IDeAuth: A novel behavioral biometric-based implicit deauthentication scheme for smartphones

Sandeep Gupta; Rajesh Kumar; Mouna Kacimi; Bruno Crispo

doi:10.1016/j.patrec.2022.03.011

IDeAuth: A novel behavioral biometric-based implicit deauthentication scheme for smartphones

Sandeep Gupta, Rajesh Kumar, Mouna Kacimi, Bruno Crispo

Research output: Contribution to journal › Article › peer-review

16 Citations (Scopus)

Abstract

Many studies have shown that single entry-point authentication schemes for smartphones can easily be circumvented. IDeAuth is an implicit deauthentication scheme that aims to minimize unauthorized access to security-sensitive applications and services running on users’ smartphones when unauthorized access or intrusions are detected. IDeAuth verifies legitimate owners of their smartphones by exploiting their micro hand-movements and decides to sign off the default user account revoking security-sensitive applications and services linked with it. We design and develop an Android-based prototype application as a proof-of-concept and collect a new dataset consisting of 21263 observations from 41 users in a real scenario. The user verification process employs four different one-class classifiers (OCCs), which is evaluated on the collected dataset using the holdout test method. IDeAuth achieves a Half Total Error Rate (HTER) of ≈4% after applying a decision-level-fusion enhancing the best individual classifier’s performance by ≈1%.

Original language	English
Pages (from-to)	8-15
Number of pages	8
Journal	Pattern Recognition Letters
Volume	157
Early online date	26 Mar 2022
DOIs	https://doi.org/10.1016/j.patrec.2022.03.011
Publication status	Published - May 2022
Externally published	Yes

Access to Document

10.1016/j.patrec.2022.03.011Licence: Unspecified

Cite this

@article{be2108d056054a7f896ddf325ced773f,

title = "IDeAuth: A novel behavioral biometric-based implicit deauthentication scheme for smartphones",

abstract = "Many studies have shown that single entry-point authentication schemes for smartphones can easily be circumvented. IDeAuth is an implicit deauthentication scheme that aims to minimize unauthorized access to security-sensitive applications and services running on users{\textquoteright} smartphones when unauthorized access or intrusions are detected. IDeAuth verifies legitimate owners of their smartphones by exploiting their micro hand-movements and decides to sign off the default user account revoking security-sensitive applications and services linked with it. We design and develop an Android-based prototype application as a proof-of-concept and collect a new dataset consisting of 21263 observations from 41 users in a real scenario. The user verification process employs four different one-class classifiers (OCCs), which is evaluated on the collected dataset using the holdout test method. IDeAuth achieves a Half Total Error Rate (HTER) of ≈4% after applying a decision-level-fusion enhancing the best individual classifier{\textquoteright}s performance by ≈1%.",

author = "Sandeep Gupta and Rajesh Kumar and Mouna Kacimi and Bruno Crispo",

year = "2022",

month = may,

doi = "10.1016/j.patrec.2022.03.011",

language = "English",

volume = "157",

pages = "8--15",

journal = "Pattern Recognition Letters",

issn = "0167-8655",

publisher = "Elsevier B.V.",

}

TY - JOUR

T1 - IDeAuth: A novel behavioral biometric-based implicit deauthentication scheme for smartphones

AU - Gupta, Sandeep

AU - Kumar, Rajesh

AU - Kacimi, Mouna

AU - Crispo, Bruno

PY - 2022/5

Y1 - 2022/5

N2 - Many studies have shown that single entry-point authentication schemes for smartphones can easily be circumvented. IDeAuth is an implicit deauthentication scheme that aims to minimize unauthorized access to security-sensitive applications and services running on users’ smartphones when unauthorized access or intrusions are detected. IDeAuth verifies legitimate owners of their smartphones by exploiting their micro hand-movements and decides to sign off the default user account revoking security-sensitive applications and services linked with it. We design and develop an Android-based prototype application as a proof-of-concept and collect a new dataset consisting of 21263 observations from 41 users in a real scenario. The user verification process employs four different one-class classifiers (OCCs), which is evaluated on the collected dataset using the holdout test method. IDeAuth achieves a Half Total Error Rate (HTER) of ≈4% after applying a decision-level-fusion enhancing the best individual classifier’s performance by ≈1%.

AB - Many studies have shown that single entry-point authentication schemes for smartphones can easily be circumvented. IDeAuth is an implicit deauthentication scheme that aims to minimize unauthorized access to security-sensitive applications and services running on users’ smartphones when unauthorized access or intrusions are detected. IDeAuth verifies legitimate owners of their smartphones by exploiting their micro hand-movements and decides to sign off the default user account revoking security-sensitive applications and services linked with it. We design and develop an Android-based prototype application as a proof-of-concept and collect a new dataset consisting of 21263 observations from 41 users in a real scenario. The user verification process employs four different one-class classifiers (OCCs), which is evaluated on the collected dataset using the holdout test method. IDeAuth achieves a Half Total Error Rate (HTER) of ≈4% after applying a decision-level-fusion enhancing the best individual classifier’s performance by ≈1%.

U2 - 10.1016/j.patrec.2022.03.011

DO - 10.1016/j.patrec.2022.03.011

M3 - Article

SN - 0167-8655

VL - 157

SP - 8

EP - 15

JO - Pattern Recognition Letters

JF - Pattern Recognition Letters

ER -

IDeAuth: A novel behavioral biometric-based implicit deauthentication scheme for smartphones

Abstract

Access to Document

Fingerprint

Cite this