Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Behavioural Profiling Authentication Based on Trajectory Based Anomaly Detection Model of User’s Mobility

  • Conference paper
  • First Online:
Business Information Systems Workshops (BIS 2017)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 303))

Included in the following conference series:

Abstract

Behavioural profiling and biometry are an interesting concept connected with authentication that have appeared in scientific literature and business world. Those methods indisputably offer new possibilities such as constant authentication and multi-user classification, but their taxonomy and definitions are not as clarified as it is for traditional authentication factors. The approach presented provides in this work provides an example of behavioural authentication model tested on a large dataset, focusing on one aspect of user behaviour - mobility, which can be adjusted to include other aspects in user behavioural authentication model. Also possible applications and extensions to the model are proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This work focuses on implementing only the behavioural profiling methods based on mobility into a practical authentication framework.

  2. 2.

    Meaning both the pattern and each activity can be analyzed in multiple dimensions considering eg. geography, time, sequence of actions or semantics of the content.

  3. 3.

    Those two concepts will be used interchangeably in this work.

  4. 4.

    This aspect importance is twofold, defining the stability of a given user and his behaviour and enabling the updating of a profile (its evolution) considering the fact that user behaviour tends to change in a long period.

  5. 5.

    Inspired by security domain informed/uninformed attacker scenario [39].

  6. 6.

    Meaning the classification of anomaly was performed based on three consecutive activities.

  7. 7.

    As in iterative.

  8. 8.

    An average of 4 activities a day for a user on the sample tested.

References

  1. Mobile cellular subscriptions (per 100 people) (2014). http://data.worldbank.org/indicator/IT.CEL.SETS.P2?end=2014&start=2014&view=bar. Accessed 19 July 2016

  2. Aledavood, T., López, E., Roberts, S.G., Reed-Tsochas, F., Moro, E., Dunbar, R.I., Saramäki, J.: Daily rhythms in mobile telephone communication. PLoS ONE 10(9), e0138098 (2015)

    Article  Google Scholar 

  3. Fox, B., van den Dam, R., Shockley, R.: Analytics: Real-world use of big data in telecommunications. IBM Institute for Business Value (2013)

    Google Scholar 

  4. Hayashi, E., Riva, O., Strauss, K., Brush, A., Schechter, S.: Goldilocks and the two mobile devices: going beyond all-or-nothing access to a device’s applications. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, p. 2. ACM (2012)

    Google Scholar 

  5. Beyond the password: The future of account security (2016). https://www.telesign.com/wp-content/uploads/2016/06/Telesign-Report-Beyond-the-Password-June-2016-1.pdf. Accessed 10 Sept 2016

  6. Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., Beznosov, K.: Know your enemy: the risk of unauthorized access in smartphones by insiders. In: Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services, pp. 271–280. ACM (2013)

    Google Scholar 

  7. Renaud, K.: Evaluating authentication mechanisms. In: Security and Usability, pp. 103–128 (2005)

    Google Scholar 

  8. Fridman, L., Weber, S., Greenstadt, R., Kam, M.: Active authentication on mobile devices via stylometry, application usage, web browsing, and GPS location (2015)

    Google Scholar 

  9. Market research - biometric smartphone model list (2016). http://www.acuity-mi.com/BSP.php. Accessed 19 July 2016

  10. Saevanee, H., Clarke, N.L., Furnell, S.M.: Multi-modal behavioural biometric authentication for mobile devices. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IAICT, vol. 376, pp. 465–474. Springer, Heidelberg (2012). doi:10.1007/978-3-642-30436-1_38

    Chapter  Google Scholar 

  11. Alzubaidi, A., Kalita, J.: Authentication of smartphone users using behavioral biometrics. IEEE Commun. Surv. Tutor. 18(3), 1998–2026 (2016)

    Article  Google Scholar 

  12. Crawford, H.A.: A framework for continuous, transparent authentication on mobile devices. Ph.D. thesis, University of Glasgow (2012)

    Google Scholar 

  13. Bo, C., Zhang, L., Li, X.Y., Huang, Q., Wang, Y.: Silentsense: silent user identification via touch and movement behavioral biometrics. In: Proceedings of the 19th Annual International Conference on Mobile Computing and Networking, pp. 187–190. ACM (2013)

    Google Scholar 

  14. Buthpitiya, S.: Modeling mobile user behavior for anomaly detection (2014)

    Google Scholar 

  15. Saevanee, H., Clarke, N., Furnell, S., Biscione, V.: Continuous user authentication using multi-modal biometrics. Comput. Secur. 53, 234–246 (2015)

    Article  Google Scholar 

  16. Li, F., Clarke, N., Papadaki, M., Dowland, P.: Active authentication for mobile devices utilising behaviour profiling. Int. J. Inf. Secur. 13(3), 229–244 (2014)

    Article  Google Scholar 

  17. Mazhelis, O., Puuronen, S.: A framework for behavior-based detection of user substitution in a mobile context. Comput. Secur. 26(2), 154–176 (2007)

    Article  Google Scholar 

  18. Boukerche, A., Notare, M.S.M.A.: Behavior-based intrusion detection in mobile phone systems. J. Parallel Distrib. Comput. 62(9), 1476–1490 (2002)

    Article  Google Scholar 

  19. Li, F., Clarke, N., Papadaki, M., Dowland, P.: Behaviour profiling for transparent authentication for mobile devices (2011)

    Google Scholar 

  20. Saramäki, J., Leicht, E.A., López, E., Roberts, S.G., Reed-Tsochas, F., Dunbar, R.I.: Persistence of social signatures in human communication. Proc. Nat. Acad. Sci. 111(3), 942–947 (2014)

    Article  Google Scholar 

  21. Gosnell, D.K.: Social fingerprinting: identifying users of social networks by their data footprint (2014)

    Google Scholar 

  22. Saevanee, H., Clarke, N., Furnell, S., Biscione, V.: Text-based active authentication for mobile devices. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 99–112. Springer, Heidelberg (2014). doi:10.1007/978-3-642-55415-5_9

    Chapter  Google Scholar 

  23. Brocardo, M.L., Traore, I., Woungang, I.: Toward a framework for continuous authentication using stylometry. In: 2014 IEEE 28th International Conference on Advanced Information Networking and Applications, pp. 106–115. IEEE (2014)

    Google Scholar 

  24. Karnan, M., Akila, M., Krishnaraj, N.: Biometric personal authentication using keystroke dynamics: a review. Appl. Soft Comput. 11(2), 1565–1573 (2011)

    Article  Google Scholar 

  25. Gascon, H., Uellenbeck, S., Wolf, C., Rieck, K.: Continuous authentication on mobile devices by analysis of typing motion behavior. In: Sicherheit, pp. 1–12. Citeseer (2014)

    Google Scholar 

  26. Primo, A., Phoha, V.V., Kumar, R., Serwadda, A.: Context-aware active authentication using smartphone accelerometer measurements. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops, pp. 98–105 (2014)

    Google Scholar 

  27. Li, L., Zhao, X., Xue, G.: Unobservable re-authentication for smartphones. In: NDSS (2013)

    Google Scholar 

  28. Hilas, C.S., Sahalos, J.N.: User profiling for fraud detection in telecommunication networks. In: 5th International Conference on Technology and Automation, pp. 382–387 (2005)

    Google Scholar 

  29. Isaacman, S., Becker, R., Caceres, R., Kobourov, S., Martonosi, M., Rowland, J., Varshavsky, A.: Ranges of human mobility in Los Angeles and New York. In: 2011 IEEE International Conference on Pervasive Computing and Communications Workshops, PERCOM Workshops 2011, pp. 88–93 (2011)

    Google Scholar 

  30. Liu, F., Janssens, D., Cui, J., Wang, Y., Wets, G., Cools, M.: Building a validation measure for activity-based transportation models based on mobile phone data. Expert Syst. Appl. 41(14), 6174–6189 (2014)

    Article  Google Scholar 

  31. Çolak, S., Alexander, L.P., Alvim, B.G., Mehndiratta, S.R., González, M.C.: Analyzing cell phone location data for urban travel: current methods, limitations, and opportunities. Transp. Res. Rec.: J. Transp. Res. Board 2526, 126–135 (2015)

    Article  Google Scholar 

  32. Sun, B., Chen, Z., Wang, R., Yu, F., Leung, V.C.: Towards adaptive anomaly detection in cellular mobile networks. In: The IEEE Consumer Communications and Networking Conference, vol. 2, pp. 666–670 (2006)

    Google Scholar 

  33. Tandon, G., Chan, P.K.: Tracking user mobility to detect suspicious behavior. In: SDM, pp. 871–882. SIAM (2009)

    Google Scholar 

  34. Sun, B., Yu, F., Wu, K., Leung, V.: Mobility-based anomaly detection in cellular mobile networks. In: Proceedings of the 3rd ACM Workshop on Wireless Security, pp. 61–69. ACM (2004)

    Google Scholar 

  35. Yan, G., Eidenbenz, S., Sun, B.: Mobi-watchdog: you can steal, but you can’t run!. In: Proceedings of the Second ACM Conference on Wireless Network Security, pp. 139–150. ACM (2009)

    Google Scholar 

  36. Yazji, S., Scheuermann, P., Dick, R.P., Trajcevski, G., Jin, R.: Efficient location aware intrusion detection to protect mobile devices. Pers. Ubiquit. Comput. 18(1), 143–162 (2014)

    Article  Google Scholar 

  37. Kałużny, P.: Evaluation of trajectory based mobility profile in user behavioral authentication based on telecom data. Master thesis, Poznań University of Economics and Business, Poznań (2017)

    Google Scholar 

  38. Jankowiak, P., Kałużny, P.: Human mobility profiling based on call detail records analysis. Bachelor thesis, Poznań University of Economics and Business, Poznań (2015)

    Google Scholar 

  39. Kayacik, H.G., Just, M., Baillie, L., Aspinall, D., Micallef, N.: Data driven authentication: on the effectiveness of user behaviour modelling with mobile device sensors. arXiv preprint: arXiv:1410.7743 (2014)

Download references

Author information

Authors and Affiliations

  1. Poznań University of Economics and Business, Al. Niepodległości 10, 61-875, Poznań, Poland

    Piotr Kałużny

Authors
  1. Piotr Kałużny
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Piotr Kałużny .

Editor information

Editors and Affiliations

  1. Poznań University of Economics and Business, Poznań, Poland

    Witold Abramowicz

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Kałużny, P. (2017). Behavioural Profiling Authentication Based on Trajectory Based Anomaly Detection Model of User’s Mobility. In: Abramowicz, W. (eds) Business Information Systems Workshops. BIS 2017. Lecture Notes in Business Information Processing, vol 303. Springer, Cham. https://doi.org/10.1007/978-3-319-69023-0_21

Download citation

Publish with us

Policies and ethics

Search

Navigation