AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning

AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning

The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to det...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 2021-04, Vol.103, p.102168, Article 102168
Hauptverfasser: Sánchez Sánchez, Pedro Miguel, Fernández Maimó, Lorenzo, Huertas Celdrán, Alberto, Martínez Pérez, Gregorio
Format: Artikel
Sprache:eng
Schlagworte:
Applications programs
Authentication
Computer architecture
Continuous authentication
Deep learning
Electronic devices
Internet of Things
Machine learning
Mobile computing
Multi-device behaviour
Personal computers
Privacy
Smart office
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to detect behaviour changes- have been demonstrated in realistic single-device scenarios, the Internet of Things and next generation of mobile networks (5G) are enabling novel multi-device scenarios, such as Smart Offices, that can help to reduce or address the previous challenges. The paper at hand presents an AI-based, privacy-preserving and multi-device continuous authentication architecture called AuthCODE. AuthCODE seeks to improve single-device solutions limitations by considering additional behavioural data coming from heterogeneous devices. AuthCODE proposes a novel set of features that combine the interactions of users with different devices. The features relevance has been demonstrated in a realistic Smart Office scenario with several users that interact with their mobile devices and personal computers. In this context, a set of single- and multi-device datasets have been generated and published to compare the performance of our multi-device solution against single-device approaches. A pool of experiments with machine and deep learning classifiers measured the impact of time in authentication accuracy and improved the results of single-device approaches by considering multi-device behaviour profiles. Specifically, the multi-device approach using XGBoost with 1-minute window of aggregated features, achieved a 69.33%, 59,65% and 89,35% improvement in the FPR when compared to the single-device approach for computer, mobile applications and mobile sensors respectively. Finally, temporal information classified by a Long-Short Term Memory Network, allowed the identification of additional complex behaviour patterns.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2020.102168