An Intelligent Risk-Based Authentication Approach for Smartphone Applications

An Intelligent Risk-Based Authentication Approach for Smartphone Applications

연구 분야: Analysis

학회: 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC)

Authentication on smartphones is performed at the initial entry, mostly utilizing knowledge-based authentication methods which are fast and convenient. Device-based authentication does not guarantee that the user will utilize effective authentication credentials as many users choose less robust and easy to remember credentials. To reduce the explicit intervention from users and to increase user adoption, implicit authentication should be present. This approach authenticates users based on temporal access patterns to mobile devices, such as modeling the access behavior to applications. This paper presents an intelligent risk-based authentication method based on temporal access behavior to general applications on mobile devices. The risk score is calculated from the modeled pattern on the mobile device and the approach minimizes the required credentials based on the quality of this pattern. The evaluation of the presented method is achieved on real datasets and the results show the effectiveness of the approach. Importantly, the approach requires only a short period of application usage to build the model in addition to adapting to new app usage. Ultimately, the results show that the approach provides a low false acceptance rate and false rejection rate, which enhances its usability.