AnswerAuth: A bimodal behavioral biometric-based user authentication scheme for smartphones. (February 2019)
- Record Type:
- Journal Article
- Title:
- AnswerAuth: A bimodal behavioral biometric-based user authentication scheme for smartphones. (February 2019)
- Main Title:
- AnswerAuth: A bimodal behavioral biometric-based user authentication scheme for smartphones
- Authors:
- Buriro, Attaullah
Crispo, Bruno
Conti, Mauro - Abstract:
- Abstract: In this paper, we present a behavioral biometric-based smartphone user authentication mechanism, namely, AnswerAuth, which relies on the very common users' behavior. Behavior, here, refers to the way a user slides the lock button on the screen, to unlock the phone, and brings the phone towards her ear. The authentication mechanism works with the biometric behavior based on the extracted features from the data recorded using the built-in smartphone sensors, i.e., accelerometer, gyroscope, gravity, magnetometer and touchscreen, while the user performed sliding and phone-lifting actions. We testedAnswerAuth on a dataset of 10, 200 behavioral patterns collected from 85 users while they performed the unlocking actions, in sitting, standing, and walking postures, using six state-of-the-art conceptually different machine learning classifiers in two settings, i.e., with and without simultaneous feature selection and classification. Among all the chosen classifiers, Random Forest (RF) classifier proved to be the most consistent and accurate classifier on both full and reduced features and provided a True Acceptance Rate (TAR) as high as 99.35%. We prototype proof-of-the-concept Android app, based on our findings, and evaluate it in terms of security and usability. Security analysis ofAnswerAuth confirms its robustness against the possible mimicry attacks. Similarly, the usability study based on Software Usability Scale (SUS) 1 questionnaire verifies the user-friendliness ofAbstract: In this paper, we present a behavioral biometric-based smartphone user authentication mechanism, namely, AnswerAuth, which relies on the very common users' behavior. Behavior, here, refers to the way a user slides the lock button on the screen, to unlock the phone, and brings the phone towards her ear. The authentication mechanism works with the biometric behavior based on the extracted features from the data recorded using the built-in smartphone sensors, i.e., accelerometer, gyroscope, gravity, magnetometer and touchscreen, while the user performed sliding and phone-lifting actions. We testedAnswerAuth on a dataset of 10, 200 behavioral patterns collected from 85 users while they performed the unlocking actions, in sitting, standing, and walking postures, using six state-of-the-art conceptually different machine learning classifiers in two settings, i.e., with and without simultaneous feature selection and classification. Among all the chosen classifiers, Random Forest (RF) classifier proved to be the most consistent and accurate classifier on both full and reduced features and provided a True Acceptance Rate (TAR) as high as 99.35%. We prototype proof-of-the-concept Android app, based on our findings, and evaluate it in terms of security and usability. Security analysis ofAnswerAuth confirms its robustness against the possible mimicry attacks. Similarly, the usability study based on Software Usability Scale (SUS) 1 questionnaire verifies the user-friendliness of the proposed scheme (SUS Score of 75.11). Experimental results proveAnswerAuth as a secure and usable authentication mechanism. … (more)
- Is Part Of:
- Journal of information security and applications. Volume 44(2019)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 44(2019)
- Issue Display:
- Volume 44, Issue 2019 (2019)
- Year:
- 2019
- Volume:
- 44
- Issue:
- 2019
- Issue Sort Value:
- 2019-0044-2019-0000
- Page Start:
- 89
- Page End:
- 103
- Publication Date:
- 2019-02
- Subjects:
- Smartphone -- Sensors -- Biometric authentication -- Behavioral biometrics -- Human-centered computing
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2018.11.008 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 9408.xml