Implicit authentication method for smartphone users based on rank aggregation and random forest

El-Soud, MWA, Gaber, T ORCID: https://orcid.org/0000-0003-4065-4191, AlFayez, F and Eltoukhy, MM 2020, 'Implicit authentication method for smartphone users based on rank aggregation and random forest' , Alexandria Engineering Journal . (In Press)

[img] PDF - Accepted Version
Restricted to Repository staff only

Download (1MB) | Request a copy

Abstract

Currently, the smartphone devices have become an essential part of our daily activities. Smartphone’ users run various essential applications (such as banking and e-health Apps), which contains very confidential information (e.g., credit card number and its PIN). Typically, the smartphone’s user authentication is achieved using mechanisms (password or security pattern) to verify the user identity. Although these mechanisms are cheap, simple, and quick enough for frequent logins, they are vulnerable to attacks such as shoulder surfing or smudge attack. This problem could be addressed by authenticating the users using their behaviour (i.e., touch behaviour) while using their smartphones. Such behaviours include finger’s pressure, size, and pressure time while tapping keys. Selecting features (from these behaviours) could play an important role in the authentication process’s performance. This paper aims to propose an efficient authentication method providing an implicit authentication for smartphone users while not imposing an additional cost of special hardware and addressing the limited smartphone capabilities. We first investigated feature selection techniques from the filter and wrapper approaches and then used the best one to propose our implicit authentication method. The random forest classifier is used to evaluate these techniques. It is also used to achieve the classification task in our authentication method. Using a public dataset, the experimental results showed that the filter-based technique (i.e., rank aggregation) is the best feature selection to build an implicit authentication method for the smartphone environment. It showed accuracy results around 97.80% using only 25 features out of 53 features (i.e., require less mobile resources (memory and processing power) to authenticate users. At the same time, the results showed that our method has less error rate: 2.03 FAR, 0.04 FRR, and 1.04 ERR, comparing to the related work. These promising results would be used to develop a mobile application that allows implicit authentication of legitimate owners while avoiding the traditional authentication problems and using fewer smartphone resources.

Item Type: Article
Schools: Schools > School of Computing, Science and Engineering
Journal or Publication Title: Alexandria Engineering Journal
Publisher: Elsevier
ISSN: 1110-0168
Funders: College of Science at Zulfi City, Majmaah University, Saudi Arabia
Depositing User: Dr. Tarek Gaber
Date Deposited: 02 Sep 2020 07:42
Last Modified: 02 Sep 2020 07:42
URI: http://usir.salford.ac.uk/id/eprint/58121

Actions (login required)

Edit record (repository staff only) Edit record (repository staff only)

Downloads

Downloads per month over past year