Continuous Authentication of Smartphones Based on Application Usage
An empirical investigation of active/continuous authentication for smartphones is presented by exploiting users’ unique application usage data, i.e., distinct patterns of use, modeled by a Markovian process. Specifically, variations of hidden Markov models (HMMs) are evaluated for continuous user verification, and challenges due to the sparsity of session-wise data, an explosion of states, and handling unforeseen events in the test data are tackled. Unlike traditional approaches, the proposed formulation utilizes the complete app-usage information to achieve low latency. Through experimentation, empirical assessment of the impact of unforeseen events, i.e., unknown applications and unforeseen observations, on user verification is done via a modified edit-distance algorithm for sequence matching. It is found that for enhanced verification performance, unforeseen events should be considered. For validation, extensive experiments on two distinct datasets, namely, UMDAA-02 and Securacy, are performed. Using the marginally smoothed HMM a low equal error rate (EER) of 16.16% is reached for the Securacy dataset and the same method is found to be able to detect an intrusion within ~2.5 min of application use.