research-article

A Review of Continuous Authentication Using Behavioral Biometrics

Authors:

Ioannis C. Stylios,

Iosif Androulidakis,

Elena ZaitsevaAuthors Info & Claims

SEEDA-CECNSM '16: Proceedings of the SouthEast European Design Automation, Computer Engineering, Computer Networks and Social Media Conference

Pages 72 - 79

https://doi.org/10.1145/2984393.2984403

Published: 25 September 2016 Publication History

Abstract

The present study carries out a literature review on the topic of Continuous Authentication (CA) using behavioral biometrics. CA systems have been proposed in order to solve the shortcomings of other user authentication methods. CA processes are considered to raise systems security and reliability, and biometric technologies have increasingly become part of security architectures. Since some of uni-biometrics' vulnerabilities have already been revealed, they have been replaced or enhanced by multi-biometrics where behavioral biometrics are gaining ground as a new way of establishing the identity of a user. We therefore present a collection of selected published sources relevant to this topic accompanied by annotation, critical analysis of contents and, in some cases apposition of the main conclusions of each work. This work can help new researchers, scientists and the industry develop new systems and technologies by providing them a ready to use literature base with theoretical and practical aspects on Continuous Authentication using behavioral biometrics.

References

[1]

Androulidakis, I., Christou, V., Bardis, N., Stylios, I., (2009): Surveying users' practices regarding mobile phones' security features. Electrical And Computer Engineering Series, Proceedings of the 3rd WSEAS international conference.

Digital Library

[2]

Saevanee H., Bhatarakosol, P., (2008). User Authentication Using Combination of Behavioral Biometrics over the Touchpad Acting Like Touch Screen of Mobile Device. International Conference on Computer and Electrical Engineering, 2008. Page(s): 82--86.

Digital Library

[3]

Stylios, I. C., Chatzis, S., Thanou, O., Kokolakis, S., (2015). Mobile Phones & Behavioral Modalities: Surveying Users' Practices. TELFOR 2015 International IEEE Conference, At SAVA Center, Belgrade, Serbia.

[4]

Clarke N., L., Furnell, S., M., (2005). Authentication of users on mobile telephones -- A survey of attitudes and practices. Computers & Security 24, 519e527, Elsevier.

Digital Library

[5]

Sujithra, M., Padmavathi, G., (2012): A Survey on Mobile Device Threats, Vulnerabilities and their Defensive Mechanism. International Journal of Computer Applications (0975-8887) Volume 56-- No.14.

[6]

Ahern, S., Eckles, D., Good, N.S., King, S., Naaman, M., Nair, R., (2007). Over-exposed?: privacy patterns and considerations in online and mobile photo sharing. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. Pages 357--366. Publisher ACM New York, USA.

Digital Library

[7]

Kurkovsky, S., and Syta, E., (2010). Digital natives and mobile phones: A survey of practices and attitudes about privacy and security. 2010 IEEE International Symposium on Technology and Society (ISTAS). Conference Location: Wollongong, NSW. Page(s): 441--449. Print ISBN: 978-1-4244-7777-7.

[8]

Chin, E., Porter Felt, A., Sekar, V., Wagner, D., (2012). Measuring user confidence in smartphone security and privacy. Proceedings of the Eighth Symposium on Usable Privacy and Security. Article No. 1. ISBN: 978-1-4503-1532-6NY, Publisher ACM New York, USA.

Digital Library

[9]

Keith, M. J., Thompson, S. C., Hale, J., Lowry, P. B., Greer, C., (2013). Information disclosure on mobile devices: Re-examining privacy calculus with actual user behavior. International Journal of Human-Computer Studies Volume 71, Issue 12, December 2013, Pages 1163--1173. ELSEVIER.

Digital Library

[10]

Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M, (2010). Smudge attacks on smartphone touch screens. Proceedings of the 4th USENIX conference on Offensive technologies. pp. 1--7. USENIX Association.

Digital Library

[11]

N.L. Clarke, S.M. Furnell, P.M. Rodwell, P.L. Reynolds, (2002). Acceptance of Subscriber Authentication Methods for Mobile Telephony Devices. Computers & Security Volume 21, Issue 3, 1 June 2002, Pages 220--228.

Digital Library

[12]

S. Karatzouni, S. M. Furnell, N. L. Clarke and R. A. Botha, (2007). Perceptions of User Authentication on Mobile Devices. In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV.

[13]

Ahmed Awad E. Ahmed, Issa Traore. (2011). Continuous Authentication Using Biometrics: Data, Models and Metrics. Publisher: IGI Global. ISBN: 9781613501290. Release Date: September 2011.

Digital Library

[14]

Derawi, M. O., Gafurov, D., Bours, P., (2011). Towards continuous authentication based on gait using wearable motion recording sensors. ResearchGate. Article · January 2011.

[15]

Benabdelkader, C., Cutler, R., Davis L. S. (2002). Person Identification Using Automatic Height and Stride Estimation. IEEE International Conference on Automatic Face and Gesture Recognition - FGR, pp. 372--377, 2002.

[16]

Mantyjarvi, J., Lindholm, M., Vildjiounaite E., Makela, S.-M., Ailisto, H. A. (2005). Identifying users of portable devices from gait pattern with accelerometers. IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005. (Volume:2). Page(s): ii/973--ii/976 Vol. 2.

[17]

Gafurov, D., Helkala, K., Søndrol T., (2006). Biometric Gait Authentication Using Accelerometer Sensor, Journal of Computers, Vol 1, No 7 (2006), 51--59, Nov 2006.

[18]

Derawi, M. O., Nickel, C., Bours, P., and Busch, C., (2010). Unobtrusive User-Authentication on Mobile Phones using Biometric GaitRecognition. Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing. IEEE 2010. Page(s): 306--311.

Digital Library

[19]

Kwapisz, J. R., Weiss, G. M., Moore S. A., (2010). Cell phone-based biometric identification. Fourth IEEE International Conference on Biometrics: Theory Applications and Systems (BTAS), 2010. Page(s): 1--7.

[20]

Tao Feng, Xi Zhao, Weidong Shi, (2013). Investigating Mobile Device Picking-up motion as a novel biometric modality. IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS), 2013. Page(s): 1--6.

[21]

Tao Feng, Ziyi Liu, Kyeong-An Kwon, Weidong Shi, (2012). Continuous mobile authentication using touchscreen gestures. IEEE Conference on Technologies for Homeland Security (HST), 2012. Page(s):451--456.

[22]

Frank, M., Biedert, R., Ma, E., Martinovic, I., Song, D., (2012). Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication. IEEE Transactions on Information Forensics and Security. 2012. (Volume:8, Issue: 1). Page(s): 136--148.

Digital Library

[23]

Lingjun Li, Xinxin Zhao, Guoliang Xue, (2013). Unobservable Re-authentication for Smartphones. Proceedings of the 20th Annual Network & Distributed System Security Symposium, NDSS 2013. Publisher: Internet Society.

[24]

Xi Zhao, Tao Feng, Weidong Shi, (2013). Continuous mobile authentication using a novel Graphic Touch Gesture Feature. 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS). Page(s): 1--6.

[25]

Bo, C., Zhang, L., Jung, T., Han, J., Li, X.-Y., Wang, Y. (2014). Continuous user identification via touch and movement behavioral biometrics. Performance Computing and Communications Conference (IPCCC), 2014 IEEE International. pp. 1--8. IEEE (2014).

[26]

Xu H, Zhou Y, Lyu MR, (2014). Towards Continuous and Passive Authentication via Touch Biometrics: An Experimental Study on Smartphones. Symposium On Usable Privacy and Security (SOUPS 2014). USENIX Association. ISBN Number 978-1-931971-13-3.

[27]

Sitová, Z., Šeděnka, J., Yang, Q., Peng, G., Zhou, G., Gasti, P., Balagani, K. S., (2015). HMOG: New Behavioral Biometric Features for Continuous Authentication of Smartphone Users. IEEE Transactions on Information Forensics and Security (Volume: 11, Issue: 5). Page(s): 877--892.

Digital Library

[28]

A. Ross and A.K. Jain, "Information Fusion in Biometrics", Proc. of AVBPA, Halmstad, Sweden, June 2001, pp. 354--359.

Digital Library

[29]

Dong-Ju Kim, Kwang-Woo Chung, and Kwang-Seok Hong, "Person authentication using face, teeth and voice modalities for mobile device security," in IEEE Transactions on Consumer Electronics, 2010, pp. 2678--2685.

Digital Library

[30]

H. Saevanee, H., Clarke, N.L, and Furnell, S.M., (2011). Multi-Modal Behavioural Biometric Authentication for Mobile Devices. Information Security and Privacy Research. Volume 376 of the series IFIP Advances in Information and Communication Technology pp 465--474.

[31]

Shi, E., Niu, Y., Jakobsson, M., and Chow R., (2011). Implicit Authentication through Learning User Behavior. Information Security, Volume 6531 of the series Lecture Notes in Computer Science pp 99--113.

Digital Library

[32]

Riva, O., Qin, C., Strauss, K., Lymberopoulos, D., (2012). Progressive authentication: deciding when to authenticate on mobile phones. Proceedings of the 21st USENIX conference on Security symposium. Pages 15--15. USENIX Association Berkeley, CA, USA ©2012.

Digital Library

[33]

Bo, C., Zhang, L., Li, (2013).SilentSense: Silent User Identification via Dynamics of Touch and Movement Behavioral Biometrics. Cornell University Library. (Submitted on 31 Aug 2013). Cite as: arXiv:1309.0073

[34]

Wolff, M., (2013). Behavioral Biometric Identification on Mobile Devices. 7th International Conference, AC 2013, Held as Part of HCI International 2013, Las Vegas, NV, USA, July 21-26, 2013. Pages pp 783--791. DOI 10.1007/978-3-642-39454-6_84.

[35]

Crawford, H., Renaud, K., Storer, T., (2013). A framework for continuous, transparent mobile device authentication. Computers & Security Volume 39, Part B, November 2013, Pages 127--136. ELSEVIER.

Digital Library

[36]

Nan Zheng, Kun Bai., Hai Huang, Haining Wang, (2014). You Are How You Touch: User Verification on Smartphones via Tapping Behaviors. 2014 IEEE 22nd International Conference on Network Protocols. Page(s): 221--232.

Digital Library

[37]

Seo, H., Kim, E., & Kim, H. K. (2012). A novel biometric identification based on a user's input pattern analysis for intelligent mobile devices. International Journal of Advanced Robotic Systems, 9, {46}. 10.5772/51319.

[38]

De Luca, A., Hang, A., Brudy, F., Lindner, C., Hussmann, H., (2012). Touch me once and i know it's you!: implicit authentication based on touch screen patterns. CHI '12 Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. Pages 987--996. ACM New York, NY, USA ©2012

Digital Library

[39]

Shen, C.; Yu, T.; Yuan, S.; Li, Y.; Guan, X. (2016). Performance Analysis of Motion-Sensor Behavior for User Authentication on Smartphones. Sensors 2016, 16, 345.

[40]

Brosso, I., La Neve, A., Bressan, G., Ruggiero W. V., (2010). A Continuous Authentication System Based on User Behavior Analysis. ARES '10 International Conference on Availability, Reliability, and Security, 2010. Page(s): 380--385. Publisher: IEEE

[41]

Gupta, A., Miettinen, M., Asokan, N., Nagy, M., (2012). Intuitive Security Policy Configuration in Mobile Devices Using Context Profiling. International Conference on and 2012 International Confernece on Social Computing (SocialCom) Privacy, Security, Risk and Trust (PASSAT), 2012.Page(s): 471--480

Digital Library

[42]

Murmuria, R., Medsger, J., Stavrou, A., Voas, J. M., (2012). Mobile Application and Device Power Usage Measurements. Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability. Pages 147--156. IEEE Computer Society Washington, DC, USA ©2012.

Digital Library

[43]

Shye, A., Scholbrock, B., Memik, G., (2009). Into the Wild: Studying Real User Activity Patterns to Guide Power Optimizations for Mobile Architectures. In proceedings of the 42nd IEEE/ACM International Symposium on Microarchitecture (MICRO). New York, NY. December 12-16, 2009.

Digital Library

[44]

Murmuria, R,. Stavrou, A., Barbara, D., and Fleck D., (2015). Continuous Authentication on Mobile Devices Using Power Consumption, Touch Gestures and Physical Movement of Users. Chapter Research in Attacks, Intrusions, and Defenses. Volume 9404 of the series Lecture Notes in Computer Science pp 405--424 Date: 12 December 2015.

Digital Library

[45]

Buriro, A., Crispo, B., Delfrari, F., Wrona, K., (2016). Hold & Sign: A Novel Behavioral Biometrics for Smartphone User Authentication. Conference: Mobile Security Technologies (MoST) 2016 in conjunction with IEEE Security and Privacy (S&P 16).

[46]

Buriro, A., Crispo, B., Delfrari, F., Wrona, K., (2015). ITSME: Multi-modal and Unobtrusive Behavioural User Authentication for Smartphones. 9th International Conference on Passwords (Passwords15 London). Lecture Notes in Computer Science, Volume 9551. Page(s): 45--61. Publisher: Springer.

Cited By

Hallal LRhinelander JVenkat R(2024)Recent Trends of Authentication Methods in Extended Reality: A SurveyApplied System Innovation10.3390/asi70300457:3(45)Online publication date: 28-May-2024
https://doi.org/10.3390/asi7030045
Dietz FMecke LRiesner DAlt F(2024)Delusio - Plausible Deniability For Face RecognitionProceedings of the ACM on Human-Computer Interaction10.1145/36764948:MHCI(1-13)Online publication date: 24-Sep-2024
https://dl.acm.org/doi/10.1145/3676494
Chen FXin JPhoha V(2024)SSPRA: A Robust Approach to Continuous Authentication Amidst Real-World Adversarial ChallengesIEEE Transactions on Biometrics, Behavior, and Identity Science10.1109/TBIOM.2024.33695906:2(245-260)Online publication date: Apr-2024
https://doi.org/10.1109/TBIOM.2024.3369590
Show More Cited By

Recommendations

Evaluating Behavioral Biometrics for Continuous Authentication: Challenges and Metrics
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

In recent years, behavioral biometrics have become a popular approach to support continuous authentication systems. Most generally, a continuous authentication system can make two types of errors: false rejects and false accepts. Based on this, the most ...
Continuous Authentication Using Behavioral Biometrics

A continuous behaviometric authentication system is tested on 99 users over 10 weeks, focusing on keystroke dynamics, mouse movements, application usage, and the system footprint. In the process, a new trust model was created to enable continuous ...
BioPrivacy: Development of a Keystroke Dynamics Continuous Authentication System
Computer Security. ESORICS 2021 International Workshops
Abstract
Session authentication schemes establish the identity of the user only at the beginning of the session, so they are vulnerable to attacks that tamper with communications after the establishment of the authenticated session. Moreover, smartphones ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SEEDA-CECNSM '16: Proceedings of the SouthEast European Design Automation, Computer Engineering, Computer Networks and Social Media Conference

September 2016

126 pages

ISBN:9781450348102

DOI:10.1145/2984393

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 September 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

SEEDA-CECNSM '16

SEEDA-CECNSM '16: SouthEast European Design Automation, Computer Engineering, Computer Networks and Social Media Conference

September 25 - 27, 2016

Kastoria, Greece

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

37
Total Citations
View Citations
865
Total Downloads

Downloads (Last 12 months)94
Downloads (Last 6 weeks)15

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hallal LRhinelander JVenkat R(2024)Recent Trends of Authentication Methods in Extended Reality: A SurveyApplied System Innovation10.3390/asi70300457:3(45)Online publication date: 28-May-2024
https://doi.org/10.3390/asi7030045
Dietz FMecke LRiesner DAlt F(2024)Delusio - Plausible Deniability For Face RecognitionProceedings of the ACM on Human-Computer Interaction10.1145/36764948:MHCI(1-13)Online publication date: 24-Sep-2024
https://dl.acm.org/doi/10.1145/3676494
Chen FXin JPhoha V(2024)SSPRA: A Robust Approach to Continuous Authentication Amidst Real-World Adversarial ChallengesIEEE Transactions on Biometrics, Behavior, and Identity Science10.1109/TBIOM.2024.33695906:2(245-260)Online publication date: Apr-2024
https://doi.org/10.1109/TBIOM.2024.3369590
Zhao CGao FShen Z(2024)Multi-Motion Sensor Behavior based Continuous Authentication on Smartphones using Gated Two-Tower Transformer Fusion NetworksComputers & Security10.1016/j.cose.2023.103698(103698)Online publication date: Jan-2024
https://doi.org/10.1016/j.cose.2023.103698
Rajalakshmi DAnita CManiTeja BManjunadhreddy ISai G(2023)A Novel Artificial Intelligence–Based Transaction2023 International Conference on Innovative Computing, Intelligent Communication and Smart Electrical Systems (ICSES)10.1109/ICSES60034.2023.10465477(1-4)Online publication date: 14-Dec-2023
https://doi.org/10.1109/ICSES60034.2023.10465477
Van Hamme TGarofalo GPreuveneers DJoosen W(2023)Masterkey attacks against free-text keystroke dynamics and security implications of demographic factors2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00025(278-291)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00025
Stylios IChatzis SThanou OKokolakis S(2023)Continuous authentication with feature-level fusion of touch gestures and keystroke dynamics to solve security and usability issuesComputers & Security10.1016/j.cose.2023.103363132(103363)Online publication date: Sep-2023
https://doi.org/10.1016/j.cose.2023.103363
Ray-Dowling AHou DSchuckers S(2023)Stationary mobile behavioral biometricsComputers and Security10.1016/j.cose.2023.103184128:COnline publication date: 1-May-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103184
Smith-Creasey MSmith-Creasey M(2023)Continuous AuthenticationContinuous Biometric Authentication Systems10.1007/978-3-031-49071-2_3(35-72)Online publication date: 29-Oct-2023
https://doi.org/10.1007/978-3-031-49071-2_3
Avasthi SSanwal TPrakash ATripathi S(2023)A Study of Multimodal Colearning, Application in Biometrics and AuthenticationMultimodal Biometric and Machine Learning Technologies10.1002/9781119785491.ch6(103-128)Online publication date: 16-Oct-2023
https://doi.org/10.1002/9781119785491.ch6
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten