Reconstruction Attacks Against Mobile-Based Continuous Authentication Systems in the Cloud

被引:28
|
作者
Al-Rubaie, Mohammad [1 ]
Chang, J. Morris [1 ]
机构
[1] Iowa State Univ, Dept Elect & Comp Engn, Ames, IA 50011 USA
关键词
Mobile devices; continuous authentication; gestures; privacy; reconstruction attacks; machine learning; IMAGE;
D O I
10.1109/TIFS.2016.2594132
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Continuous authentication for mobile devices using behavioral biometrics is being suggested to complement initial authentication for securing mobile devices, and the cloud services accessed through them. This area has been studied over the past few years, and low error rates were achieved; however, it was based on training and testing using support vector machine (SVM) and other non-privacy-preserving machine learning algorithms. To stress the importance of carefully designed privacy-preserving systems, we investigate the possibility of reconstructing gestures raw data from users' authentication profiles or synthesized samples' testing results. We propose two types of reconstruction attacks based on whether actual user samples are available to the adversary (as in SVM profiles) or not. We also propose two algorithms to reconstruct raw data: a numerical-based algorithm that is specific to one compromised system, and a randomization-based algorithm that can work against almost any compromised system. For our experiments, we selected one compromised and four attacked gesture-based continuous authentication systems from the recent literature. The experiments, performed using a public data set, showed that the attacks were feasible, with a median ranging from 80% to 100% against one attacked system using all types of attacks and algorithms, and a median ranging from 73% to 100% against all attacked systems using the randomization-based algorithm and the negative support vector attack. Finally, we analyze the results, and provide recommendations for building active authentication systems that could resist reconstruction attacks.
引用
收藏
页码:2648 / 2663
页数:16
相关论文
共 50 条
  • [31] Student engagement with mobile-based assessment systems: A survival analysis
    Bacca-Acosta, Jorge
    Avila-Garzon, Cecilia
    [J]. JOURNAL OF COMPUTER ASSISTED LEARNING, 2021, 37 (01) : 158 - 171
  • [32] Protecting Mobile Crowd Sensing against Sybil Attacks Using Cloud Based Trust Management System
    Chang, Shih-Hao
    Chen, Zhi-Rong
    [J]. MOBILE INFORMATION SYSTEMS, 2016, 2016
  • [33] New Authentication Scheme to Secure against the Phishing Attack in the Mobile Cloud Computing
    Munivel, E.
    Kannammal, A.
    [J]. SECURITY AND COMMUNICATION NETWORKS, 2019, 2019
  • [34] Countering jamming attacks against an authentication and key agreement protocol for mobile satellite communications
    Lasc, Ioana
    Dojen, Reiner
    Coffey, Tom
    [J]. COMPUTERS & ELECTRICAL ENGINEERING, 2011, 37 (02) : 160 - 168
  • [35] Generative adversarial attacks on motion-based continuous authentication schemes
    Pourshahrokhi, Narges
    Smith-Creasey, Max
    Ghassemian, Mona
    Kouchaki, Samaneh
    [J]. 2021 14TH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS (SIN 2021), 2021,
  • [36] Impact of injection attacks on sensor-based continuous authentication for smartphones
    Gonzalez-Manzano, Lorena
    Mahbub, Upal
    de Fuentes, Jose M.
    Chellappa, Rama
    [J]. COMPUTER COMMUNICATIONS, 2020, 163 : 150 - 161
  • [37] Continuous identity authentication protocol against quantum attacks in satellite integrated smart grid
    Huang, Chao
    Yang, Min
    Li, Bo
    Yu, Lin
    [J]. COMPUTATIONAL INTELLIGENCE, 2024, 40 (03)
  • [38] Synthetic Forgery Attack Against Continuous Keystroke Authentication Systems
    Sun, Yan
    Upadhyaya, Shambhu
    [J]. 2018 27TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND NETWORKS (ICCCN), 2018,
  • [39] Leveraging Continuous Multi-modal Authentication for Access Control in Mobile Cloud Environments
    Fenu, Gianni
    Marras, Mirko
    [J]. NEW TRENDS IN IMAGE ANALYSIS AND PROCESSING - ICIAP 2017, 2017, 10590 : 331 - 342
  • [40] Performance Analysis of an Effective Approach to Protect Cloud Systems Against Application Layer Based Attacks
    El-Sofany, Hosam F.
    El-Seoud, Samir A.
    [J]. INTERNATIONAL JOURNAL OF ONLINE AND BIOMEDICAL ENGINEERING, 2019, 15 (03) : 82 - 95