TY - GEN
T1 - Security after login
T2 - IEEE International Symposium on Technologies for Homeland Security, HST 2015
AU - Feng, Tao
AU - Zhao, Xi
AU - Desalvo, Nick
AU - Gao, Zhimin
AU - Wang, Xi
AU - Shi, Weidong
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2015/8/26
Y1 - 2015/8/26
N2 - Coinciding with the surge in popularity and adoption of mobile devices and the ever-expanding capabilities of these devices, the amount of sensitive information accessed and stored has increased exponentially. Inasmuch, these advancements have, and continue to demand great efforts from researchers and the industry alike in terms of improving security therein. Existing technologies either conduct user identity verification via a login stage or request authentication every time the user accesses a sensitive app. We propose, in this paper, an IdentityTracker. This framework is dedicated to tracking the user's identity, performing app-level access control management. Continuous and implicit tracking of the user's identity is accomplished through monitoring fingerprint authentication logs as well as detecting events when the phone has left the user's hand. This approach leverages multiple onboard sensors. We conducted two user-studies acquiring smartphone users' usage statistics to investigate security and usability needs of our solution. To monitor these subtle gestures in real-world uncontrolled environments, multi-session data collection has been conducted to iteratively improve system performance. The evaluation results have demonstrated the feasibility of IdentityTracker.
AB - Coinciding with the surge in popularity and adoption of mobile devices and the ever-expanding capabilities of these devices, the amount of sensitive information accessed and stored has increased exponentially. Inasmuch, these advancements have, and continue to demand great efforts from researchers and the industry alike in terms of improving security therein. Existing technologies either conduct user identity verification via a login stage or request authentication every time the user accesses a sensitive app. We propose, in this paper, an IdentityTracker. This framework is dedicated to tracking the user's identity, performing app-level access control management. Continuous and implicit tracking of the user's identity is accomplished through monitoring fingerprint authentication logs as well as detecting events when the phone has left the user's hand. This approach leverages multiple onboard sensors. We conducted two user-studies acquiring smartphone users' usage statistics to investigate security and usability needs of our solution. To monitor these subtle gestures in real-world uncontrolled environments, multi-session data collection has been conducted to iteratively improve system performance. The evaluation results have demonstrated the feasibility of IdentityTracker.
UR - https://www.scopus.com/pages/publications/84955480499
U2 - 10.1109/THS.2015.7225268
DO - 10.1109/THS.2015.7225268
M3 - 会议稿件
AN - SCOPUS:84955480499
T3 - 2015 IEEE International Symposium on Technologies for Homeland Security, HST 2015
BT - 2015 IEEE International Symposium on Technologies for Homeland Security, HST 2015
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 14 April 2015 through 16 April 2015
ER -