Post on 11-Jan-2016
*Hassan Khan,Aaron Atwater,and Urs Hengartner
*Itus : An Implicit Authentication Framework
for Andriod
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
Why Implicit Authentication( IA)
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
Implicit Authentication
As a second line of defenseMeasurement patterns of device use that are
gathered from the device users without requiring deliberate actions.
When an adversary bypass a pass-lock,IA may be able to detect it
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
some IA system
TAP:a virtual key typing based authentication system for mobile device,transparently enhance the secrity of the mobile device in two stage:login stage and post-login stage
- continuous mobile authentication using virtual key typing biometrics
Contemporary IA:device-centric
Application-centric implicit authentication: enable fine grained authentication control with high accuracy
- Towards Application-Centric Implicit Authentication on Smartphones
Implicit Authentication at platform level
OS or app framework is responsible for providing IA to all apps in an app independent manner;
Limitation:1. different apps have different characteristics2. Performance and battery life3. The difference in app characteristics reduce the
accuracy of IA 4. not be able to distinguish which activities within an
app require protection5. need to be managed by the platform developers or
some central authority.
Solution for Limitation
These limitations can be circumvented by enabling the apps themselves to implicity authenticate users.
Delegate IA to apps:usability and flexibilityApp developer requires domain-specific
knowledge and significant effort to provide IA support: IA library
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
Challenges
Marking the resulting library easy to use for app developers
Be flexible enough to cater for app-specific functionality
Be extensible by the researchers developing novel IA schemes
Shouldn’t have a noticeable impact on performance or battery life to end users
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
Itus
A framework that separates the domain knowledge of IA from its deployment
App developers can provide IA in their apps easily
Allowing IA developers to iteratively contribute improvement to the framework.
Implement as a library at the user level Itus Oracle:a tool for app developer
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
For app developer
Easy to use
For app developer
configurable
For app developer
customized
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
For researchers and IA developers
Prefabs
Prefabs are pre-configured instances of the Itus Agent…can specify classifiers,feature subsets,parameters,etc.…allow an app developer to pick a prefab and go
Machine Learning Toolkit
Contains Classifier objects, each implementing a single machine learning algorithm
Developers implement only train and classify methods in order to add new algorithms
Event Processor
Developers create Measurement classes (e.g. Touch, Keystroke, Movement)
User input events are centrally managed and delivered by a Dispatcher object
Measurement objects only need to process input data into a numeric feature vector
Outline
• Background
• Introduction for IA
• Previous work on IA
• challenge
• Introduction to Itus
• Itus for app developer
• Itus for IA developer
• Performance & conclusion
Performance
Created three Itus Prefabs using different machine learning algorithms and feature sets- Touch-based, movement-based, and keystroke-based
Added to two open-source Android apps- Zirco web browser and TextSecure SMS messenger
Measured library overhead in terms of CPU, memory, and battery
CPU Overhead
Memory Overhead
Conclusion
Itus is an application-level implicit authentication framework for Android that is:easy can be deployed by developers with minimal LoC extensible subcomponents can be improved iteratively
Flexible support for application-specific functionality
fast minimal, tuneable performance overhead