论文信息 - Protecting Mobile Devices from Adversarial User by Fine-Grained Analysis of User Behavior

Protecting Mobile Devices from Adversarial User by Fine-Grained Analysis of User Behavior

In recent years, mobile devices have become the mainstream medium for maintaining and processing a variety of information, including personal or sensitive information. To prevent a leakage of information to unauthorized users, a user authentication scheme that is appropriate for mobile environment is surely needed. In the meantime, it is important to guarantee sufficient usability of the mechanism so that it does not affect the user experience of the mobile device in a significant way. To pursue both usability and security perspectives of mobile devices, we propose a novel way of user authentication where fine-grained user behaviors are exploited to prohibit unauthorized access from an adversarial user. We examine behavioral patterns of daily usage of mobile devices in very fine-grained and implicit fashion. As a result, we suggest and evaluate the overall system exploiting user behaviors to separate valid user and adversarial user.

Hyunsoo Yoon | Sunwoo Kim | Yonggon Kim | Ohmin Kwon | Byungjin Jeong

[1] Shari Trewin,et al. Biometric authentication on a mobile device: a study of user effort, error and task disruption , 2012, ACSAC '12.

[2] Chuan Qin,et al. Progressive Authentication: Deciding When to Authenticate on Mobile Phones , 2012, USENIX Security Symposium.

[3] Heinrich Hußmann,et al. TreasurePhone: Context-Sensitive User Data Protection on Mobile Phones , 2010, Pervasive.

[4] Dong Xuan,et al. DiffUser: Differentiated user access control on smartphones , 2009, 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems.

[5] Brian D. Noble,et al. Mobile Device Security Using Transient Authentication , 2006, IEEE Transactions on Mobile Computing.

[6] Karin Strauss,et al. Goldilocks and the two mobile devices: going beyond all-or-nothing access to a device's applications , 2012, SOUPS.

[7] Heinrich Hußmann,et al. Touch me once and i know it's you!: implicit authentication based on touch screen patterns , 2012, CHI.

[8] Mauro Conti,et al. Mind how you answer me!: transparently authenticating the user of a smartphone when answering or placing a call , 2011, ASIACCS '11.

[9] Markus Jakobsson,et al. Implicit Authentication through Learning User Behavior , 2010, ISC.

[10] Uwe Hansmann,et al. Pervasive Computing , 2003 .