Continuous Authentication in Smartphones : An Analysis on Robust Security Practices

The current authentication systems in smart phones are classified as static or one shot authentication schemes in which the user is validated at a single point. The existing authentication systems cannot recognize the difference between an intruder and a legitimate user if the security credentials like passwords have been leaked. This issue is addressed in continuous authentication schemes where the system constantly monitors the user by different procedures to detect the user as genuine or intruder. Continuous authentications schemes can be deployed using different methods such as behavioral, gestural and facial, etc. In this paper, we critically analyze the different continuous authentication schemes. We evaluate the robustness and failure free operation of each approach. We aim to provide a precise knowledge about different continuous authentications schemes which help the user to determine the appropriateness of the underlying model adapted by each approach. Keywords—Continuous authentication; security; mobile sharing; TIPS; SenGuard; SilentSense; GeoTouch; gestures; key strokes

[1]  Munaga V. N. K. Prasad,et al.  Multimodal Biometric System , 2008, 2008 First International Conference on Emerging Trends in Engineering and Technology.

[2]  Jun Yang,et al.  SenGuard: Passive user identification on smartphones using multiple sensors , 2011, 2011 IEEE 7th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[3]  Kevin W. Bowyer,et al.  Experimental evidence of a template aging effect in iris biometrics , 2011, 2011 IEEE Workshop on Applications of Computer Vision (WACV).

[4]  Andreas Uhl,et al.  Iris-sensor authentication using camera PRNU fingerprints , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[5]  Junjie Yan,et al.  A face antispoofing database with diverse attacks , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[6]  Luís Ducla Soares,et al.  Hand-based multimodal identification system with secure biometric template storage , 2012 .

[7]  Anderson Rocha,et al.  Video-Based Face Spoofing Detection through Visual Rhythm Analysis , 2012, 2012 25th SIBGRAPI Conference on Graphics, Patterns and Images.

[8]  Philip J. Morrow,et al.  Iris recognition failure over time: The effects of texture , 2012, Pattern Recognit..

[9]  Tao Feng,et al.  Continuous mobile authentication using touchscreen gestures , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[10]  Andreas Uhl,et al.  Iris-biometric comparators: Exploiting comparison scores towards an optimal alignment under Gaussian assumption , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[11]  Matti Pietikäinen,et al.  Can gait biometrics be Spoofed? , 2012, Proceedings of the 21st International Conference on Pattern Recognition (ICPR2012).

[12]  Mark S. Nixon,et al.  The Effect of Time on Gait Recognition Performance , 2012, IEEE Transactions on Information Forensics and Security.

[13]  Yasushi Makihara,et al.  Gait-based person-verification system for forensics , 2012, 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[14]  Dipak M. Adhyaru,et al.  A survey of automated biometric authentication techniques , 2013, 2013 Nirma University International Conference on Engineering (NUiCONE).

[15]  Matthias Trojahn,et al.  Toward Mobile Authentication with Keystroke Dynamics on Mobile Phones and Tablets , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[16]  Xiang-Yang Li,et al.  SilentSense: silent user identification via touch and movement behavioral biometrics , 2013, MobiCom.

[17]  Sheikh Iqbal Ahamed,et al.  Seeing Beyond Visibility: A Four Way Fusion of User Authentication for Efficient Usable Security on Mobile Devices , 2014, 2014 IEEE Eighth International Conference on Software Security and Reliability-Companion.

[18]  Hai Huang,et al.  You Are How You Touch: User Verification on Smartphones via Tapping Behaviors , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[19]  Tao Feng,et al.  TIPS: context-aware implicit user identification using touch screen in uncontrolled environments , 2014, HotMobile.

[20]  Riichiro Mizoguchi,et al.  A Dictionary of Gestures for Multitouch-Based Interactive Geometry Software , 2015, 2015 IEEE 15th International Conference on Advanced Learning Technologies.

[21]  Xi Wang,et al.  An investigation on touch biometrics: Behavioral factors on screen size, physical context and application context , 2015, 2015 IEEE International Symposium on Technologies for Homeland Security (HST).

[22]  René Mayrhofer,et al.  Cormorant: towards continuous risk-aware multi-modal cross-device authentication , 2015, UbiComp/ISWC Adjunct.

[23]  Kiran B. Raja,et al.  Multi-modal authentication system for smartphones using face, iris and periocular , 2015, 2015 International Conference on Biometrics (ICB).

[24]  Chao Shen,et al.  Touch-interaction behavior for continuous user authentication on smartphones , 2015, 2015 International Conference on Biometrics (ICB).

[25]  Xi Wang,et al.  Security after login: Identity change detection on smartphones using sensor fusion , 2015, 2015 IEEE International Symposium on Technologies for Homeland Security (HST).

[26]  Jain-Shing Wu,et al.  Smartphone continuous authentication based on keystroke and gesture profiling , 2015, 2015 International Carnahan Conference on Security Technology (ICCST).

[27]  Bojan Cukic,et al.  Effect of User Posture and Device Size on the Performance of Touch-Based Authentication Systems , 2015, 2015 IEEE 16th International Symposium on High Assurance Systems Engineering.

[28]  Munam Ali Shah,et al.  Vdroid: A lightweight virtualization architecture for smartphones , 2016, 2016 Future Technologies Conference (FTC).

[29]  Biometric User Authentication on Smartphone Accelerometer Sensor Data , .