2: Trends and challenges , 2018, Inf. Fusion.

[3]  Steven P. Weber,et al.  Active Authentication on Mobile Devices via Stylometry, Application Usage, Web Browsing, and GPS Location , 2017, IEEE Systems Journal.

[4]  Julian Fiérrez,et al.  Mobile signature verification: feature robustness and performance comparison , 2014, IET Biom..

[5]  Vir V. Phoha,et al.  Context-Aware Active Authentication using Touch Gestures, Typing Patterns and Body Movement , 2016 .

[6]  Sébastien Marcel,et al.  Keystroke Biometrics Ongoing Competition , 2016, IEEE Access.

[7]  Jun Ho Huh,et al.  SysPal: System-Guided Pattern Locks for Android , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[8]  Vishal M. Patel,et al.  Efficient and Low Latency Detection of Intruders in Mobile Active Authentication , 2018, IEEE Transactions on Information Forensics and Security.

[9]  Rama Chellappa,et al.  PATH: Person authentication using trace histories , 2016, 2016 IEEE 7th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON).

[10]  Anil K. Jain,et al.  Continuous authentication of mobile user: Fusion of face image and inertial Measurement Unit data , 2015, 2015 International Conference on Biometrics (ICB).

[11]  Michele Nappi,et al.  Have you permission to answer this phone? , 2018, 2018 International Workshop on Biometrics and Forensics (IWBF).

[12]  Stan Z. Li,et al.  Handbook of Biometric Anti-Spoofing , 2014, Advances in Computer Vision and Pattern Recognition.

[13]  Arun Ross,et al.  Actions Speak Louder Than (Pass)words: Passive Authentication of Smartphone* Users via Deep Temporal Features , 2019, 2019 International Conference on Biometrics (ICB).

[14]  Rama Chellappa,et al.  Continuous User Authentication on Mobile Devices: Recent progress and remaining challenges , 2016, IEEE Signal Processing Magazine.

[15]  Jun Yang,et al.  SenGuard: Passive user identification on smartphones using multiple sensors , 2011, 2011 IEEE 7th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[16]  John V. Monaco,et al.  The partially observable hidden Markov model and its application to keystroke dynamics , 2016, Pattern Recognit..

[17]  Rama Chellappa,et al.  Active user authentication for smartphones: A challenge data set and benchmark results , 2016, 2016 IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[18]  Sébastien Marcel,et al.  Handbook of Biometric Anti-Spoofing , 2019, Advances in Computer Vision and Pattern Recognition.

[19]  Alexander De Luca,et al.  It's a Hard Lock Life: A Field Study of Smartphone (Un)Locking Behavior and Risk Perception , 2014, SOUPS.

[20]  Yufei Chen,et al.  Multi-source Interactive Behavior Analysis for Continuous User Authentication on Smartphones , 2018, CCBR.

[21]  Rama Chellappa,et al.  Continuous Authentication of Smartphones Based on Application Usage , 2018, IEEE Transactions on Biometrics, Behavior, and Identity Science.

[22]  Patrick Bours,et al.  A Novel Mobilephone Application Authentication Approach based on Accelerometer and Gyroscope Data , 2018, 2018 International Conference of the Biometrics Special Interest Group (BIOSIG).

[23]  Julian Fierrez,et al.  Graphical Password-Based User Authentication With Free-Form Doodles , 2016, IEEE Transactions on Human-Machine Systems.

[24]  Patrick Bours,et al.  A Mobile App Authentication Approach by Fusing the Scores from Multi-Modal Data , 2018, 2018 21st International Conference on Information Fusion (FUSION).

[25]  Florian Alt,et al.  Improving Accuracy, Applicability and Usability of Keystroke Biometrics on Mobile Touchscreen Devices , 2015, CHI.

[26]  Patrick Bours,et al.  Studying WiFi and Accelerometer Data Based Authentication Method on Mobile Phones , 2018, ICBEA '18.