SmartAuth: dynamic context fingerprinting for continuous user authentication

3 years 2 months ago
SmartAuth: dynamic context fingerprinting for continuous user authentication
As recent incidents have shown, weak passwords are a severe security risk for authenticating users and granting access to protected resources. Additionally, strong passwords score low on usability, especially on mobile devices. In this work, we present SmartAuth, a scalable context-aware authentication framework built on top of OpenAM, a state-of-practice identity and access management suite. It uses adaptive and dynamic context fingerprinting based on Hoeffding trees to continuously ascertain whether a user’s identity is authentic or not, and it respects privacy preferences by adopting consent-driven use of context information. We assess our approach from both an offensive and defensive security perspective. Our results show that dynamic context fingerprinting has good potential for a zero-interaction authentication scheme, with a minimal performance overhead compared to traditional authentication schemes. Categories and Subject Descriptors D.4.6 [Operating Systems]: Security a...
Davy Preuveneers, Wouter Joosen
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where SAC
Authors Davy Preuveneers, Wouter Joosen
Comments (0)