Behaviour profiling for transparent authentication for mobile devices

Fudong Li*, Nathan Clarke, Maria Papadaki, Paul Dowland

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Since the first handheld cellular phone was introduced in 1970s, the mobile phone has changed significantly both in terms of popularity and functionality. With more than 4.6 billion subscribers around the world, it has become a ubiquitous device in our daily life. Apart from the traditional telephony and text messaging services, people are enjoying a much wider range of mobile services over a variety of network connections in the form of mobile applications. Although a number of security mechanisms such as authentication, antivirus, and firewall applications are available, it is still difficult to keep up with various mobile threats (i.e. service fraud, mobile malware and SMS phishing); hence, additional security measures should be taken into consideration. This paper proposes a novel behaviour-based profiling technique by using a mobile user's application usage to detect abnormal mobile activities. The experiment employed the MIT Reality dataset. For data processing purposes and also to maximise the number of participants, one month (24/10/2004-20/11/ 2004) of users' application usage with a total number of 44,529 log entries was extracted from the original dataset. It was further divided to form three subsets: two intra-application datasets compiled with telephone and message data; and an inter-application dataset containing the rest of the mobile applications. Based upon the experiment plan, a user's profile was built using either static and dynamic profiles and the best experimental results for the telephone, text message, and application-level applications were an EER (Equal Error Rate) of: 5.4%, 2.2% and 13.5% respectively. Whilst some users were difficult to classify, a significant proportion fell within the performance expectations of a behavioural biometric and therefore a behaviour profiling system on mobile devices is able to detect anomalies during the use of the mobile device. Incorporated within a wider authentication system, this biometric would enable transparent and continuous authentication of the user, thereby maximising user acceptance and security.

Original languageEnglish
Title of host publication10th European Conference on Information Warfare and Security 2011, ECIW 2011
Number of pages8
Publication statusPublished - 2011
Event10th European Conference on Information Warfare and Security 2011 - Tallinn, Estonia
Duration: 7 Jul 20118 Jul 2011


Conference10th European Conference on Information Warfare and Security 2011
Abbreviated titleECIW 2011


  • Applications
  • Behaviour profiling
  • Mobile device
  • Transparent authentication


Dive into the research topics of 'Behaviour profiling for transparent authentication for mobile devices'. Together they form a unique fingerprint.

Cite this