Abstract
Access to a variety of Internet of Things networks can be achieved through end-user devices such as smartphones or tablets. However, these devices are susceptible to theft, loss or unauthorized access. Although end-user devices are equipped with different means of authentication such as fingerprint readers, these methods are only employed at the time of access. Hence, an effective authentication mechanism that continuously authenticates users in the background is required in order to detect unauthorized access. A rich set of information can be extracted from end-user devices and utilized in the background to continuously authenticate users without requiring further intervention. As an example, the ability to continuously retrieve application usage profiles and sensor data on such devices strengthens the argument for employing behavioral-based mechanisms for continuous user authentication. This paper, which discusses behavioral-based authentication mechanisms with regard to security and usability, presents a user authentication model based on app access and network generated traffic patterns while accessing apps, utilizing a small amount of information. To validate our model, we use a public real-world dataset collected, in an uncontrolled manner, from real users over a long time period. The presented model can authenticate users with a minimum F-measure of 98%, utilizing both access time patterns and network traffic patterns. Overall, the results are promising, and the achieved high degree of accuracy proves the effectiveness and usability of the proposed model.
Similar content being viewed by others
References
Deng, L., Li, D., Yao, X., Cox, D., Wang, H.: Mobile network intrusion detection for iot system based on transfer learning algorithm. Clust. Comput. 22(4), 9889–9904 (2019)
Evans, D.: The Internet of Things—How the Next Evolution of the Internet is Changing Everything. CISCO White Pap., No. April, pp. 1–11 (2011)
Fortino, G., Russo, W., Savaglio, C., Shen, W., Zhou, M.: Agent-oriented cooperative smart objects: from IoT system design to implementation. In: IEEE Transactions on Systems, Man, and Cybernetics: Systems, pp. 1–18 (2017)
Ashibani, Y., Mahmoud, Q.H.: Cyber physical systems security: analysis, challenges and solutions. J. Comput. Secur. 68, 81–97 (2017)
Miloslavskaya, N., Tolstoy, A.: Internet of things: information security challenges and solutions. Clust. Comput. 22(1), 103–119 (2019)
Molina, B., Palau, C.E., Fortino, G., Guerrieri, A., Savaglio, C.: Empowering smart cities through interoperable sensor network enablers. In: Proceedings of IEEE International Conference on Systems, Man and Cybernetics, vol. 2014, pp. 7–12 (2014)
Gajewski, M., Batalla, J.M., Mastorakis, G., Mavromoustakis, C.X.: A distributed IDS architecture model for smart home systems. Clust. Comput. 22, 1739–1749 (2019)
Hosek, J., Masek, P., Kovac, D., Ries, M., Kröpfl, F.: Universal smart energy communication platform. In: IEEE 2014 International Conference on Intelligent Green Building and Smart Grid, IGBSG 2014, pp. 1–4
Masek, P., Hosek, J., Ries, M., Kovac, D., Bartl, M., Kröpfl, F.: Use case study on embedded systems serving as smart home gateways. In: Recent Advances in Circuits, Systems and Automatic Control, 2013, pp. 310–315
Chae, C.J., Kim, K.B., Cho, H.J.: A study on secure user authentication and authorization in OAuth protocol. Clust. Comput. 22, 1991–1999 (2019)
Barcena, M.B., Wueest, C.: Insecurity in the internet of things. Security response, symantec (2016)
Gheorghe, A.: The internet of things: risk in the connected home. Bitdefender (2016)
Abomhara, M.: Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. J. Cyber Secur. Mobil. 4(1), 65–88 (2015)
Ur, B., Jung, J., Schechter, S.: The current state of access control for smart devices in homes. In: Work from Home Usable Privacy and Security, pp. 1–6 (2014)
Hewlett Packard: Internet of Things Research Study. HP p. 4 (2014)
Faisal, S., Anani, N., Leiper, J., Gupta, M.: The application of everything: Canada’s apps economy value chain. The Information and Communication Technology Council (ICTC), Canada (2014)
Ashibani, Y., Mahmoud, Q.H.: A behavior profiling model for user authentication in IoT networks based on app usage patterns. In: 44th IEEE Annual Conference of the Industrial Electronics Society (IECON), pp. 2841–2846 (2018)
Ashibani, Y., Mahmoud, Q.H.: A user authentication model for IoT networks based on app traffic patterns. In: 9th IEEE Annual I Information Technology; Electronics and Mobile Communication Conference (IEMCON), pp. 632–638 (2018)
Zhou, K., Medsger, J., Stavrou, A., Voas, J.M.: Mobile application and device power usage measurements. In: IEEE Sixth International Conference on Software Security and Reliability (SERE), pp. 147–156 (2012)
Leelavathy, J., Selvabrundha, S.: A novel approach to classify users based on keystroke behavior. Clust. Comput. 22(4), 9677–9685 (2019)
Obaidat, M.S., Traore, I., Woungang, I.: Continuous authentication using writing style. In: Biometric-Based Physical and Cybersecurity Systems. Springer, Cham, pp. 211–232 (2019).
Lee, W., Lee, R.B.: Multi-sensor authentication to improve smartphone security. In: IEEE International Conference on Information Systems Security and Privacy (ICISSP), pp. 1–11 (2015)
Lee, W.-H., Lee, R.B.: Implicit authentication for smartphone security. In: International Conference on Information Systems Security and Privacy. Springer, pp. 160–176 (2015)
Li, L., Zhao, X., Xue, G.: Unobservable re-authentication for smartphones. In: The Network and Distributed System Security Symposium, vol. 56 (2013)
Trojahn, M., Ortmeier, F.: Toward mobile authentication with keystroke dynamics on mobile phones and tablets. In: International Conference on Advanced Information Networking and Applications Work, pp. 697–702 (2013)
Zhu, J., Wu, P., Wang, X., Zhang, J.: SenSec: mobile security through passive sensing. In: IEEE International Conference on Computer Network Communications, pp. 1128–1133 (2013)
Ashibani, Y., Kauling, D., Mahmoud, Q.H.: A context-aware authentication framework for smart homes. In: 30th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE), pp. 1–5 (2017)
Li, F., Clarke, N., Papadaki, M., Dowland, P.: Behaviour profiling for transparent authentication for mobile devices. In: European Conference on Cyber Warfare and Security Academy Conference International Limited, pp. 307–315 (2011)
Shi, E., Niu, Y., Jakobsson, M., Chow, R.: Implicit authentication through learning user behavior, pp. 99–113. Springer, Berlin (2011)
Damopoulos, D., Menesidou, S.A., Kambourakis, G., Papadaki, M., Clarke, N., Gritzalis, S.: Evaluation of anomaly-based IDS for mobile devices using machine learning classifiers. Secur. Commun. Netw. 5(1), 3–14 (2012)
Kalamandeen, A., Scannell, A, De Lara, E., Sheth, A., Lamarca, A.: Ensemble: cooperative proximity-based authentication, pp. 331–343 (2010)
Bassu, D., Cochinwala, M., Jain, A.: A new mobile biometric based upon usage context. In: IEEE International Conference on Technologies for Homeland Security, HST, pp. 441–446 (2013)
Murmuria, R., Stavrou, A., Barbará, D., Fleck, D.: Continuous authentication on mobile devices using power consumption, touch gestures and physical movement of users. In: International Workshop on Recent Advances in Intrusion Detection, Springer, Cham, pp. 405–424 (2015)
Li, F., Clarke, N., Papadaki, M., Dowland, P.: Active authentication for mobile devices utilising behaviour profiling. Int. J. Inf. Secur. 13(3), 229–244 (2014)
Mahbub, U., Komulainen, J., Ferreira, D., Chellappa, R.: Continuous authentication of smartphones based on application usage. IEEE Trans. Biometr. Behav. Identity Sci. 1(3), 165–180 (2019)
Jose, A.C., Malekian, R., Ye, N.: Improving home automation security; integrating device fingerprinting into smart home. IEEE Access 4, 5776–5787 (2016)
Prakash, A.: Continuous user authentication based score level fusion with hybrid optimization. Clust. Comput. 22(5), 12959–12969 (2019)
Ashibani, Y., Mahmoud, Q.H.: A multi-feature user authentication model based on mobile app interactions. IEEE Access 8, 96322–96339 (2020)
Xu, L., Zheng, X., Guo, X., Chen, G.: A cloud-based monitoring framework for smart home. In: IEEE 4th International Conference on Cloud Computing Technology and Science Proceedings, pp. 805–810 (2012)
Ashibani, Y., Kauling, D., Mahmoud, Q.H.: Poster: a context-aware authentication service for smart homes. In: 14th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 588–589 (2017)
Ashibani, Y., Kauling, D., Mahmoud, Q.H.: Design and implementation of a contextual-based continuous authentication framework for smart homes. Appl. Syst. Innov. 2(1), 1–20 (2019)
Pedregosa, F., et al.: Scikit-learn: machine learning in python. J. Mach. Learn. Res. 12, 2825–2830 (2011)
Massey, A., Miller, S.J.: Tests of hypotheses using statistics. Math. Dep. Brown Univ. Provid. RI 2912, 1–32 (2006)
García, V., Sánchez, J.S., Mollineda, R.A.: Knowledge-based systems on the effectiveness of preprocessing methods when dealing with different levels of class imbalance. Knowl. Syst. 25, 13–21 (2012)
Amasyali, M.F., Ersoy, O.K.: Classifier ensembles with the extended space forest. IEEE Trans. Knowl. Data Eng. 26(3), 549–562 (2014)
Segal, M.: Decision tree and SVM-based data analytics for theft detection in smart grid. IEEE Trans. Ind. Inform. 12(3), 1005–1016 (2016)
Kim, K.S., Choi, H.H., Moon, C.S., Mun, C.W.: Comparison of K-nearest neighbor, quadratic discriminant and linear discriminant analysis in classification of electromyogram signals based on the wrist-motion directions. Curr. Appl. Phys. 11(3), 740–745 (2011)
Hensman, J., Matthews, A., Ghahramani, Z.: Scalable variational gaussian process classification. In: 18th International Conference on Artificial Intelligence and Statistics (AISTATS) (2015)
Wang, Y., Liang, Y., Sun, H., Ma, Y.: Intrusion detection and performance simulation based on improved sequential pattern mining algorithm. Clust. Comput. 8 (2020)
Chen, X., Cai, X., Zhou, Y., Hao, Z.: Development of data monitoring application based on IoT. Clust. Comput. 8, 1–9 (2020)
Li, M., et al.: Coupled K-nearest centroid classification for non-IID data. In: Transactions on Computational Collective Intelligence XV, pp. 89–100 (2014)
Singh, A., Prakash, S.B., Chandrasekaran, K.: A comparison of linear discriminant analysis and ridge classifier on twitter data. In: International Conference on Computing, Communication and Automation (ICCCA), pp. 133–138 (2016)
Beleites, C., Neugebauer, U., Bocklitz, T., Krafft, C., Popp, J.: Sample size planning for classification models. Anal. Chim. Acta 760, 25–33 (2013)
Abdi, L., Hashemi, S.: To combat multi-class imbalanced problems by means of over-sampling techniques. IEEE Trans. Knowl. Data Eng. 28(1), 238–251 (2016)
Wahid, A., Rao, A.C.S.: ODRA: an outlier detection algorithm based on relevant attribute analysis method. Clust. Comput. 9, 1–17 (2020)
Qi, Y.: Random forest for bioinformatics. In: Zhang, C., Ma, Y. (eds.) Ensemble machine learning: methods and applications, pp. 307–323. Springer, New York (2012)
Xia, J., Ghamisi, P., Yokoya, N., Iwasaki, A.: Random forest ensembles and extended multiextinction profiles for hyperspectral image classification. IEEE Trans. Geosci. Remote Sens. 56(1), 202–216 (2017)
López, V., Fernández, A., Moreno-Torres, J.G., Herrera, F.: Analysis of preprocessing vs. cost-sensitive learning for imbalanced classification. Open problems on intrinsic data characteristics. Expert Syst. Appl. 39(7), 6585–6608 (2012)
Acknowledgement
The first author would like to thank the Libyan Ministry of Higher Education and Scientific Research for providing a scholarship to pursue his PhD.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Ashibani, Y., Mahmoud, Q.H. Design and evaluation of a user authentication model for IoT networks based on app event patterns. Cluster Comput 24, 837–850 (2021). https://doi.org/10.1007/s10586-020-03156-5
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-020-03156-5