Active Authentication on Mobile Devices via Stylometry, Application Usage, Web Browsing, and GPS Location

Lex Fridman, Steven Weber, Rachel Greenstadt, Moshe Kam

Research output: Contribution to journalArticle

61 Scopus citations

Abstract

Active authentication is the problem of continuously verifying the identity of a person based on behavioral aspects of their interaction with a computing device. In this paper, we collect and analyze behavioral biometrics data from 200 subjects, each using their personal Android mobile device for a period of at least 30 days. This data set is novel in the context of active authentication due to its size, duration, number of modalities, and absence of restrictions on tracked activity. The geographical colocation of the subjects in the study is representative of a large closed-world environment such as an organization where the unauthorized user of a device is likely to be an insider threat: coming from within the organization. We consider four biometric modalities: 1) text entered via soft keyboard, 2) applications used, 3) websites visited, and 4) physical location of the device as determined from GPS (when outdoors) or WiFi (when indoors). We implement and test a classifier for each modality and organize the classifiers as a parallel binary decision fusion architecture. We are able to characterize the performance of the system with respect to intruder detection time and to quantify the contribution of each modality to the overall performance.

Original languageEnglish (US)
Article number7444124
Pages (from-to)513-521
Number of pages9
JournalIEEE Systems Journal
Volume11
Issue number2
DOIs
StatePublished - Jun 2017

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Electrical and Electronic Engineering
  • Control and Systems Engineering
  • Computer Networks and Communications
  • Computer Science Applications

Keywords

  • Active authentication
  • GPS location
  • application usage patterns
  • behavioral biometrics
  • decision fusion
  • insider threat
  • intrusion detection
  • multimodal biometric systems
  • stylometry
  • web browsing behavior

Fingerprint Dive into the research topics of 'Active Authentication on Mobile Devices via Stylometry, Application Usage, Web Browsing, and GPS Location'. Together they form a unique fingerprint.

  • Cite this