An HMM-based behavior modeling approach for continuous mobile authentication

This paper studies continuous authentication for touch interface based mobile devices. A Hidden Markov Model (HMM) based behavioral template training approach is presented, which does not require training data from other subjects other than the owner of the mobile. The stroke patterns of a user are modeled using a continuous left-right HMM. The approach models the horizontal and vertical scrolling patterns of a user since these are the basic and mostly used interactions on a mobile device. The effectiveness of the proposed method is evaluated through extensive experiments using the Toucha-lytics database which comprises of touch data over time. The results show that the performance of the proposed approach is better than the state-of-the-art method.

[1]  Nasir D. Memon,et al.  Graphical passwords based on robust discretization , 2006, IEEE Transactions on Information Forensics and Security.

[2]  Daphna Weinshall,et al.  Passwords you'll never forget, but can't recall , 2004, CHI EA '04.

[3]  Vir V. Phoha,et al.  Scan-Based Evaluation of Continuous Keystroke Authentication Systems , 2013, IT Professional.

[4]  Steven Furnell,et al.  Beyond the PIN: Enhancing user authentication for mobile devices , 2008 .

[5]  Michael K. Reiter,et al.  On User Choice in Graphical Password Schemes , 2004, USENIX Security Symposium.

[6]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[7]  Biing-Hwang Juang,et al.  Fundamentals of speech recognition , 1993, Prentice Hall signal processing series.

[8]  Maria Papadaki,et al.  Active authentication for mobile devices utilising behaviour profiling , 2014, International Journal of Information Security.

[9]  Dawn Xiaodong Song,et al.  Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication , 2012, IEEE Transactions on Information Forensics and Security.

[10]  Nasir D. Memon,et al.  Biometric-rich gestures: a novel approach to authentication on multi-touch devices , 2012, CHI.

[11]  Sandeep Kumar,et al.  Continuous Verification Using Multimodal Biometrics , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[12]  Yigitcan Aksari,et al.  Active authentication by mouse movements , 2009, 2009 24th International Symposium on Computer and Information Sciences.

[13]  Xiang-Yang Li,et al.  SilentSense: Silent User Identification via Dynamics of Touch and Movement Behavioral Biometrics , 2013, ArXiv.

[14]  Nasir D. Memon,et al.  A simple and effective method for online signature verification , 2013, 2013 International Conference of the BIOSIG Special Interest Group (BIOSIG).

[15]  Tao Feng,et al.  Continuous mobile authentication using touchscreen gestures , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[16]  Nasir D. Memon,et al.  Investigating multi-touch gestures as a novel biometric modality , 2012, 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[17]  Anil K. Jain,et al.  Soft Biometric Traits for Continuous User Authentication , 2010, IEEE Transactions on Information Forensics and Security.

[18]  Jun Yang,et al.  SenGuard: Passive user identification on smartphones using multiple sensors , 2011, 2011 IEEE 7th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[19]  Alex Park,et al.  The MIT Mobile Device Speaker Verification Corpus: Data Collection and Preliminary Experiments , 2006, 2006 IEEE Odyssey - The Speaker and Language Recognition Workshop.

[20]  Nasir D. Memon,et al.  Modeling user choice in the PassPoints graphical password scheme , 2007, SOUPS '07.

[21]  Kimmo Kaski,et al.  Circadian pattern and burstiness in mobile phone communication , 2011, 1101.0377.

[22]  S. Akula,et al.  Image Based Registration and Authentication System , 2004 .

[23]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[24]  Nasir D. Memon,et al.  Finger-drawn pin authentication on touch devices , 2014, 2014 IEEE International Conference on Image Processing (ICIP).