The passwords for unlocking the mobile devices are relatively simple,easier to be stolen,which causes serious potential security problems.An important research direction of identity authentication is to establish user...The passwords for unlocking the mobile devices are relatively simple,easier to be stolen,which causes serious potential security problems.An important research direction of identity authentication is to establish user behavior models to authenticate users.In this paper,a mobile terminal APP browsing behavioral authentication system architecture which synthesizes multiple factors is designed.This architecture is suitable for users using the mobile terminal APP in the daily life.The architecture includes data acquisition,data processing,feature extraction,and sub model training.We can use this architecture for continuous authentication when the user uses APP at the mobile terminal.展开更多
User authentication is one of the critical concerns of information security.Users tend to use strong textual passwords,but remembering complex passwords is hard as they often write it on a piece of paper or save it in...User authentication is one of the critical concerns of information security.Users tend to use strong textual passwords,but remembering complex passwords is hard as they often write it on a piece of paper or save it in their mobile phones.Textual passwords are slightly unprotected and are easily attackable.The attacks include dictionary,shoulder surfing,and brute force.Graphical passwords overcome the shortcomings of textual passwords and are designed to aid memorability and ease of use.This paper proposes a Process-based Pattern Authentication(PPA)system for Internet of Things(IoT)devices that does not require a server to maintain a static password of the login user.The server stores user’s information,which they provide at the time of registration,i.e.,the R-code and the symbol,but the P-code,i.e.,the actual password,will change with every login attempt of users.In this scheme,users may draw a pattern on the basis of calculation from the P-code and Rcode in the PPA pattern,and can authenticate themselves using their touch dynamic behaviors through Artificial Neural Network(ANN).The ANN is trained on touch behaviors of legitimate users reporting superior performance over the existing methods.For experimental purposes,PPA is implemented as a prototype on a computer system to carry out experiments for the evaluation in terms of memorability and usability.The experiments show that the system has an effect of 5.03%of the False Rejection Rate(FRR)and 4.36%of the False Acceptance Rate(FAR),respectively.展开更多
The issues of both system security and safety can be dissected integrally from the perspective of behavioral appropriateness. That is, a system that is secure or safe can be judged by whether the behavior of certain a...The issues of both system security and safety can be dissected integrally from the perspective of behavioral appropriateness. That is, a system that is secure or safe can be judged by whether the behavior of certain agent(s) is appropriate or not. Specifically, a so-called appropriate behavior involves the right agent performing the right actions at the right time under certain conditions. Then, according to different levels of appropriateness and degrees of custodies, behavioral authentication can be graded into three levels, i.e., the authentication of behavioral Identity, Conformity, and Benignity. In a broad sense, for the security and safety issue, behavioral authentication is not only an innovative and promising method due to its inherent advantages but also a critical and fundamental problem due to the ubiquity of behavior generation and the necessity of behavior regulation in any system. By this classification, this review provides a comprehensive examination of the background and preliminaries of behavioral authentication. It further summarizes existing research based on their respective focus areas and characteristics. The challenges confronted by current behavioral authentication methods are analyzed, and potential research directions are discussed to promote the diversified and integrated development of behavioral authentication.展开更多
基金partially supported by the National Key Research and Development Program of China(2018YFB2100801)。
文摘The passwords for unlocking the mobile devices are relatively simple,easier to be stolen,which causes serious potential security problems.An important research direction of identity authentication is to establish user behavior models to authenticate users.In this paper,a mobile terminal APP browsing behavioral authentication system architecture which synthesizes multiple factors is designed.This architecture is suitable for users using the mobile terminal APP in the daily life.The architecture includes data acquisition,data processing,feature extraction,and sub model training.We can use this architecture for continuous authentication when the user uses APP at the mobile terminal.
基金This work was supported by the Deanship of Scientific Research at King Saud University,Riyadh,Saudi Arabia,through the Vice Deanship of Scientific Research Chairs:Chair of Cyber Security.
文摘User authentication is one of the critical concerns of information security.Users tend to use strong textual passwords,but remembering complex passwords is hard as they often write it on a piece of paper or save it in their mobile phones.Textual passwords are slightly unprotected and are easily attackable.The attacks include dictionary,shoulder surfing,and brute force.Graphical passwords overcome the shortcomings of textual passwords and are designed to aid memorability and ease of use.This paper proposes a Process-based Pattern Authentication(PPA)system for Internet of Things(IoT)devices that does not require a server to maintain a static password of the login user.The server stores user’s information,which they provide at the time of registration,i.e.,the R-code and the symbol,but the P-code,i.e.,the actual password,will change with every login attempt of users.In this scheme,users may draw a pattern on the basis of calculation from the P-code and Rcode in the PPA pattern,and can authenticate themselves using their touch dynamic behaviors through Artificial Neural Network(ANN).The ANN is trained on touch behaviors of legitimate users reporting superior performance over the existing methods.For experimental purposes,PPA is implemented as a prototype on a computer system to carry out experiments for the evaluation in terms of memorability and usability.The experiments show that the system has an effect of 5.03%of the False Rejection Rate(FRR)and 4.36%of the False Acceptance Rate(FAR),respectively.
基金supported in part by the National Natural Science Foundation of China (NSFC) under Grant 62372328in part by the National Key Research and Development Program of China under Grant 2022YFB4501704+3 种基金in part by the Program of Shanghai Academic Research Leader under Grant 22XD1423700in part by the Shanghai Science and Technology Innovation Action Plan Project under Grant 22511100700in part by the Leadership Project under the Oriental Talent Programin part by the Open Fund of Key Laboratory of Industrial Internet of Things and Networked Control,Ministry of Education,under Grant 2021FF08
文摘The issues of both system security and safety can be dissected integrally from the perspective of behavioral appropriateness. That is, a system that is secure or safe can be judged by whether the behavior of certain agent(s) is appropriate or not. Specifically, a so-called appropriate behavior involves the right agent performing the right actions at the right time under certain conditions. Then, according to different levels of appropriateness and degrees of custodies, behavioral authentication can be graded into three levels, i.e., the authentication of behavioral Identity, Conformity, and Benignity. In a broad sense, for the security and safety issue, behavioral authentication is not only an innovative and promising method due to its inherent advantages but also a critical and fundamental problem due to the ubiquity of behavior generation and the necessity of behavior regulation in any system. By this classification, this review provides a comprehensive examination of the background and preliminaries of behavioral authentication. It further summarizes existing research based on their respective focus areas and characteristics. The challenges confronted by current behavioral authentication methods are analyzed, and potential research directions are discussed to promote the diversified and integrated development of behavioral authentication.
