CDAS: A Continuous Dynamic Authentication System

The rapid development of smartphones has greatly facilitated our lives. At the same time, securing the data stored and accessed from smartphones makes it important to authenticate the user. However, current smartphones perform one-time authentication at the entrance while they don't authenticate users continuously when in use, which brings serious privacy and security issues, such as collisions and social engineering to bypass the authentication. This paper introduces CDAS (Continuous Dynamic Authentication System), which uses the Support Vector Machine (SVM) to construct user's behavior model by collecting his touch data to judge him authorized whether or not. CDAS works independently in the background without interacting with users most time. Therefore, CDAS is featured with security, efficiency and continuity. We conducted a two-week experiment involving more than 20 users which shows that the system we design achieves a high accuracy, a low False Accept Rate (FAR) and a low False Reject Rate (FRR), which indicates that CDAS ensures the security and enjoys a promising prospect.

[1]  Marcos Faúndez-Zanuy,et al.  On-line signature recognition based on VQ-DTW , 2007, Pattern Recognit..

[2]  Duncan S. Wong,et al.  Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones , 2012, Inscrypt.

[3]  Nasir D. Memon,et al.  Investigating multi-touch gestures as a novel biometric modality , 2012, 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[4]  Youtian Du,et al.  User Authentication Through Mouse Dynamics , 2013, IEEE Transactions on Information Forensics and Security.

[5]  DAVID ZHANG,et al.  A Comparative Study of Palmprint Recognition Algorithms , 2012, CSUR.

[6]  Heinrich Hußmann,et al.  Touch me once and i know it's you!: implicit authentication based on touch screen patterns , 2012, CHI.

[7]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[8]  Erik Wästlund,et al.  Exploring Touch-Screen Biometrics for User Identification on Smart Phones , 2011, PrimeLife.

[9]  Venu Govindaraju,et al.  Behavioural biometrics: a survey and classification , 2008, Int. J. Biom..

[10]  Xiao Wang,et al.  SenSec: Mobile security through passive sensing , 2013, 2013 International Conference on Computing, Networking and Communications (ICNC).

[11]  Ioannis A. Kakadiaris,et al.  Illumination Normalization Using Self-lighting Ratios for 3D2D Face Recognition , 2012, ECCV Workshops.

[12]  Alex ChiChung Kot,et al.  Fingerprint Combination for Privacy Protection , 2013, IEEE Transactions on Information Forensics and Security.

[13]  Tao Feng,et al.  Continuous mobile authentication using touchscreen gestures , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[14]  Michael R. Lyu,et al.  Towards Continuous and Passive Authentication via Touch Biometrics: An Experimental Study on Smartphones , 2014, SOUPS.

[15]  Margit Antal,et al.  An Evaluation of One-Class and Two-Class Classification Algorithms for Keystroke Dynamics Authentication on Mobile Devices , 2015, 2015 20th International Conference on Control Systems and Computer Science.

[16]  Sahin Albayrak,et al.  A generic framework and runtime environment for development and evaluation of behavioral biometrics solutions , 2010, 2010 10th International Conference on Intelligent Systems Design and Applications.

[17]  Sharath Pankanti,et al.  Biometrics: a tool for information security , 2006, IEEE Transactions on Information Forensics and Security.