A Smartwatch-Based Continuous Authentication System

Thumbnail Image
Gholami, Arash
Continuous Authentication , Authentication , Smartwatch-Based , Smartwatch , Hand-movement patterns , Handmovement , Handmovement Patterns , CNN , IF , OCSVM , KNN , LOF , Convolutional Neural Network , Siamese , Siamese CNN , Siamese Convolutional Neural Network , Learnt features , Learned features , Deep features , access control , User authentication , Equal error rate , CNN architectures , EER , Inertial sensor , Accelerometer , Gyroscope , one-class classifier
Conventional authentication methods can protect unattended devices if they are logged-out; however, an abandoned logged-in device remains vulnerable to unauthorized access. Inactivity timeouts can help to mitigate this threat; however, a long timeout increases susceptibility to attack, whereas a short timeout sacrifices usability. Continuous authentication aims to continuously and non-intrusively check if the user currently using the system is the same user who initially logged-in. If so, the user remains logged-in; otherwise, the user is logged-out. We design and evaluate a comprehensive data processing pipeline for smartwatch-based continuous authentication systems using inertial sensor data. Our pipeline uses a Siamese convolutional neural network to learn and extract features and one-class classifiers to classify authentication attempts as either legitimate or malicious. To the best of our knowledge, our work is the first to use learned features and one-class classifiers for continuous authentication with smartwatch inertial sensor data. We compare our learned features with hand-picked features proposed in prior work; we show that our learned features achieve lower equal-error rate (EER) for shorter-duration time windows and achieve similar EER for longer-duration time windows. These results indicate that learned features are a promising approach to detect malicious authentication attempts more accurately in a shorter time window. Based on the insights gained from our work, we make recommendations for future work that would help improve the performance and real-world feasibility of smartwatch-based continuous authentication systems.
External DOI