Publication: AuthCODE: a privacy-preserving and multi-device continuous authentication architecture based on machine and deep learning
Authors
Sánchez Sánchez, Pedro Miguel ; Fernández Maimó, Lorenzo ; Martínez Pérez, Gregorio ; Huertas Celdrán, Alberto
item.page.secondaryauthor
item.page.director
Publisher
Elsevier
publication.page.editor
publication.page.department
DOI
https://doi.org/10.1016/j.cose.2020.102168
item.page.type
info:eu-repo/semantics/article
Description
Abstract
The authentication field is evolving towards mechanisms able to keep users continuously authenticated without the necessity of remembering or possessing authentication credentials. While relevant limitations of continuous authentication systems -high false positives rates (FPR) and difficulty to detect behaviour changes- have been demonstrated in realistic single-device scenarios, the Internet of Things and next generation of mobile networks (5G) are enabling novel multi-device scenarios, such as Smart Offices, that can help to reduce or address the previous challenges. The paper at hand presents an AI-based, privacy-preserving and multi-device continuous authentication architecture called AuthCODE. AuthCODE seeks to improve single-device solutions limitations by considering additional behavioural data coming from heterogeneous devices. AuthCODE proposes a novel set of features that combine the interactions of users with different devices. The features relevance has been demonstrated in a realistic Smart Office scenario with several users that interact with their mobile devices and personal computers. In this context, a set of single- and multi-device datasets have been generated and published to compare the performance of our multi-device solution against single-device approaches. A pool of experiments with machine and deep learning classifiers measured the impact of time in authentication accuracy and improved the results of single-device approaches by considering multi-device behaviour profiles. Specifically, the multi-device approach using XGBoost with 1-minute window of aggregated features, achieved a 69.33%, 59,65% and 89,35% improvement in the FPR when compared to the single-device approach for computer, mobile applications and mobile sensors respectively. Finally, temporal information classified by a Long-Short Term Memory Network, allowed the identification of additional complex behaviour patterns.
publication.page.subject
Citation
Computers & Security, 2021, Vol. 103 : 102168
item.page.embargo
Collections
Ir a Estadísticas
Sin licencia Creative Commons.