Implicit Authentication On Mobile Devices

One major disadvantage of mobile devices is their liability to theft. Since people make more intense use of their smart phones to browse the web and store potentially sensitive data, it is proposed to use additional measures to secure one’s device. Implicit authentication for mobile devices is a promising solution to the problem. Analyzing user behavior and biometric characteristics can be used as additional measure to verify the user of a handset. Thus, sensors that are already inside contemporary smart phones are efficiently utilized for an area, that they were not originally designed for. Not only security is increased through implicit authentication techniques, but also usability. Inconvenient password requests by a phone can be reduced to a minimum. However, there are certain challenges in finding solutions to implement continuous, implicit authentication. Among these are the limited battery capacity and computational resources. Smart phones do not offer as much CPU power as cloud computing, so it is suggested to make use of these external resources, that are even dynamically adjustable.

[1]  Julian Fiérrez,et al.  Combining Biometric Evidence for Person Authentication , 2003, Advanced Studies in Biometrics.

[2]  Mikko Lindholm,et al.  Identifying people from gait pattern with accelerometers , 2005, SPIE Defense + Commercial Sensing.

[3]  Nathan L. Clarke,et al.  Keystroke Analysis for Thumb-based Keyboards on Mobile Devices , 2007, SEC.

[4]  P. Bhattarakosol,et al.  Authenticating User Using Keystroke Dynamics and Finger Pressure , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[5]  Markus Jakobsson,et al.  Implicit Authentication through Learning User Behavior , 2010, ISC.

[6]  Jacob Beal,et al.  Cognitive security for personal devices , 2008, AISec '08.

[7]  Mohammad Nauman,et al.  TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones , 2010, ISA.

[8]  Anil K. Jain,et al.  On-line signature verification, , 2002, Pattern Recognit..

[9]  Susan Wiedenbeck,et al.  Design and evaluation of a shoulder-surfing resistant graphical password scheme , 2006, AVI '06.

[10]  Markus Jakobsson,et al.  Implicit authentication for mobile devices , 2009 .

[11]  Allen Newell,et al.  Computer text-editing: An information-processing analysis of a routine cognitive skill , 1980, Cognitive Psychology.

[12]  Venu Govindaraju,et al.  Symmetric hash functions for secure fingerprint biometric systems , 2007, Pattern Recognit. Lett..

[13]  Markus Jakobsson,et al.  Authentication in the clouds: a framework and its application to mobile users , 2010, CCSW '10.

[14]  Heikki Ailisto,et al.  Identifying users of portable devices from gait pattern with accelerometers , 2005, Proceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005..

[15]  Xi Chen,et al.  Implicit User Re-authentication for Mobile Devices , 2009, UIC.

[16]  J. Cutting,et al.  Recognizing friends by their walk: Gait perception without familiarity cues , 1977 .

[17]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[18]  Nathan Clarke,et al.  Deployment of Keystroke Analysis on a Smartphone , 2008 .

[19]  Roberto Brunelli,et al.  Person identification using multiple cues , 1995, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[20]  Dimitrios Tzovaras,et al.  Unobtrusive Multimodal Biometric Authentication: The HUMABIO Project Concept , 2008, EURASIP J. Adv. Signal Process..

[21]  David J. Kriegman,et al.  Eigenfaces vs. Fisherfaces: Recognition Using Class Specific Linear Projection , 1996, ECCV.

[22]  Steven Furnell,et al.  Beyond the PIN: Enhancing user authentication for mobile devices , 2008 .

[23]  Kirsi Helkala,et al.  Biometric Gait Authentication Using Accelerometer Sensor , 2006, J. Comput..