Active authentication for mobile devices utilising behaviour profiling

Fudong Li*, Nathan Clarke, Maria Papadaki, Paul Dowland

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

With nearly 6 billion subscribers around the world, mobile devices have become an indispensable component in modern society. The majority of these devices rely upon passwords and personal identification numbers as a form of user authentication, and the weakness of these point-of-entry techniques is widely documented. Active authentication is designed to overcome this problem by utilising biometric techniques to continuously assess user identity. This paper describes a feasibility study into a behaviour profiling technique that utilises historical application usage to verify mobile users in a continuous manner. By utilising a combination of a rule-based classifier, a dynamic profiling technique and a smoothing function, the best experimental result for a users overall application usage was an equal error rate of 9.8 %. Based upon this result, the paper proceeds to propose a novel behaviour profiling framework that enables a user's identity to be verified through their application usage in a continuous and transparent manner. In order to balance the trade-off between security and usability, the framework is designed in a modular way that will not reject user access based upon a single application activity but a number of consecutive abnormal application usages. The proposed framework is then evaluated through simulation with results of 11.45 and 4.17 % for the false rejection rate and false acceptance rate, respectively. In comparison with point-of-entry-based approaches, behaviour profiling provides a significant improvement in both the security afforded to the device and user convenience.

Original languageEnglish
Pages (from-to)229-244
Number of pages16
JournalInternational Journal of Information Security
Volume13
Issue number3
Early online date11 Sep 2013
DOIs
Publication statusPublished - 1 Jun 2014

Keywords

  • active authentication
  • behaviour profiling
  • biometrics

Fingerprint

Dive into the research topics of 'Active authentication for mobile devices utilising behaviour profiling'. Together they form a unique fingerprint.

Cite this