Implicit Smartphone User Authentication with Sensors and Contextual Machine Learning
This addresses security for smartphone users by enabling implicit re-authentication to protect sensitive data, though it is incremental as it builds on existing sensor-based methods.
The paper tackles the problem of continuous smartphone user authentication by proposing a system that uses behavioral characteristics and built-in sensors, achieving 98.1% accuracy with low overhead and battery consumption.
Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an attacker. Beyond the initial login, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data. Hence, this paper proposes a novel authentication system for implicit, continuous authentication of the smartphone user based on behavioral characteristics, by leveraging the sensors already ubiquitously built into smartphones. We propose novel context-based authentication models to differentiate the legitimate smartphone owner versus other users. We systematically show how to achieve high authentication accuracy with different design alternatives in sensor and feature selection, machine learning techniques, context detection and multiple devices. Our system can achieve excellent authentication performance with 98.1% accuracy with negligible system overhead and less than 2.4% battery consumption.