Litcius/Paper detail

MAUTH: Continuous User Authentication Based on Subtle Intrinsic Muscular Tremors

Yi Jiang, Hongzi Zhu, Shan Chang, Bo Li

2023IEEE Transactions on Mobile Computing11 citationsDOI

Abstract

Continuous authentication is viewed to be increasingly important for mobile devices, which store a wide range of private data and sensitive information of users. Traditional continuous authentication methods need user inputs (e.g. typing, sliding). In this work, we present MAUTH, a zero-effect continuous authentication scheme for mobile devices. With the built-in motion sensors on commercial off-the-shelf (COTS) devices, MAUTH can continuously extract, classify and verify the unique tremor features of users on how their body intrinsically shakes during the normal use of such devices. As a result, it is extremely difficult if not impossible to reproduce the same set of tremors as individuals differ in their muscle development. We implement MAUTH as a software on Android-based smartphones, which demonstrates that MAUTH is light-weight and unobtrusive to its users. We conduct extensive real-world experiments and trace-driven simulations in controlled and uncontrolled environments on 21 volunteers. The results show that MAUTH is difficult to counterfeit and achieves a low average false positive rate (FPR) of 6.73% under real-world spoofing attacks. Moreover, MAUTH is comfortable to use and can achieve a low average false negative rate (FNR) of 2.2% during uncontrolled and continuous usage of devices, leveraging isolation-forest-based classifiers trained with only 40 training samples.

Topics & Concepts

Computer scienceSpoofing attackMobile deviceAuthentication (law)Android (operating system)BiometricsSoftwareReal-time computingComputer securityHuman–computer interactionEmbedded systemOperating systemUser Authentication and Security SystemsAdvanced Malware Detection Techniques