Multi-source interactive behavior analysis for continuous user authentication on smartphones

Abstract

Analyzing smartphone users’ behavioral characteristics for recognizing the identities has received growing interest from security and biometric researchers. Extant smartphone authentication methods usually provide one-time identity verification in some specific applications, but the authenticated user is still subject to masquerader attacks or session hijacking. This paper presents a novel smartphone authentication approach by analyzing multi-source user-machine usage behavior (i.e., power consumption, physical sensors, and touchscreen interactions), which can continuously verify the presence of a smartphone user. Extensive experiments are conducted to show that our authentication approach can be up to a relatively high accuracy with an equal-error rate of 5.5%. This approach can also be seamlessly integrated with existing authentication methods, which does not need additional hardware and is transparent to users.