Continuous Authentication of Smartphones Based on Application Usage

An empirical investigation of active/continuous authentication for smartphones is presented by exploiting users’ unique application usage data, i.e., distinct patterns of use, modeled by a Markovian process. Specifically, variations of hidden Markov models (HMMs) are evaluated for continuous user verification, and challenges due to the sparsity of session-wise data, an explosion of states, and handling unforeseen events in the test data are tackled. Unlike traditional approaches, the proposed formulation utilizes the complete app-usage information to achieve low latency. Through experimentation, empirical assessment of the impact of unforeseen events, i.e., unknown applications and unforeseen observations, on user verification is done via a modified edit-distance algorithm for sequence matching. It is found that for enhanced verification performance, unforeseen events should be considered. For validation, extensive experiments on two distinct datasets, namely, UMDAA-02 and Securacy, are performed. Using the marginally smoothed HMM a low equal error rate (EER) of 16.16% is reached for the Securacy dataset and the same method is found to be able to detect an intrusion within ~2.5 min of application use.

Mahbub Upal, Komulainen Jukka, Ferreira Denzil, Chellappa Rama

Publication type:
A1 Journal article – refereed

Place of publication:

Active authentication, application usage-based verification, hidden Markov models, marginal smoothing, Markov chains, sequence matching, unforeseen observation handling


Full citation:
U. Mahbub, J. Komulainen, D. Ferreira and R. Chellappa, “Continuous Authentication of Smartphones Based on Application Usage,” in IEEE Transactions on Biometrics, Behavior, and Identity Science, vol. 1, no. 3, pp. 165-180, July 2019. doi: 10.1109/TBIOM.2019.2918307


Read the publication here: