Towards Continuous Authentication Based On Mobile Messaging App Usage
Date: July 2014
Publication: Symposium on Usable Privacy and Security (SOUPS) 2014
Source 1: http://cups.cs.cmu.edu/soups/2014/posters/soups2014_posters-paper12.pdf
Abstract or Summary:
With the help of current messaging apps, files or location data can be exchanged in addition to traditional text messages in a convenient way. Thus, more sensitive data is stored in the apps and access of adversaries becomes a higher risk in the case the device gets lost or stolen. Current authentication mechanisms such as PINs or graphical passwords are circumvented too easily by shoulder-surfing or smudge-based attacks. Also, authentication mechanisms may often be turned off due to usability reasons, as frequent interaction requires authentication every time. Continuous authentication has been proposed as a way to protect the data by authenticating the legitimate use in a constant manner in the background based on interaction data. In this work, a framework for collecting natural touchscreen interaction data, which is built into an open-source messaging app, is described. Two studies were conducted to collect interaction data of legitimate users and adversaries. Preliminary results show that a distinction between legitimate users and adversaries is possible based on the touch gestures alone.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.