Ensemble Siamese Network (ESN) Using ECG Signals for Human Authentication in Smart Healthcare System.

Advancements in digital communications that permit remote patient visits and condition monitoring can be attributed to a revolution in digital healthcare systems. Continuous authentication based on contextual information offers a number of advantages over traditional authentication, including the ability to estimate the likelihood that the users are who they claim to be on an ongoing basis over the course of an entire session, making it a much more effective security measure for proactively regulating authorized access to sensitive data. Current authentication models that rely on machine learning have their shortcomings, such as the difficulty in enrolling new users to the system or model training sensitivity to imbalanced datasets. To address these issues, we propose using ECG signals, which are easily accessible in digital healthcare systems, for authentication through an Ensemble Siamese Network (ESN) that can handle small changes in ECG signals. Adding preprocessing for feature extraction to this model can result in superior results. We trained this model on ECG-ID and PTB benchmark datasets, achieving 93.6% and 96.8% accuracy and 1.76% and 1.69% equal error rates, respectively. The combination of data availability, simplicity, and robustness makes it an ideal choice for smart healthcare and telehealth.

Continuous Authentication against Collusion Attacks.

As mobile devices become more and more popular, users gain many conveniences. It has also made smartphone makers install new software and prebuilt hardware on their products, including many kinds of sensors. With improved storage and computing power, users also become accustomed to storing and interacting with personally sensitive information. Due to convenience and efficiency, mobile devices use gait authentication widely. In recent years, protecting the information security of mobile devices has become increasingly important. It has become a hot research area because smartphones are vulnerable to theft or unauthorized access. This paper proposes a novel attack model called a collusion attack. Firstly, we study the imitation attack in the general state and its results and propose and verify the feasibility of our attack. We propose a collusion attack model and train participants with quantified action specifications. The results demonstrate that our attack increases the attacker's false match rate only using an acceleration sensor in some systems sensor. Furthermore, we propose a multi-cycle defense model based on acceleration direction changes to improve the robustness of smartphone-based gait authentication methods against such attacks. Experimental results show that our defense model can significantly reduce the attacker's success rate.

Using Machine Learning for Dynamic Authentication in Telehealth: A Tutorial.

Telehealth systems have evolved into more prevalent services that can serve people in remote locations and at their homes via smart devices and 5G systems. Protecting the privacy and security of users is crucial in such online systems. Although there are many protocols to provide security through strong authentication systems, sophisticated IoT attacks are becoming more prevalent. Using machine learning to handle biometric information or physical layer features is key to addressing authentication problems for human and IoT devices, respectively. This tutorial discusses machine learning applications to propose robust authentication protocols. Since machine learning methods are trained based on hidden concepts in biometric and physical layer data, these dynamic authentication models can be more reliable than traditional methods. The main advantage of these methods is that the behavioral traits of humans and devices are tough to counterfeit. Furthermore, machine learning facilitates continuous and context-aware authentication.

Simulation Analysis and Comparison of New Hybrid TLI-µTESLA and Variant TESLA Protocols Using SHA-2 and SHA-3 Hash Functions.

The evolution of 5G and 6G networks has enhanced the ability of massive IoT devices to provide real-time monitoring and interaction with the surrounding environment. Despite recent advances, the necessary security services, such as immediate and continuous authentication, high scalability, and cybersecurity handling of IoT cannot be achieved in a single broadcast authentication protocol. This paper presents a new hybrid protocol called Hybrid Two-level µ-timed-efficient stream loss-tolerant authentication (Hybrid TLI-µTESLA) protocol, which maximizes the benefits of the previous TESLA protocol variants, including scalability support and immediate authentication of Multilevel-µTESLA protocol and continuous authentication with minimal computation overhead of enhanced Inf-TESLA protocol. The inclusion of three different keychains and checking criteria of the packets in the Hybrid TLI-µTESLA protocol enabled resistance against Masquerading, Modification, Man-in-the-Middle, Brute-force, and DoS attacks. A solution for the authentication problem in the first and last packets of the high-level and low-level keychains of the Multilevel-µTESLA protocol was also proposed. The simulation analysis was performed using Java, where we compared the Hybrid TLI-µTESLA protocol with other variants for time complexity and computation overhead at the sender and receiver sides. We also conducted a comparative analysis between two hash functions, SHA-2 and SHA-3, and assessed the feasibility of the proposed protocol in the forthcoming 6G technology. The results demonstrated the superiority of the proposed protocol over other variants in terms of immediate and continuous authentication, scalability, cybersecurity, lifetime, network performance, and compatibility with 5G and 6G IoT generations.

Hands-Free Authentication for Virtual Assistants with Trusted IoT Device and Machine Learning.

Virtual assistants, deployed on smartphone and smart speaker devices, enable hands-free financial transactions by voice commands. Even though these voice transactions are frictionless for end users, they are susceptible to typical attacks to authentication protocols (e.g., replay). Using traditional knowledge-based or possession-based authentication with additional invasive interactions raises users concerns regarding security and usefulness. State-of-the-art schemes for trusted devices with physical unclonable functions (PUF) have complex enrollment processes. We propose a scheme based on a challenge response protocol with a trusted Internet of Things (IoT) autonomous device for hands-free scenarios (i.e., with no additional user interaction), integrated with smart home behavior for continuous authentication. The protocol was validated with automatic formal security analysis. A proof of concept with websockets presented an average response time of 383 ms for mutual authentication using a 6-message protocol with a simple enrollment process. We performed hands-free activity recognition of a specific user, based on smart home testbed data from a 2-month period, obtaining an accuracy of 97% and a recall of 81%. Given the data minimization privacy principle, we could reduce the total number of smart home events time series from 7 to 5. When compared with existing invasive solutions, our non-invasive mechanism contributes to the efforts to enhance the usability of financial institutions' virtual assistants, while maintaining security and privacy.

WoX+: A Meta-Model-Driven Approach to Mine User Habits and Provide Continuous Authentication in the Smart City.

The literature is rich in techniques and methods to perform Continuous Authentication (CA) using biometric data, both physiological and behavioral. As a recent trend, less invasive methods such as the ones based on context-aware recognition allows the continuous identification of the user by retrieving device and app usage patterns. However, a still uncovered research topic is to extend the concepts of behavioral and context-aware biometric to take into account all the sensing data provided by the Internet of Things (IoT) and the smart city, in the shape of user habits. In this paper, we propose a meta-model-driven approach to mine user habits, by means of a combination of IoT data incoming from several sources such as smart mobility, smart metering, smart home, wearables and so on. Then, we use those habits to seamlessly authenticate users in real time all along the smart city when the same behavior occurs in different context and with different sensing technologies. Our model, which we called WoX+, allows the automatic extraction of user habits using a novel Artificial Intelligence (AI) technique focused on high-level concepts. The aim is to continuously authenticate the users using their habits as behavioral biometric, independently from the involved sensing hardware. To prove the effectiveness of WoX+ we organized a quantitative and qualitative evaluation in which 10 participants told us a spending habit they have involving the use of IoT. We chose the financial domain because it is ubiquitous, it is inherently multi-device, it is rich in time patterns, and most of all it requires a secure authentication. With the aim of extracting the requirement of such a system, we also asked the cohort how they expect WoX+ will use such habits to securely automatize payments and identify them in the smart city. We discovered that WoX+ satisfies most of the expected requirements, particularly in terms of unobtrusiveness of the solution, in contrast with the limitations observed in the existing studies. Finally, we used the responses given by the cohorts to generate synthetic data and train our novel AI block. Results show that the error in reconstructing the habits is acceptable: Mean Squared Error Percentage (MSEP) 0.04%.

Security, Privacy, and Usability in Continuous Authentication: A Survey.

Continuous authentication has been proposed as a possible approach for passive and seamless user authentication, using sensor data comprising biometric, behavioral, and context-oriented characteristics. Since these are personal data being transmitted and are outside the control of the user, this approach causes privacy issues. Continuous authentication has security challenges concerning poor matching rates and susceptibility of replay attacks. The security issues are mainly poor matching rates and the problems of replay attacks. In this survey, we present an overview of continuous authentication and comprehensively discusses its different modes, and issues that these modes have related to security, privacy, and usability. A comparison of privacy-preserving approaches dealing with the privacy issues is provided, and lastly recommendations for secure, privacy-preserving, and user-friendly continuous authentication.

Deep Learning Approaches for Continuous Authentication Based on Activity Patterns Using Mobile Sensing.

Smartphones as ubiquitous gadgets are rapidly becoming more intelligent and context-aware as sensing, networking, and processing capabilities advance. These devices provide users with a comprehensive platform to undertake activities such as socializing, communicating, sending and receiving e-mails, and storing and accessing personal data at any time and from any location. Nowadays, smartphones are used to store a multitude of private and sensitive data including bank account information, personal identifiers, account passwords and credit card information. Many users remain permanently signed in and, as a result, their mobile devices are vulnerable to security and privacy risks through assaults by criminals. Passcodes, PINs, pattern locks, facial verification, and fingerprint scans are all susceptible to various assaults including smudge attacks, side-channel attacks, and shoulder-surfing attacks. To solve these issues, this research introduces a new continuous authentication framework called DeepAuthen, which identifies smartphone users based on their physical activity patterns as measured by the accelerometer, gyroscope, and magnetometer sensors on their smartphone. We conducted a series of tests on user authentication using several deep learning classifiers, including our proposed deep learning network termed DeepConvLSTM on the three benchmark datasets UCI-HAR, WISDM-HARB and HMOG. Results demonstrated that combining various motion sensor data obtained the highest accuracy and energy efficiency ratio (EER) values for binary classification. We also conducted a thorough examination of the continuous authentication outcomes, and the results supported the efficacy of our framework.

S3: An AI-Enabled User Continuous Authentication for Smartphones Based on Sensors, Statistics and Speaker Information.

Continuous authentication systems have been proposed as a promising solution to authenticate users in smartphones in a non-intrusive way. However, current systems have important weaknesses related to the amount of data or time needed to build precise user profiles, together with high rates of false alerts. Voice is a powerful dimension for identifying subjects but its suitability and importance have not been deeply analyzed regarding its inclusion in continuous authentication systems. This work presents the S3 platform, an artificial intelligence-enabled continuous authentication system that combines data from sensors, applications statistics and voice to authenticate users in smartphones. Experiments have tested the relevance of each kind of data, explored different strategies to combine them, and determined how many days of training are needed to obtain good enough profiles. Results showed that voice is much more relevant than sensors and applications statistics when building a precise authenticating system, and the combination of individual models was the best strategy. Finally, the S3 platform reached a good performance with only five days of use available for training the users' profiles. As an additional contribution, a dataset with 21 volunteers interacting freely with their smartphones for more than sixty days has been created and made available to the community.

A Framework for Continuous Authentication Based on Touch Dynamics Biometrics for Mobile Banking Applications.

As smart devices have become commonly used to access internet banking applications, these devices constitute appealing targets for fraudsters. Impersonation attacks are an essential concern for internet banking providers. Therefore, user authentication countermeasures based on biometrics, whether physiological or behavioral, have been developed, including those based on touch dynamics biometrics. These measures take into account the unique behavior of a person when interacting with touchscreen devices, thus hindering identitification fraud because it is hard to impersonate natural user behaviors. Behavioral biometric measures also balance security and usability because they are important for human interfaces, thus requiring a measurement process that may be transparent to the user. This paper proposes an improvement to Biotouch, a supervised Machine Learning-based framework for continuous user authentication. The contributions of the proposal comprise the utilization of multiple scopes to create more resilient reasoning models and their respective datasets for the improved Biotouch framework. Another contribution highlighted is the testing of these models to evaluate the imposter False Acceptance Error (FAR). This proposal also improves the flow of data and computation within the improved framework. An evaluation of the multiple scope model proposed provides results between 90.68% and 97.05% for the harmonic mean between recall and precision (F1 Score). The percentages of unduly authenticated imposters and errors of legitimate user rejection (Equal Error Rate (EER)) are between 9.85% and 1.88% for static verification, login, user dynamics, and post-login. These results indicate the feasibility of the continuous multiple-scope authentication framework proposed as an effective layer of security for banking applications, eventually operating jointly with conventional measures such as password-based authentication.

Privacy-Preserving Sensor-Based Continuous Authentication and User Profiling: A Review.

Ensuring the confidentiality of private data stored in our technological devices is a fundamental aspect for protecting our personal and professional information. Authentication procedures are among the main methods used to achieve this protection and, typically, are implemented only when accessing the device. Nevertheless, in many occasions it is necessary to carry out user authentication in a continuous manner to guarantee an allowed use of the device while protecting authentication data. In this work, we first review the state of the art of Continuous Authentication (CA), User Profiling (UP), and related biometric databases. Secondly, we summarize the privacy-preserving methods employed to protect the security of sensor-based data used to conduct user authentication, and some practical examples of their utilization. The analysis of the literature of these topics reveals the importance of sensor-based data to protect personal and professional information, as well as the need for exploring a combination of more biometric features with privacy-preserving approaches.

PALOT: Profiling and Authenticating Users Leveraging Internet of Things.

Continuous authentication was introduced to propose novel mechanisms to validate users' identity and address the problems and limitations exposed by traditional techniques. However, this methodology poses several challenges that remain unsolved. In this paper, we present a novel framework, PALOT, that leverages IoT to provide context-aware, continuous and non-intrusive authentication and authorization services. To this end, we propose a formal information system model based on ontologies, representing the main source of knowledge of our framework. Furthermore, to recognize users' behavioral patterns within the IoT ecosystem, we introduced a new module called "confidence manager". The module is then integrated into an extended version of our early framework architecture, IoTCAF, which is consequently adapted to include the above-mentioned component. Exhaustive experiments demonstrated the efficacy, feasibility and scalability of the proposed solution.

A Lightweight Continuous Authentication Protocol for the Internet of Things.

Modern societies are moving toward an information-oriented environment. To gather and utilize information around people's modern life, tiny devices with all kinds of sensing devices and various sizes of gateways need to be deployed and connected with each other through the Internet or proxy-based wireless sensor networks (WSNs). Within this kind of Internet of Things (IoT) environment, how to authenticate each other between two communicating devices is a fundamental security issue. As a lot of IoT devices are powered by batteries and they need to transmit sensed data periodically, it is necessary for IoT devices to adopt a lightweight authentication protocol to reduce their energy consumption when a device wants to authenticate and transmit data to its targeted peer. In this paper, a lightweight continuous authentication protocol for sensing devices and gateway devices in general IoT environments is introduced. The concept of valid authentication time period is proposed to enhance robustness of authentication between IoT devices. To construct the proposed lightweight continuous authentication protocol, token technique and dynamic features of IoT devices are adopted in order to reach the design goals: the reduction of time consumption for consecutive authentications and energy saving for authenticating devices through by reducing the computation complexity during session establishment of continuous authentication. Security analysis is conducted to evaluate security strength of the proposed protocol. In addition, performance analysis has shown the proposed protocol is a strong competitor among existing protocols for device-to-device authentication in IoT environments.

Secure and Usable User-in-a-Context Continuous Authentication in Smartphones Leveraging Non-Assisted Sensors.

Smartphones are equipped with a set of sensors that describe the environment (e.g., GPS, noise, etc.) and their current status and usage (e.g., battery consumption, accelerometer readings, etc.). Several works have already addressed how to leverage such data for user-in-a-context continuous authentication, i.e., determining if the porting user is the authorized one and resides in his regular physical environment. This can be useful for an early reaction against robbery or impersonation. However, most previous works depend on assisted sensors, i.e., they rely upon immutable elements (e.g., cell towers, satellites, magnetism), thus being ineffective in their absence. Moreover, they focus on accuracy aspects, neglecting usability ones. For this purpose, in this paper, we explore the use of four non-assisted sensors, namely battery, transmitted data, ambient light and noise. Our approach leverages data stream mining techniques and offers a tunable security-usability trade-off. We assess the accuracy, immediacy, usability and readiness of the proposal. Results on 50 users over 24 months show that battery readings alone achieve 97.05% of accuracy and 81.35% for audio, light and battery all together. Moreover, when usability is at stake, robbery is detected in 100 s for the case of battery and in 250 s when audio, light and battery are applied. Remarkably, these figures are obtained with moderate training and storage needs, thus making the approach suitable for current devices.

Improving the Security and QoE in Mobile Devices through an Intelligent and Adaptive Continuous Authentication System.

Continuous authentication systems for mobile devices focus on identifying users according to their behaviour patterns when they interact with mobile devices. Among the benefits provided by these systems, we highlight the enhancement of the system security, having permanently authenticated the users; and the improvement of the users' quality of experience, minimising the use of authentication credentials. Despite the benefits of these systems, they also have open challenges such as the authentication accuracy and the adaptability to new users' behaviours. Continuous authentication systems should manage these challenges without forgetting critical aspects of mobile devices such as battery consumption, computational limitations and response time. With the goal of improving these previous challenges, the main contribution of this paper is the design and implementation of an intelligent and adaptive continuous authentication system for mobile devices. The proposed system enables the real-time users' authentication by considering statistical information from applications, sensors and Machine Learning techniques based on anomaly detection. Several experiments demonstrated the accuracy, adaptability, and resources consumption of our solution. Finally, its utility is validated through the design and implementation of an online bank application as proof of concept, which allows users to perform different actions according to their authentication level.

Performance counter dataset for behavioural biometric purpose.

In the pursuit of advancing research in continuous user authentication, we introduce COUNT-OS-I and COUNT-OS-II, two distinct performance counter datasets from Windows operating systems, crafted to bolster research in continuous user authentication. Encompassing data from 63 computers and users, the datasets offer rich, real-world insights for developing and evaluating authentication models. COUNT-OS-I spans 26 users in an IT department, capturing 159 attributes across diverse hardware and software environments over 26 h on average per user. COUNT-OS-II, on the other hand, encompasses 37 users with identical system configurations, recording 218 attributes per sample over a 48-hour period. Both datasets utilize pseudonymization to safeguard user identities while maintaining data integrity and statistical accuracy. The well-balanced nature of the data, confirmed by comprehensive statistical analysis, positions these datasets as reliable benchmarks for the continuous user authentication domain. Through their release, we aim to empower the development of robust, real-world applicable authentication models, contributing to enhanced system security and user trust.