short-paper

Confidence and Risk Estimation Plugins for Multi-Modal Authentication on Mobile Devices using CORMORANT

Authors:

Muhammad Muaaz,

Rainhard D. Findling,

Sebastian Scholz,

René MayrhoferAuthors Info & Claims

MoMM 2015: Proceedings of the 13th International Conference on Advances in Mobile Computing and Multimedia

Pages 384 - 388

https://doi.org/10.1145/2837126.2843845

Published: 11 December 2015 Publication History

Abstract

Mobile devices, ubiquitous in modern lifestyle, embody and provide convenient access to our digital lives. Being small and mobile, they are easily lost or stole, therefore require strong authentication to mitigate the risk of unauthorized access. Common knowledge-based mechanism like PIN or pattern, however, fail to scale with the high frequency but short duration of device interactions and ever increasing number of mobile devices carried simultaneously. To overcome these limitations, we present CORMORANT, an extensible framework for risk-aware multi-modal biometric authentication across multiple mobile devices that offers increased security and requires less user interaction.

References

[1]

International Statistics on Crime and Justice. In S. Harrendorf, M. Heiskanen, and S. Malby, editors, European Institute for Crime Prevention and Control. 2010.

[2]

A. J. Aviv, K. Gibson, E. Mossop, M. Blaze, and J. M. Smith. Smudge Attacks on Smartphone Touch Screens. Proceedings of the 4th USENIX conference on Offensive technologies, pages 1--10, 2010.

Digital Library

[3]

K. Z. Bijon, R. Krishnan, and R. Sandhu. A framework for risk-aware role based access control. 2013 IEEE Conference on Communications and Network Security (CNS), pages 462--469, 2013.

[4]

F. Bimbot, J.-F. Bonastre, C. Fredouille, G. Gravier, I. Magrin-Chagnolleau, S. Meignier, T. Merlin, J. Ortega-García, D. Petrovska-Delacrétaz, and D. A. Reynolds. A tutorial on text-independent speaker verification. EURASIP J. Appl. Signal Process., 2004:430--451, Jan. 2004.

Digital Library

[5]

H. Crawford, K. Renaud, and T. Storer. A framework for continuous, transparent mobile device authentication. Computers and Security, 39:127--136, 2013.

Digital Library

[6]

M. O. Derawi. Smartphones and Biometrics: Gait and Activity Recognition. PhD thesis, Gjøvik University College, November 2012.

[7]

N. N. Diep, S. Lee, Y.-K. Lee, and H. Lee. Contextual Risk-Based Access Control. Security and Management, 2007.

[8]

M. Felson and E. Poulsen. Simple indicators of crime by time of day. International Journal of Forecasting, 19:595--601, 2003.

[9]

R. D. Findling. Pan shot face unlock: Towards unlocking personal mobile devices using stereo vision and biometric face information from multiple perspectives. Master's thesis, University of Applied Sciences Upper Austria, Hagenberg, Austria, Sept. 2013.

[10]

M. Harbach, E. V. Zezschwitz, A. Fichtner, A. De Luca, and M. Smith. It's a Hard Lock Life: A Field Study of Smartphone (Un) Locking Behavior and Risk Perception. Symposium on Usable Privacy and Security (SOUPS), pages 213--230, 2014.

[11]

E. Hayashi and J. I. Hong. Knock x Knock: The Design and Evaluation of a Unified Authentication Management System. 2015.

[12]

D. Hintze, R. D. Findling, M. Muaaz, E. Koch, and R. Mayrhofer. CORMORANT: Towards Continuous Risk-Aware Multi-Modal Cross-Device Authentication. Proc. UbiComp 2015: Adjunct Publication, 2015.

Digital Library

[13]

D. Hintze, R. D. Findling, S. Scholz, and R. Mayrhofer. Mobile Device Usage Characteristics: The Effect of Context and Form Factor on Locked and Unlocked Usage. In Proc. MoMM 2014, 2014.

Digital Library

[14]

C. G. Hocking, S. M. Furnell, N. L. Clarke, and P. L. Reynolds. Authentication Aura - A distributed approach to user authentication. Journal of Information Assurance and Security, 6(2):149----156, 2011.

[15]

A. Hurkala and J. Hurkala. Architecture of Context-Risk-Aware Authentication System for Web Environments. ICIEIS'2014, pages 219--228, 2014.

[16]

D. J. Kim, K. W. Chung, and K. S. Hong. Person Authentication using Face, Teeth and Voice Modalities for Mobile Device Security. IEEE Transactions on Consumer Electronics, 56(4):2678--2685, 2010.

Digital Library

[17]

T. Kinnunen and H. Li. An overview of text-independent speaker recognition: from features to supervectors. Speech Communication, 52(1), 2010.

Digital Library

[18]

J. R. Kwapisz, G. M. Weiss, and S. A. Moore. Cell phone-based biometric identification. In Biometrics: Theory Applications and Systems (BTAS), 2010 Fourth IEEE International Conference on, pages 1--7. IEEE, 2010.

[19]

R. Lienhart and J. Maydt. An extended set of haar-like features for rapid object detection. In IEEE International Conference on Image Processing 2002, pages 900--903, 2002.

[20]

M. Muaaz and R. Mayrhofer. Orientation Independent Cell Phone Based Gait Authentication. Proc. MoMM 2014, pages 161--164, 2014.

Digital Library

[21]

C. Nickel. Accelerometer-based Biometric Gait Recognition for Authentication on Smartphones. PhD thesis, TU Darmstadt, June 2012.

[22]

OSGi Alliance. Listeners Considered Harmful: The "Whiteboard" Pattern. 2004.

[23]

A. Ross and A. K. Jain. Multimodal Biometrics: an Overview. Signal Processing, (September):1221--1224, 2004.

[24]

P. S. Sanjekar and J. B. Patil. An Overview of Multimodal Biometrics. Signal & Image Processing (SIPIJ), 4(1):57--64, 2013.

[25]

F. Stajano. Pico: No more passwords! Lecture Notes in Computer Science, 7114 LNCS:49--81, 2011.

Digital Library

[26]

I. Traore, I. Woungang, M. S. Obaidat, Y. Nakkabi, and I. Lai. Combining Mouse and Keystroke Dynamics Biometrics for Risk-Based Authentication in Web Environments. 2012 Fourth International Conference on Digital Home, pages 138--145, 2012.

Digital Library

[27]

P. Tresadern, T. F. Cootes, N. Poh, P. Matejka, A. Hadid, C. Lévy, C. McCool, and S. Marcel. Mobile Biometrics: Combined Face and Voice Verification for a Mobile Platform. IEEE Pervasive Computing, 12(01):79--87, 2013.

Digital Library

[28]

P. Viola and M. Jones. Rapid object detection using a boosted cascade of simple features. Proceedings of these 2001 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 1:511--518, 2001.

[29]

J. Yan, A. Blackwells, R. Anderson, and A. Grant. Password Memorability and Security: Empirical Results. IEEE Security & Privacy, 2(5):25--31, 2004.

Digital Library

Cited By

Gomez-Hernandez JCamacho JHolgado-Terriza JGarcia-Teodoro PMacia-Fernandez G(2021)ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android DevicesIEEE Access10.1109/ACCESS.2021.30971529(101321-101334)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3097152
Friström ELius EUlmanen NHietala PKärkkäinen PMäkinen TSigg SFindling R(2019)Free-Form Gaze Passwords from Cameras Embedded in Smart GlassesProceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia10.1145/3365921.3365928(136-144)Online publication date: 2-Dec-2019
https://dl.acm.org/doi/10.1145/3365921.3365928
Hintze DFüller MScholz SFindling RMuaaz MKapfer PNüßer WMayrhofer R(2019)CORMORANTProceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia10.1145/3365921.3365923(117-126)Online publication date: 2-Dec-2019
https://dl.acm.org/doi/10.1145/3365921.3365923
Show More Cited By

Index Terms

Confidence and Risk Estimation Plugins for Multi-Modal Authentication on Mobile Devices using CORMORANT
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

Cormorant: towards continuous risk-aware multi-modal cross-device authentication
UbiComp/ISWC'15 Adjunct: Adjunct Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2015 ACM International Symposium on Wearable Computers

Nowadays, people own and carry an increasing number of mobile devices, such as smartphones and smartwatches. Since these devices store and provide access to sensitive information, authentication is required to prevent unauthorized access. Widely used ...
Location-based risk assessment for mobile authentication
UbiComp '16: Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct

Mobile devices offer access to our digital lives and thus need to be protected against the risk of unauthorized physical access by applying strong authentication, which in turn adversely affects usability. The actual risk, however, depends on dynamic ...
CORMORANT: Ubiquitous Risk-Aware Multi-Modal Biometric Authentication across Mobile Devices

People own and carry an increasing number of ubiquitous mobile devices, such as smartphones, tablets, and notebooks. Being small and mobile, those devices have a high propensity to become lost or stolen. Since mobile devices provide access to their ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

MoMM 2015: Proceedings of the 13th International Conference on Advances in Mobile Computing and Multimedia

December 2015

422 pages

ISBN:9781450334938

DOI:10.1145/2837126

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Johannes Kepler University, Linz, Austria
@WAS: International Organization of Information Integration and Web-based Applications and Services

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 December 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

MoMM 2015

MoMM 2015: The 13th International Conference on Advances in Mobile Computing and Multimedia

December 11 - 13, 2015

Brussels, Belgium

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
103
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gomez-Hernandez JCamacho JHolgado-Terriza JGarcia-Teodoro PMacia-Fernandez G(2021)ARANAC: A Bring-Your-Own-Permissions Network Access Control Methodology for Android DevicesIEEE Access10.1109/ACCESS.2021.30971529(101321-101334)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3097152
Friström ELius EUlmanen NHietala PKärkkäinen PMäkinen TSigg SFindling R(2019)Free-Form Gaze Passwords from Cameras Embedded in Smart GlassesProceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia10.1145/3365921.3365928(136-144)Online publication date: 2-Dec-2019
https://dl.acm.org/doi/10.1145/3365921.3365928
Hintze DFüller MScholz SFindling RMuaaz MKapfer PNüßer WMayrhofer R(2019)CORMORANTProceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia10.1145/3365921.3365923(117-126)Online publication date: 2-Dec-2019
https://dl.acm.org/doi/10.1145/3365921.3365923
Findling RQuddus TSigg S(2019)Hide my Gaze with EOG!Proceedings of the 17th International Conference on Advances in Mobile Computing & Multimedia10.1145/3365921.3365922(107-116)Online publication date: 2-Dec-2019
https://dl.acm.org/doi/10.1145/3365921.3365922
Hintze DFüller MScholz SFindling RMuaaz MKapfer PKoch EMayrhofer R(2019)CORMORANTProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/33512433:3(1-23)Online publication date: 9-Sep-2019
https://dl.acm.org/doi/10.1145/3351243
Hintze DHintze PFindling RMayrhofer R(2017)A Large-Scale, Long-Term Analysis of Mobile Device Usage CharacteristicsProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/30900781:2(1-21)Online publication date: 30-Jun-2017
https://dl.acm.org/doi/10.1145/3090078
Hintze DKoch EScholz SMayrhofer RLukowicz PKrüger ABulling ALim YPatel S(2016)Location-based risk assessment for mobile authenticationProceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct10.1145/2968219.2971448(85-88)Online publication date: 12-Sep-2016
https://dl.acm.org/doi/10.1145/2968219.2971448

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten