Eylem Seç
Modeling User Behavior on Smartphones
Başlık:
Modeling User Behavior on Smartphones
Yazar:
Murmuria, Rahul, author. (orcid)0000-0001-6327-9609
ISBN:
9780438107908
Yazar Ek Girişi:
Fiziksel Tanımlama:
1 electronic resource (108 pages)
Genel Not:
Source: Dissertation Abstracts International, Volume: 79-11(E), Section: B.
Advisors: Angelos Stavrou; Daniel Barbara Committee members: Jens-Peter Kaps; Duminda Wijesekera.
Özet:
Nowadays, we routinely use our smartphones as a gateway to vital information. Person- ally Identifiable Information and other information including financial transactions, medical records, social connections, and daily activities are currently stored in our mobile devices. While smartphones are shipped with biometric sensors such as fingerprint, retina, and heart- beat scanners, which can act as an access control mechanism to the device, their application poses new security risks and it does not provide continuous authentication. Any adversary who is able to breach the initial authentication screen can gain full access to sensitive data and device functionality through application and can cause significant harm to the device owner.
Assessing the users identity continuously during active use of applications and data access can raise the bar in terms of how we authenticate to mobile devices. This dissertation focuses on the continuous behavioral modeling of users for active authentication leveraging novel machine learning techniques. To that end, we leverage measurements from touchscreen and movement sensors already present in mobile smartphones to detect behavior deviations from the expected user profiles. We show when such deviations are a product of an actual imposter attack or a drift in the user behavioral profile caused by temporary or permanent changes in physical or mental condition of the user, for instance, a progressing knee condition, or temporary intoxication.
To achieve that, we introduce a trust score scale which tracks the user behavior and provides a score between 0 100 enabling us to track and absorb any localized false positives and reduce the false negatives because access is not binary. Thus, in contrast with related research, our method does not need an explicit decision boundary between the genuine user and the imposter. Users are expected to occasionally deviate from their habits and lose access to some protected data intermittently, but regain access without explicitly being locked out. To establish on-device data security, the user can implement a security policy where access can be granted to specific applications and files according to the level of sensitivity and the ongoing trust score. The produced trust score can be shared with 3rd party applications that need to detect when users are behaving uncharacteristically. These applications include banking and health care, where other competing solutions involve exporting sensitive data to multiple remote entities.
The performance of the proposed behavioral modeling techniques has been verified on data collected from over 250 users across 3 datasets collected under different conditions. The evaluation using our real-world, unrestricted mobile use data shows that our models are unbiased and generalize to real-world applications. This dissertation is also the first to propose a solution to mitigate population statistics-driven attacks where behavior common to most users is used as the attack vector. The findings of this research suggest that our methods are stronger than other proposed solutions in any practical scenario and can be used in commercial off-the-self mobile devices.
Notlar:
School code: 0883
Tüzel Kişi Ek Girişi:
Mevcut:*
Yer Numarası | Demirbaş Numarası | Shelf Location | Lokasyon / Statüsü / İade Tarihi |
---|---|---|---|
XX(688585.1) | 688585-1001 | Proquest E-Tez Koleksiyonu | Arıyor... |
On Order
Liste seç
Bunu varsayılan liste yap.
Öğeler başarıyla eklendi
Öğeler eklenirken hata oldu. Lütfen tekrar deneyiniz.
:
Select An Item
Data usage warning: You will receive one text message for each title you selected.
Standard text messaging rates apply.