AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms

by   Hossein Fereidooni, et al.

Mobile applications are widely used for online services sharing a large amount of personal data online. One-time authentication techniques such as passwords and physiological biometrics (e.g., fingerprint, face, and iris) have their own advantages but also disadvantages since they can be stolen or emulated, and do not prevent access to the underlying device, once it is unlocked. To address these challenges, complementary authentication systems based on behavioural biometrics have emerged. The goal is to continuously profile users based on their interaction with the mobile device. However, existing behavioural authentication schemes are not (i) user-agnostic meaning that they cannot dynamically handle changes in the user-base without model re-training, or (ii) do not scale well to authenticate millions of users. In this paper, we present AuthentiSense, a user-agnostic, scalable, and efficient behavioural biometrics authentication system that enables continuous authentication and utilizes only motion patterns (i.e., accelerometer, gyroscope and magnetometer data) while users interact with mobile apps. Our approach requires neither manually engineered features nor a significant amount of data for model training. We leverage a few-shot learning technique, called Siamese network, to authenticate users at a large scale. We perform a systematic measurement study and report the impact of the parameters such as interaction time needed for authentication and n-shot verification (comparison with enrollment samples) at the recognition stage. Remarkably, AuthentiSense achieves high accuracy of up to 97 a few-shot fashion that requires only a few behaviour samples per user (3 shots). Our approach accurately authenticates users only after 1 second of user interaction. For AuthentiSense, we report a FAR and FRR of 0.023 and 0.057, respectively.


page 1

page 3


mPSAuth: Privacy-Preserving and Scalable Authentication for Mobile Web Applications

As nowadays most web application requests originate from mobile devices,...

Motion ID: Human Authentication Approach

We introduce a novel approach to user authentication called Motion ID. T...

Actions Speak Louder Than (Pass)words: Passive Authentication of Smartphone Users via Deep Temporal Features

Prevailing user authentication schemes on smartphones rely on explicit u...

Dynamic Multi-level Privilege Control in Behavior-based Implicit Authentication Systems Leveraging Mobile Devices

Implicit authentication (IA) is gaining popularity over recent years due...

EchoIA: Implicit Authentication System Based on User Feedback

Implicit authentication (IA) transparently authenticates users by utiliz...

One-shot lip-based biometric authentication: extending behavioral features with authentication phrase information

Lip-based biometric authentication (LBBA) is an authentication method ba...

To augment or not to augment? Data augmentation in user identification based on motion sensors

Nowadays, commonly-used authentication systems for mobile device users, ...

Please sign up or login with your details

Forgot password? Click here to reset