RiskCog: Unobtrusive real-time user authentication on mobile devices in the wild

Tiantian Zhu, Zhengyang Qu, Haitao Xu, Jingsi Zhang, Zhengyue Shao, Yan Chen, Sandeep Prabhakar, Jianfeng Yang

Research output: Contribution to journalArticlepeer-review

5 Scopus citations

Abstract

Recent hardware advances have led to the development and consumerization of mobile devices, which mainly include smartphones and various wearable devices. To protect the privacy of users, various user authentication mechanisms have been proposed. In particular, biometrics has been widely used for multi-factor authentication. However, biometrics-based authentication mechanisms usually require costly sensors deployed on devices, and rely on explicit user input and Internet connection for performing user authentication. In this article, we propose a system, called RiskCog, which can authenticate the ownership of mobile devices unobtrusively and in a real-time manner by adopting a learning-based approach. Unlike previous studies on user authentication, for cross-platform deployment, maximum user privacy protection, and unobtrusive authentication, RiskCog only relies on those widely available and privacy-insensitive motion sensors to capture the data related to the users' daily device usage. It requires no users' explicit input and has no requirement on the users' motion state or the device placement. RiskCog is also usable in the environment without Internet access by performing offline user identity verification. We conduct comprehensive experiments on smartphones and smartwatches, which show that RiskCog can authenticate device users rapidly and with high accuracy.

Original languageEnglish (US)
Article number8611185
Pages (from-to)466-483
Number of pages18
JournalIEEE Transactions on Mobile Computing
Volume19
Issue number2
DOIs
StatePublished - Feb 1 2020

Keywords

  • User authentication
  • implicit authentication
  • mobile device
  • user privacy

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'RiskCog: Unobtrusive real-time user authentication on mobile devices in the wild'. Together they form a unique fingerprint.

Cite this