AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning

AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning

The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to det...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 2021-04, Vol.103, p.102168, Article 102168
Hauptverfasser: Sánchez Sánchez, Pedro Miguel, Fernández Maimó, Lorenzo, Huertas Celdrán, Alberto, Martínez Pérez, Gregorio
Format: Artikel
Sprache:eng
Schlagworte:
Applications programs
Authentication
Computer architecture
Continuous authentication
Deep learning
Electronic devices
Internet of Things
Machine learning
Mobile computing
Multi-device behaviour
Personal computers
Privacy
Smart office
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page 102168
container_title Computers & security
container_volume 103
creator Sánchez Sánchez, Pedro Miguel
Fernández Maimó, Lorenzo
Huertas Celdrán, Alberto
Martínez Pérez, Gregorio
description The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to detect behaviour changes- have been demonstrated in realistic single-device scenarios, the Internet of Things and next generation of mobile networks (5G) are enabling novel multi-device scenarios, such as Smart Offices, that can help to reduce or address the previous challenges. The paper at hand presents an AI-based, privacy-preserving and multi-device continuous authentication architecture called AuthCODE. AuthCODE seeks to improve single-device solutions limitations by considering additional behavioural data coming from heterogeneous devices. AuthCODE proposes a novel set of features that combine the interactions of users with different devices. The features relevance has been demonstrated in a realistic Smart Office scenario with several users that interact with their mobile devices and personal computers. In this context, a set of single- and multi-device datasets have been generated and published to compare the performance of our multi-device solution against single-device approaches. A pool of experiments with machine and deep learning classifiers measured the impact of time in authentication accuracy and improved the results of single-device approaches by considering multi-device behaviour profiles. Specifically, the multi-device approach using XGBoost with 1-minute window of aggregated features, achieved a 69.33%, 59,65% and 89,35% improvement in the FPR when compared to the single-device approach for computer, mobile applications and mobile sensors respectively. Finally, temporal information classified by a Long-Short Term Memory Network, allowed the identification of additional complex behaviour patterns.
doi_str_mv 10.1016/j.cose.2020.102168
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2503172248</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0167404820304417</els_id><sourcerecordid>2503172248</sourcerecordid><originalsourceid>FETCH-LOGICAL-c328t-b607c502c6fe58d1b36729cd23acac8abf7c42724626f2b04d02ffc1fda67753</originalsourceid><addsrcrecordid>eNp9kM1LAzEQxYMoWD_-AU8Bz1uT2W0SxUupnyB48R6yk1lNabM12S30vze1nj0N83jvzfBj7EqKqRRS3Syn2GeagoC9AFKZIzaRRkOlQJhjNikmXTWiMafsLOelEFIrYyZsNx-Hr8X7w-Mdn_NNCluHu2qTKFPahvjJXfR8Pa6GUHnaBiSOfRxCHPsxc1eiVDZ0Q-gjdwm_wkA4jIl46zJ5XtS1K2qk3yJPtOErcimW6gt20rlVpsu_ec4-nh4_Fi_V2_vz62L-VmENZqhaJTTOBKDqaGa8bGul4RY91A4dGtd2GhvQ0ChQHbSi8QK6DmXnndJ6Vp-z60PtJvXfI-XBLvsxxXLRwkzUUgM0prjg4MLU55yos4XF2qWdlcLuCdul3RO2e8L2QLiE7g8hKu9vAyWbMVBE8iEVDNb34b_4Dz0Zhlo</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2503172248</pqid></control><display><type>article</type><title>AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning</title><source>Access via ScienceDirect (Elsevier)</source><creator>Sánchez Sánchez, Pedro Miguel ; Fernández Maimó, Lorenzo ; Huertas Celdrán, Alberto ; Martínez Pérez, Gregorio</creator><creatorcontrib>Sánchez Sánchez, Pedro Miguel ; Fernández Maimó, Lorenzo ; Huertas Celdrán, Alberto ; Martínez Pérez, Gregorio</creatorcontrib><description>The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to detect behaviour changes- have been demonstrated in realistic single-device scenarios, the Internet of Things and next generation of mobile networks (5G) are enabling novel multi-device scenarios, such as Smart Offices, that can help to reduce or address the previous challenges. The paper at hand presents an AI-based, privacy-preserving and multi-device continuous authentication architecture called AuthCODE. AuthCODE seeks to improve single-device solutions limitations by considering additional behavioural data coming from heterogeneous devices. AuthCODE proposes a novel set of features that combine the interactions of users with different devices. The features relevance has been demonstrated in a realistic Smart Office scenario with several users that interact with their mobile devices and personal computers. In this context, a set of single- and multi-device datasets have been generated and published to compare the performance of our multi-device solution against single-device approaches. A pool of experiments with machine and deep learning classifiers measured the impact of time in authentication accuracy and improved the results of single-device approaches by considering multi-device behaviour profiles. Specifically, the multi-device approach using XGBoost with 1-minute window of aggregated features, achieved a 69.33%, 59,65% and 89,35% improvement in the FPR when compared to the single-device approach for computer, mobile applications and mobile sensors respectively. Finally, temporal information classified by a Long-Short Term Memory Network, allowed the identification of additional complex behaviour patterns.</description><identifier>ISSN: 0167-4048</identifier><identifier>EISSN: 1872-6208</identifier><identifier>DOI: 10.1016/j.cose.2020.102168</identifier><language>eng</language><publisher>Amsterdam: Elsevier Ltd</publisher><subject>Applications programs ; Authentication ; Computer architecture ; Continuous authentication ; Deep learning ; Electronic devices ; Internet of Things ; Machine learning ; Mobile computing ; Multi-device behaviour ; Personal computers ; Privacy ; Smart office</subject><ispartof>Computers &amp; security, 2021-04, Vol.103, p.102168, Article 102168</ispartof><rights>2021 Elsevier Ltd</rights><rights>Copyright Elsevier Sequoia S.A. Apr 2021</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c328t-b607c502c6fe58d1b36729cd23acac8abf7c42724626f2b04d02ffc1fda67753</citedby><cites>FETCH-LOGICAL-c328t-b607c502c6fe58d1b36729cd23acac8abf7c42724626f2b04d02ffc1fda67753</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://dx.doi.org/10.1016/j.cose.2020.102168$$EHTML$$P50$$Gelsevier$$H</linktohtml><link.rule.ids>314,780,784,3550,27924,27925,45995</link.rule.ids></links><search><creatorcontrib>Sánchez Sánchez, Pedro Miguel</creatorcontrib><creatorcontrib>Fernández Maimó, Lorenzo</creatorcontrib><creatorcontrib>Huertas Celdrán, Alberto</creatorcontrib><creatorcontrib>Martínez Pérez, Gregorio</creatorcontrib><title>AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning</title><title>Computers &amp; security</title><description>The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to detect behaviour changes- have been demonstrated in realistic single-device scenarios, the Internet of Things and next generation of mobile networks (5G) are enabling novel multi-device scenarios, such as Smart Offices, that can help to reduce or address the previous challenges. The paper at hand presents an AI-based, privacy-preserving and multi-device continuous authentication architecture called AuthCODE. AuthCODE seeks to improve single-device solutions limitations by considering additional behavioural data coming from heterogeneous devices. AuthCODE proposes a novel set of features that combine the interactions of users with different devices. The features relevance has been demonstrated in a realistic Smart Office scenario with several users that interact with their mobile devices and personal computers. In this context, a set of single- and multi-device datasets have been generated and published to compare the performance of our multi-device solution against single-device approaches. A pool of experiments with machine and deep learning classifiers measured the impact of time in authentication accuracy and improved the results of single-device approaches by considering multi-device behaviour profiles. Specifically, the multi-device approach using XGBoost with 1-minute window of aggregated features, achieved a 69.33%, 59,65% and 89,35% improvement in the FPR when compared to the single-device approach for computer, mobile applications and mobile sensors respectively. Finally, temporal information classified by a Long-Short Term Memory Network, allowed the identification of additional complex behaviour patterns.</description><subject>Applications programs</subject><subject>Authentication</subject><subject>Computer architecture</subject><subject>Continuous authentication</subject><subject>Deep learning</subject><subject>Electronic devices</subject><subject>Internet of Things</subject><subject>Machine learning</subject><subject>Mobile computing</subject><subject>Multi-device behaviour</subject><subject>Personal computers</subject><subject>Privacy</subject><subject>Smart office</subject><issn>0167-4048</issn><issn>1872-6208</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><recordid>eNp9kM1LAzEQxYMoWD_-AU8Bz1uT2W0SxUupnyB48R6yk1lNabM12S30vze1nj0N83jvzfBj7EqKqRRS3Syn2GeagoC9AFKZIzaRRkOlQJhjNikmXTWiMafsLOelEFIrYyZsNx-Hr8X7w-Mdn_NNCluHu2qTKFPahvjJXfR8Pa6GUHnaBiSOfRxCHPsxc1eiVDZ0Q-gjdwm_wkA4jIl46zJ5XtS1K2qk3yJPtOErcimW6gt20rlVpsu_ec4-nh4_Fi_V2_vz62L-VmENZqhaJTTOBKDqaGa8bGul4RY91A4dGtd2GhvQ0ChQHbSi8QK6DmXnndJ6Vp-z60PtJvXfI-XBLvsxxXLRwkzUUgM0prjg4MLU55yos4XF2qWdlcLuCdul3RO2e8L2QLiE7g8hKu9vAyWbMVBE8iEVDNb34b_4Dz0Zhlo</recordid><startdate>202104</startdate><enddate>202104</enddate><creator>Sánchez Sánchez, Pedro Miguel</creator><creator>Fernández Maimó, Lorenzo</creator><creator>Huertas Celdrán, Alberto</creator><creator>Martínez Pérez, Gregorio</creator><general>Elsevier Ltd</general><general>Elsevier Sequoia S.A</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>K7.</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>202104</creationdate><title>AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning</title><author>Sánchez Sánchez, Pedro Miguel ; Fernández Maimó, Lorenzo ; Huertas Celdrán, Alberto ; Martínez Pérez, Gregorio</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c328t-b607c502c6fe58d1b36729cd23acac8abf7c42724626f2b04d02ffc1fda67753</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Applications programs</topic><topic>Authentication</topic><topic>Computer architecture</topic><topic>Continuous authentication</topic><topic>Deep learning</topic><topic>Electronic devices</topic><topic>Internet of Things</topic><topic>Machine learning</topic><topic>Mobile computing</topic><topic>Multi-device behaviour</topic><topic>Personal computers</topic><topic>Privacy</topic><topic>Smart office</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Sánchez Sánchez, Pedro Miguel</creatorcontrib><creatorcontrib>Fernández Maimó, Lorenzo</creatorcontrib><creatorcontrib>Huertas Celdrán, Alberto</creatorcontrib><creatorcontrib>Martínez Pérez, Gregorio</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Criminal Justice (Alumni)</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Computers &amp; security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Sánchez Sánchez, Pedro Miguel</au><au>Fernández Maimó, Lorenzo</au><au>Huertas Celdrán, Alberto</au><au>Martínez Pérez, Gregorio</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning</atitle><jtitle>Computers &amp; security</jtitle><date>2021-04</date><risdate>2021</risdate><volume>103</volume><spage>102168</spage><pages>102168-</pages><artnum>102168</artnum><issn>0167-4048</issn><eissn>1872-6208</eissn><abstract>The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to detect behaviour changes- have been demonstrated in realistic single-device scenarios, the Internet of Things and next generation of mobile networks (5G) are enabling novel multi-device scenarios, such as Smart Offices, that can help to reduce or address the previous challenges. The paper at hand presents an AI-based, privacy-preserving and multi-device continuous authentication architecture called AuthCODE. AuthCODE seeks to improve single-device solutions limitations by considering additional behavioural data coming from heterogeneous devices. AuthCODE proposes a novel set of features that combine the interactions of users with different devices. The features relevance has been demonstrated in a realistic Smart Office scenario with several users that interact with their mobile devices and personal computers. In this context, a set of single- and multi-device datasets have been generated and published to compare the performance of our multi-device solution against single-device approaches. A pool of experiments with machine and deep learning classifiers measured the impact of time in authentication accuracy and improved the results of single-device approaches by considering multi-device behaviour profiles. Specifically, the multi-device approach using XGBoost with 1-minute window of aggregated features, achieved a 69.33%, 59,65% and 89,35% improvement in the FPR when compared to the single-device approach for computer, mobile applications and mobile sensors respectively. Finally, temporal information classified by a Long-Short Term Memory Network, allowed the identification of additional complex behaviour patterns.</abstract><cop>Amsterdam</cop><pub>Elsevier Ltd</pub><doi>10.1016/j.cose.2020.102168</doi></addata></record>
fulltext fulltext
identifier ISSN: 0167-4048
ispartof Computers & security, 2021-04, Vol.103, p.102168, Article 102168
issn 0167-4048
1872-6208
language eng
recordid cdi_proquest_journals_2503172248
source Access via ScienceDirect (Elsevier)
subjects Applications programs
Authentication
Computer architecture
Continuous authentication
Deep learning
Electronic devices
Internet of Things
Machine learning
Mobile computing
Multi-device behaviour
Personal computers
Privacy
Smart office
title AuthCODE: A privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-19T02%3A44%3A41IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=AuthCODE:%20A%20privacy-preserving%20and%20multi-device%20continuous%20authentication%20architecture%20based%20on%20machine%20and%20deep%20learning&rft.jtitle=Computers%20&%20security&rft.au=S%C3%A1nchez%20S%C3%A1nchez,%20Pedro%20Miguel&rft.date=2021-04&rft.volume=103&rft.spage=102168&rft.pages=102168-&rft.artnum=102168&rft.issn=0167-4048&rft.eissn=1872-6208&rft_id=info:doi/10.1016/j.cose.2020.102168&rft_dat=%3Cproquest_cross%3E2503172248%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2503172248&rft_id=info:pmid/&rft_els_id=S0167404820304417&rfr_iscdi=true