Research On Continuous Authentication Of Mobile Terminals Based On Behavior-Awareness

With the development of mobile Internet and artificial intelligence technology,it has become increasingly important to securely and efficiently authenticate users.The existing authentication methods,such as password-,fingerprint-and face-based authentication,are one-time authentication methods.These methods do not reauthenticate the user after the user has passed the initial authentication.They cannot provide continuous authentication during user operations.Therefore,it is highly desirable to enhance user's security with a continuous authentication method to authenticate the user during the user operations.The continuous authentication method can continuously authenticate the user and solve the above problems.In this thesis,two continuous authentication methods are proposed.To meet the online authentication requirements of users,we propose LSTM-based Continuous Authentication,called LongAuth.To meet the requirements of offline authentication,we propose a continuous authentication method based on frequent pattern mining,called MineAuth.LongAuth authenticate the user by learning the user's the characteristics of motion behavior.Accelerometers and gyroscopes record the user's movements when the user is using the phone.Firstly,we analyze the user's motion behavior,and extract the behavior characteristics from the recorded data.Then,we use the LSTM(Long Short Term Memory)to learn the characteristics of the user's motion behavior.In order to improve the stability and accuracy of LongAuth,we introduce the observation window mechanism to determine the user identity by comprehensively judging the legitimacy of multiple behaviors in the observation window.Finally,we designed an experiment to evaluate LongAuth's performance.For the improvement of the LongAuth's stability and accuracy,we introduce the observation window mechanism to determine the user's identity by comprehensively judging the legitimacy of multiple behaviors in the same observation window.Finally,we design a series of experiments to evaluate LongAuth's performance.The experimental results show that LongAuth can achieve users' identity authentication within 26 seconds,the authentication accuracy rate is 97.3%,the recall rate is 98.9%,and F1-score reaches 98.1%.MineAuth is a continuous authentication method based on the user's daily interactive behaviours with his/her smartphone.Firstly,we explore the applicability of interactive data captured by the smartphone to continuous authentication.We construct interactive behavior from data captured by the smartphone.We then propose a weighting-based time period frequent pattern mining algorithm called WeMine to mine user's frequent patterns to characterize the habits of mobile users.We build a single classification behavior classifier using the outlier detection method and the user's behavioral habits.Finally,for the improvement of the MineAuth's stability and accuracy,we introduce the observation window mechanism to determine the user's identity by comprehensively judging the legitimacy of multiple behaviors in the same observation window.The entire process occurs on the smartphone,which provides better privacy guarantees to users.Additionally,we also evaluate the performance of our approach.The evaluation results show that the precision rate of the MineAuth system is 98.2%,the recall rate is 98.5% and the F1-score is 98.3%.In addition,MineAuth can effectively resist adversaries' imitation behavior attacks.In terms of resource consumption,MineAuth's computing overhead,storage overhead,and power consumption are negligible for current smartphones.