Abstract
People own and carry an increasing number of ubiquitous mobile devices, such as smartphones, tablets, and notebooks. Being small and mobile, those devices have a high propensity to become lost or stolen. Since mobile devices provide access to their owners' digital lives, strong authentication is vital to protect sensitive information and services against unauthorized access. However, at least one in three devices is unprotected, with inconvenience of traditional authentication being the paramount reason. We present the concept of CORMORANT, an approach to significantly reduce the manual burden of mobile user verification through risk-aware, multi-modal biometric, cross-device authentication. Transparent behavioral and physiological biometrics like gait, voice, face, and keystroke dynamics are used to continuously evaluate the user's identity without explicit interaction. The required level of confidence in the user's identity is dynamically adjusted based on the risk of unauthorized access derived from signals like location, time of day and nearby devices. Authentication results are shared securely with trusted devices to facilitate cross-device authentication for co-located devices. Conducting a large-scale agent-based simulation of 4 000 users based on more than 720 000 days of real-world device usage traces and 6.7 million simulated robberies and thefts sourced from police reports, we found the proposed approach is able to reduce the frequency of password entries required on smartphones by 97.82% whilst simultaneously reducing the risk of unauthorized access in the event of a crime by 97.72%, compared to conventional knowledge-based authentication.
Supplemental Material
Available for Download
Supplemental movie, appendix, image and software files for, CORMORANT: Ubiquitous Risk-Aware Multi-Modal Biometric Authentication across Mobile Devices
- Yomna Abdelrahman, Mohamed Khamis, Stefan Schneegaß, and Florian Alt. 2017. Stay Cool! Understanding Thermal Attacks on Mobile-based User Authentication. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (CHI '17). Google ScholarDigital Library
- Yusuf Albayram, Mohammad Maifi Hasan Khan, Theodore Jensen, and Nhan Nguyen. 2017. "...better to use a lock screen than to worry about saving a few seconds of time": Effect of Fear Appeal in the Context of Smartphone Locking Behavior. In SOUPS. 49--63. Google ScholarDigital Library
- Sayedul Aman, Haowen Jiang, Cuyler Quint, Kumar Yelamarthi, and Ahmed Abdelgawad. 2016. Reliability Evaluation of iBeacon for Micro- Localization. In Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON). 1--5.Google Scholar
- Panagiotis Andriotis, Theo Tryfonas, and George Oikonomou. 2014. Complexity Metrics and User Strength Perceptions of the Pattern-Lock Graphical Authentication Method. In Proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust - Volume 8533. Springer-Verlag New York, Inc., New York, NY, USA, 115--126. Google ScholarDigital Library
- Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, and Jonathan M. Smith. 2010. Smudge Attacks on Smartphone Touch Screens. Proceedings of the 4th USENIX conference on Offensive technologies (2010), 1--10. Google ScholarDigital Library
- C. Bergamini, L.S. Oliveira, A.L. Koerich, and R. Sabourin. 2009. Combining different biometric traits with one-class classification. Signal Processing 89, 11 (Nov. 2009), 2117--2127. Google ScholarDigital Library
- Khalid Zaman Bijon, Ram Krishnan, and Ravi Sandhu. 2013. A framework for risk-aware role based access control. 2013 IEEE Conference on Communications and Network Security (CNS) (2013), 462--469.Google ScholarCross Ref
- J. Bonneau. 2012. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. In 2012 IEEE Symposium on Security and Privacy. 538--552. Google ScholarDigital Library
- Jagmohan Chauhan, Jathushan Rajasegaran, Suranga Seneviratne, Archan Misra, Aruna Seneviratne, and Youngki Lee. 2018. Performance Characterization of Deep Learning Models for Breathing-based Authentication on Resource-Constrained Devices. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 2, 4, Article 158 (Dec. 2018), 24 pages. Google ScholarDigital Library
- Richard Chow, Philippe J. P. Golle, and Jessica N. Staddon. 2012. Adjusting security level of mobile device based on presence or absence of other mobile devices nearby.Google Scholar
- Richard Chow, Markus Jakobsson, Ryusuke Masuoka, Jesus Molina, Yuan Niu, Elaine Shi, and Zhexuan Song. 2010. Authentication in the Clouds: A Framework and its Application to Mobile Users. ACM workshop on Cloud computing security (2010), 1--6. Google ScholarDigital Library
- Consumer Reports. 2014. Smart phone thefts rose to 3.1 million in 2013. https://www.consumerreports.org/cro/news/2014/04/smart-phone-thefts-rose-to-3-1-million-last-year/index.htmGoogle Scholar
- Heather Crawford, Karen Renaud, and Tim Storer. 2013. A framework for continuous, transparent mobile device authentication. Computers and Security 39, PART B (2013), 127--136. Google ScholarDigital Library
- David Crouse, Hu Han, Deepak Chandra, Brandon Barbello, and Anil K. Jain. 2015. Continuous authentication of mobile user: Fusion of face image and inertial Measurement Unit data. In 2015 International Conference on Biometrics (ICB). 135--142.Google Scholar
- Sarat C. Dass, Karthik Nandakumar, and Anil K. Jain. 2005. A principled approach to score level fusion in multimodal biometric systems. In International conference on audio-and video-based biometric person authentication. Springer, 1049--1058. Google ScholarDigital Library
- New York City Police Department. 2016. NYPD Complaint Data Historic dataset. https://data.cityofnewyork.us/Public-Safety/NYPD-Complaint-Data-Historic/qgea-i56iGoogle Scholar
- Nguyen Ngoc Diep, Sungyoung Lee, Young-Koo Lee, and HeeJo Lee. 2007. Contextual Risk-Based Access Control. Security and Management (2007).Google Scholar
- Serge Egelman, Sakshi Jain, Rebecca S Portnoff, Kerwell Liao, Sunny Consolvo, and David Wagner. 2014. Are You Ready to Lock? Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (2014), 750--761. Google ScholarDigital Library
- A. Annis Fathima, S. Vasuhi, N. T. Babu, V. Vaidehi, and Teena Mary Treesa. 2014. Fusion Framework for Multimodal Biometric Person Authentication System. IAENG International Journal of Computer Science 41, 1 (2014).Google Scholar
- Marcus Felson and Erika Poulsen. 2003. Simple indicators of crime by time of day. International Journal of Forecasting 19 (2003), 595--601.Google ScholarCross Ref
- J. Fierrez-Aguilar, J. Ortega-Garcia, D. Garcia-Romero, and J. Gonzalez-Rodriguez. 2003. A Comparative Evaluation of Fusion Strategies for Multimodal Biometric Verification. In Audio- and Video-Based Biometric Person Authentication, Gerhard Goos, Juris Hartmanis, Jan van Leeuwen, Josef Kittler, and Mark S. Nixon (Eds.). Vol. 2688. Springer Berlin Heidelberg, Berlin, Heidelberg, 830--837. http://link.springer.com/10.1007/3-540-44887-X_96 Google ScholarDigital Library
- Rainhard D. Findling, Michael Hölzl, and René Mayrhofer. 2018. Mobile Match-on-Card Authentication Using Offline-Simplified Models with Gait and Face Biometrics. IEEE Transactions on Mobile Computing 17, 11 (Nov 2018), 2578--2590.Google ScholarDigital Library
- Rainhard D. Findling, Muhammad Muaaz, Daniel Hintze, and René Mayrhofer. 2017. ShakeUnlock: Securely Transfer Authentication States Between Mobile Devices. IEEE Transactions on Mobile Computing 16, 4 (April 2017), 1163--1175. Google ScholarDigital Library
- Suneet Narula Garg, Renu Vig, and Savita Gupta. 2017. A Survey on Different Levels of Fusion in Multimodal Biometrics. Indian Journal of Science and Technology 10, 44 (2017).Google Scholar
- Dawud Gordon, John Tanios, and Oleksii Levkovskyi. 2019. Deep Learning for Behavior-Based, Invisible Multi-Factor Authentication. https://patents.justia.com/patent/20190044942Google Scholar
- Nazirah Abd Hamid, Suhailan Safei, Siti Dhalila Mohd Satar, Suriayati Chuprat, and Rabiah Ahmad. 2011. Mouse movement behavioral biometric systems. In 2011 International Conference on User Science and Engineering (i-USEr). 206--211.Google ScholarCross Ref
- Marian Harbach, Alexander De Luca, Nathan Malkin, and Serge Egelman. 2016. Keep on Lockin' in the Free World: A Multi-National Comparison of Smartphone Locking. Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems - CHI '16 (2016), 4823--4827. Google ScholarDigital Library
- Marian Harbach, Emanuel Von Zezschwitz, Andreas Fichtner, Alexander De Luca, and Matthew Smith. 2014. It's a Hard Lock Life: A Field Study of Smartphone (Un) Locking Behavior and Risk Perception. Symposium on Usable Privacy and Security (SOUPS) (2014), 213--230. Google ScholarDigital Library
- Avinatan Hassidim, Yossi Matias, Moti Yung, and Alon Ziv. 2016. Ephemeral Identifiers: Mitigating Tracking & Spoofing Threats to BLE Beacons. (2016), 1--11.Google Scholar
- Eiji Hayashi, Sauvik Das, Shahriyar Amini, Jason I. Hong, and Ian Oakley. 2013. CASA: context-aware scalable authentication. In Symposium on Usable Privacy and Security (SOUPS). Google ScholarDigital Library
- Eiji Hayashi and Jason Hong. 2011. A diary study of password usage in daily life. Proceedings of the 2011 annual conference on Human factors in computing systems - CHI '11 (2011), 2627. Google ScholarDigital Library
- Mingxing He, Shi-Jinn Horng, Pingzhi Fan, Ray-Shine Run, Rong-Jian Chen, Jui-Lin Lai, Muhammad Khurram Khan, and Kevin Octavius Sentosa. 2010. Performance evaluation of score level fusion in multimodal biometric systems. Pattern Recognition 43, 5 (May 2010), 1789--1800. Google ScholarDigital Library
- Daniel Hintze. 2015. Towards transparent multi-device-authentication. In UbiComp/ISWC'15 Adjunct. ACM, 435--440. Google ScholarDigital Library
- Daniel Hintze, Rainhard D. Findling, Muhammad Muaaz, Eckhard Koch, and René Mayrhofer. 2015. CORMORANT: Towards Continuous Risk-Aware Multi-Modal Cross-Device Authentication. UbiComp 2015 Adjunct Publication (2015). Google ScholarDigital Library
- Daniel Hintze, Philipp Hintze, Rainhard D. Findling, and René Mayrhofer. 2017. A Large-Scale, Long-Term Analysis of Mobile Device Usage Characteristics. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 1, 2 (2017), 1--21. Google ScholarDigital Library
- Daniel Hintze, Muhammad Muaaz, Rainhard D. Findling, Sebastian Scholz, Eckhard Koch, and René Mayrhofer. 2015. Confidence and Risk Estimation Plugins for Multi-Modal Authentication on Mobile Devices using CORMORANT. In Proceedings of MoMM 2015. 384--388. Google ScholarDigital Library
- Daniel Hintze and Andrew Rice. 2016. Picky: Efficient and Reproducible Sharing of Large Datasets Using Merkle-Trees. 2016 IEEE 24th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS) (2016), 30--38.Google Scholar
- Daniel Hintze, Sebastian Scholz, Eckhard Koch, and René Mayrhofer. 2016. Location-based Risk Assessment for Mobile Authentication. In Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct. Google ScholarDigital Library
- Christopher George Hocking. 2014. Authentication Aura. Dissertation. Plymouth University.Google Scholar
- Christopher G. Hocking, Steven M. Furnell, Nathan L. Clarke, and Paul L. Reynolds. 2011. Authentication Aura - A distributed approach to user authentication. Information Assurance and Security 6, 2 (2011).Google Scholar
- Adam Hurkala and Jaroslaw Hurkala. 2014. Architecture of Context-Risk-Aware Authentication System for Web Environments. ICIEIS' 2014 (2014), 219--228.Google Scholar
- Markus Jakobsson, Elaine Shi, Philippe Golle, and Richard Chow. 2009. Implicit authentication for mobile devices. HotSec'09 (2009). Google ScholarDigital Library
- Jack A. Jones. 2007. An Introduction to Factor Analysis of Information Risk (FAIR). http://www.riskmanagementinsight.com/media/docs/FAIR{_}introduction.pdfGoogle Scholar
- Philipp Kapfer. 2016. PhonyKeyboard: Sensor-enhanced Keystroke Dynamics Authentication on Mobile Devices. Master Thesis. Johannes Kepler University Linz.Google Scholar
- Amy K. Karlson, A. J. Brush, and Stuart Schechter. 2009. Can I Borrow Your Phone? Understanding Concerns When Sharing Mobile Phones. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (2009), 1647--1650. http://dl.acm.org/citation.cfm?id=1518953 Google ScholarDigital Library
- P. Kartik, R. V. S. S. Vara Prasad, and S. R. Mahadeva Prasanna. 2008. Noise robust multimodal biometric person authentication system using face, speech and signature features. In 2008 Annual IEEE India Conference, Vol. 1. 23--27.Google Scholar
- Hassan Khan, Aaron Atwater, and Urs Hengartner. 2014. Itus: An Implicit Authentication Framework for Android. In Proceedings of the 20th annual international conference on Mobile computing and networking (2014), 507--518. Google ScholarDigital Library
- Dong Ju Kim, Kwang Woo Chung, and Kwang Seok Hong. 2010. Person Authentication using Face, Teeth and Voice Modalities for Mobile Device Security. IEEE Transactions on Consumer Electronics 56, 4 (2010), 2678--2685. Google ScholarDigital Library
- Donald E. Maurer and John P. Baker. 2008. Fusing multimodal biometrics with quality estimates via a Bayesian belief network. Pattern Recognition 41, 3 (March 2008), 821--832. Google ScholarDigital Library
- René Mayrhofer, Jeffrey Vander Stoep, Chad Brubaker, and Nick Kralevich. 2019. The Android Platform Security Model. CoRR abs/1904.05572 (2019). arXiv:1904.05572 http://arxiv.org/abs/1904.05572Google Scholar
- Matthias R Mehl, Simine Vazire, Nairán Ramírez-Esparza, Richard B. Slatcher, and James W. Pennebaker. 2007. Are women really more talkative than men? Science 317, 5834 (6 7 2007), 82.Google Scholar
- Muhammad Muaaz and Rene Mayrhofer. 2014. Orientation Independent Cell Phone Based Gait Authentication. Proceedings of MoMM 2014 (2014). Google ScholarDigital Library
- M. Muaaz and R. Mayrhofer. 2017. Smartphone-Based Gait Recognition: From Authentication to Imitation. IEEE Transactions on Mobile Computing 16, 11 (Nov 2017), 3209--3221.Google ScholarCross Ref
- Ildar Muslukhov, Y Boshmaf, Cynthia Kuo, Jonathan Lester, and K Beznosov. 2013. Know Your Enemy: The Risk of Unauthorized Access in Smartphones by Insiders. Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services (MobileHCI '13) (2013), 271--280. Google ScholarDigital Library
- Karthik Nandakumar, Yi Chen, Sarat C. Dass, and Anil Jain. 2008. Likelihood ratio-based biometric score fusion. IEEE transactions on pattern analysis and machine intelligence 30, 2 (2008), 342--347. Google ScholarDigital Library
- New York State Department of Labor. 2018. Local Area Unemployment Statistics. (2018).Google Scholar
- Claudia Nickel. 2012. Accelerometer-based Biometric Gait Recognition for Authentication on Smartphones. Ph.D. Dissertation. TU Darmstadt.Google Scholar
- N. Poh and J. Kittler. 2012. A Unified Framework for Biometric Expert Fusion Incorporating Quality Measures. IEEE Transactions on Pattern Analysis and Machine Intelligence 34, 1 (Jan. 2012), 3--18. Google ScholarDigital Library
- Douglas A. Reynolds, Thomas F. Quatieri, and Robert B. Dunn. 2000. Speaker Verification Using Adapted Gaussian Mixture Models. Digital Signal Processing 10, 1 (2000), 19--41. Google ScholarDigital Library
- Oriana Riva, Chuan Qin, Karin Strauss, and Dimitrios Lymberopoulos. 2011. Progressive Authentication: Deciding When to Authenticate on Mobile Phones. Proceedings of the 21st USENIX Security Symposium (2011), 1--16. Google ScholarDigital Library
- Arun Ross and Anil K Jain. 2004. Multimodal Biometrics: an Overview. Signal Processing September (2004), 1221--1224. https://doi.org/citeulike-article-id:460352Google Scholar
- P. S. Sanjekar and J. B. Patil. 2013. An Overview of Multimodal Biometrics. Signal & Image Processing (SIPIJ) 4, 1 (2013), 57--64.Google ScholarCross Ref
- S. Shekhar, V. M. Patel, N. M. Nasrabadi, and R. Chellappa. 2014. Joint Sparse Representation for Robust Multimodal Biometrics Recognition. IEEE Transactions on Pattern Analysis and Machine Intelligence 36, 1 (Jan 2014), 113--126. Google ScholarDigital Library
- Hiew Moi Sim, Hishammuddin Asmuni, Rohayanti Hassan, and Razib M Othman. 2014. Multimodal biometrics: Weighted score level fusion based on non-ideal iris and face images. Expert Systems with Applications 41, 11 (2014), 5390--5404.Google ScholarCross Ref
- Adam Skillen, David Barrera, and Paul C. van Oorschot. 2013. Deadbolt. Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices - SPSM '13 (2013), 3--14. Google ScholarDigital Library
- Juan Soto. 1999. Statistical testing of random number generators. In Proceedings of the 22nd National Information Systems Security Conference, Vol. 10. NIST Gaithersburg, MD, 12.Google Scholar
- Frank Stajano. 2011. Pico: No more passwords! Lecture Notes in Computer Science 7114 LNCS (2011), 49--81. Google ScholarDigital Library
- Jiayao Tan, Xiaoliang Wang, Cam-Tu Nguyen, and Yu Shi. 2018. SilentKey: A New Authentication Framework through Ultrasonic-based Lip Reading. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 2 (2018), 1--18. Google ScholarDigital Library
- Nils Ole Tippenhauer, Heinrich Luecken, Marc Kuhn, and Srdjan Capkun. 2015. UWB Rapid-bit-exchange System for Distance Bounding. In Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec '15). ACM, New York, NY, USA, Article 2, 12 pages. Google ScholarDigital Library
- Netanya Tomer Eden and Boaz Avigad. 2012. Location Based Authentication System.Google Scholar
- Issa Traore, Isaac Woungang, Mohammad S. Obaidat, Youssef Nakkabi, and Iris Lai. 2012. Combining Mouse and Keystroke Dynamics Biometrics for Risk-Based Authentication in Web Environments. 2012 Fourth International Conference on Digital Home (2012), 138--145. Google ScholarDigital Library
- P. Tresadern, T. F. Cootes, N. Poh, P. Matejka, A. Hadid, Christophe Lévy, C. McCool, and S. Marcel. 2013. Mobile Biometrics: Combined Face and Voice Verification for a Mobile Platform. IEEE Pervasive Computing 12, 01 (2013), 79--87. Google ScholarDigital Library
- Catrine Tudor-Locke, William D. Johnson, and Peter T. Katzmarzyk. 2009. Accelerometer-determined steps per day inus adults. Medicine and Science in Sports and Exercise (2009).Google Scholar
- Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, and Thorsten Holz. 2013. Quantifying the Security of Graphical Passwords: The Case of Android Unlock Patterns. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS '13). ACM, New York, NY, USA, 161--172. Google ScholarDigital Library
- United Nations Office on Drugs and Crime. 2018. Crime and Criminal Justice Statistics. https://data.unodc.orgGoogle Scholar
- U.S. Census Bureau. 2013. Census Bureau Reports 1.6 Million Workers Commute into Manhattan Each Day. (2013). https://www.census.gov/newsroom/press-releases/2013/cb13-r17.htmlGoogle Scholar
- U.S. Census Bureau. 2018. Annual Estimates of the Resident Population: April 1, 2010 to July 1, 2017. (2018).Google Scholar
- Alex Varshavsky, Adin Scannell, Anthony LaMarca, and Eyal de Lara. 2007. Amigo: Proximity-Based Authentication of Mobile Devices. In UbiComp 2007: Ubiquitous Computing. Berlin, Heidelberg, 253--270. Google ScholarDigital Library
- Emanuel von Zezschwitz, Alexander De Luca, Philipp Janssen, and Heinrich Hussmann. 2015. Easy to Draw, but Hard to Trace?: On the Observability of Grid-based (Un)Lock Patterns. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 2339--2342. Google ScholarDigital Library
- Emanuel von Zezschwitz, Paul Dunphy, and Alexander De Luca. 2013. Patterns in the Wild: A Field Study of the Usability of Pattern and PIN-based Authentication on Mobile Devices. (2013), 261--270. Google ScholarDigital Library
- Daniel T. Wagner, Andrew Rice, and Alastair R. Beresford. 2013. Device Analyzer: Large-scale mobile data collection. In Big Data Analytics workshop, ACM Sigmetrics 2013.Google Scholar
- Daniel T. Wagner, Andrew Rice, and Alastair R. Beresford. 2013. Device Analyzer: Understanding smartphone usage. In 10th International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services.Google Scholar
- F. Wang and J. Han. 2009. Multimodal biometric authentication based on score level fusion using support vector machine. Opto-Electronics Review 17, 1 (Jan. 2009).Google ScholarCross Ref
- Lei Wang, Kang Huang, Ke Sun, Wei Wang, Chen Tian, Lei Xie, and Qing Gu. 2018. Unlock with Your Heart: Heartbeat-based Authentication on Commercial Mobile Phones. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 2, 3, Article 140 (Sept. 2018), 22 pages. Google ScholarDigital Library
- Yunhong Wang, Tieniu Tan, and Anil K. Jain. 2003. Combining Face and Iris Biometrics for Identity Verification. In Proceedings of the 4th International Conference on Audio- and Video-based Biometric Person Authentication (AVBPA'03). Springer-Verlag, Berlin, Heidelberg, 805--813. http://dl.acm.org/citation.cfm?id=1762222.1762327 Google ScholarDigital Library
- Christopher K. Wikle and L. Mark Berliner. 2007. A Bayesian tutorial for data assimilation. Physica D: Nonlinear Phenomena 230, 1 (2007), 1--16.Google ScholarCross Ref
- Gregory D Williamson. 2006. Enhanced Authentication In Online Banking. Journal of Economic Crime Management Fall 4, 2 (2006), 1--42.Google Scholar
- Scott Wright. 2012. The Symantec Smartphone Honey Stick Project. Symantec Corporation (2012). http://www.symantec.com/content/en/us/about/presskits/b-symantec-smartphone-honey-stick-project.en-us.pdfGoogle Scholar
- Jeff Yan, Alan Blackwells, Ross Anderson, and Alasdair Grant. 2004. Password Memorability and Security: Empirical Results. IEEE Security & Privacy 2, 5 (2004), 25--31. Google ScholarDigital Library
Index Terms
- CORMORANT: Ubiquitous Risk-Aware Multi-Modal Biometric Authentication across Mobile Devices
Recommendations
CORMORANT: On Implementing Risk-Aware Multi-Modal Biometric Cross-Device Authentication For Android
MoMM2019: Proceedings of the 17th International Conference on Advances in Mobile Computing & MultimediaThis paper presents the design and open source implementation of Cormorant, an Android authentication framework able to increase usability and security of mobile authentication. It uses transparent behavioral and physiological biometrics like gait, face,...
Cormorant: towards continuous risk-aware multi-modal cross-device authentication
UbiComp/ISWC'15 Adjunct: Adjunct Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2015 ACM International Symposium on Wearable ComputersNowadays, people own and carry an increasing number of mobile devices, such as smartphones and smartwatches. Since these devices store and provide access to sensitive information, authentication is required to prevent unauthorized access. Widely used ...
Confidence and Risk Estimation Plugins for Multi-Modal Authentication on Mobile Devices using CORMORANT
MoMM 2015: Proceedings of the 13th International Conference on Advances in Mobile Computing and MultimediaMobile devices, ubiquitous in modern lifestyle, embody and provide convenient access to our digital lives. Being small and mobile, they are easily lost or stole, therefore require strong authentication to mitigate the risk of unauthorized access. Common ...
Comments