An Adaptive Approach for Active Multi-Factor Authentication

Multi-Factor Authentication (MFA) is the current trend to genuinely identify authorized users through the active authentication process using passwords, biometrics, cognitive behavior, etc. As new and improved authentication modalities of various types are becoming available, these are opening up options for security researchers to devise solutions facilitating continuous authentication to online systems. This paper focuses on describing a framework for continuous authentication where authentication modalities are selected adaptively by sensing the users’ operating environment (the device and communication media, and historical data). Empirical studies are conducted with varying environmental parameters and the performance of the adaptive MFA is compared with other selection strategies. The empirical results appear promising, which reflects that such a multi-factor decision support technique can be applied to realworld identity management and authentication systems. Keywords—Active Authentication; Genetic Algorithm; Adaptive Selection; Multi-Modal Framework

[1]  Sung-Hyuk Cha,et al.  An investigation of keystroke and stylometry traits for authenticating online test takers , 2011, 2011 International Joint Conference on Biometrics (IJCB).

[2]  Rachel Greenstadt,et al.  Adversarial stylometry: Circumventing authorship recognition to preserve privacy and anonymity , 2012, TSEC.

[3]  Hamid Jahankhani,et al.  A Survey of User Authentication Based on Mouse Dynamics , 2008 .

[4]  David W. Aha,et al.  User Authentication from Web Browsing Behavior , 2013, FLAIRS.

[5]  Kalyanmoy Deb,et al.  A fast and elitist multiobjective genetic algorithm: NSGA-II , 2002, IEEE Trans. Evol. Comput..

[6]  Roland H. C. Yap,et al.  An Usability Study of Continuous Biometrics Authentication , 2009, ICB.

[7]  Dipankar Dasgupta,et al.  SGA: A Structured Genetic Algorithm , 1992 .

[8]  Sandeep Kumar,et al.  Continuous Verification Using Multimodal Biometrics , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[9]  V. Vaidehi,et al.  Person Authentication Using Face Detection , 2008 .

[10]  Kevin Kwok,et al.  User Identification and Characterization From Web Browsing Behavior , 2012 .

[11]  Karl Ricanek,et al.  The Next Biometric Challenge: Medical Alterations , 2013, Computer.

[12]  D. Reynolds Automatic Speaker Recognition Using Gaussian Mixture Speaker Models , 1995 .

[13]  Sung-Hyuk Cha,et al.  Behavioral biometric verification of student identity in online course assessment and authentication of authors in literary works , 2013, 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[14]  M. Turk,et al.  Temporal Integration for Continuous Multimodal Biometrics , 2003 .

[15]  Matti Pietikäinen,et al.  Face and Eye Detection for Person Authentication in Mobile Phones , 2007, 2007 First ACM/IEEE International Conference on Distributed Smart Cameras.

[16]  Lawrence. Davis,et al.  Handbook Of Genetic Algorithms , 1990 .

[17]  Sharath Pankanti,et al.  Biometrics: Personal Identification in Networked Society , 2013 .

[18]  Srivaths Ravi,et al.  Efficient fingerprint-based user authentication for embedded systems , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[19]  Larry S. Davis,et al.  Screen Fingerprints: A Novel Modality for Active Authentication , 2013, IT Professional.

[20]  Shari Trewin,et al.  Biometric authentication on a mobile device: a study of user effort, error and task disruption , 2012, ACSAC '12.

[21]  Claudia Picardi,et al.  User authentication through keystroke dynamics , 2002, TSEC.

[22]  Antonio J. Nebro,et al.  jMetal: A Java framework for multi-objective optimization , 2011, Adv. Eng. Softw..

[23]  Sharath Pankanti,et al.  An identity-authentication system using fingerprints , 1997, Proc. IEEE.

[24]  Richard P. Guidorizzi Security: Active Authentication , 2013, IT Prof..

[25]  Ting Yu,et al.  On mouse dynamics as a behavioral biometric for authentication , 2011, ASIACCS '11.