*Hassan Khan,Aaron Atwater,and Urs Hengartner

*Itus ： An Implicit Authentication Framework

for Andriod

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

Why Implicit Authentication（ IA）

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

Implicit Authentication

As a second line of defenseMeasurement patterns of device use that are

gathered from the device users without requiring deliberate actions.

When an adversary bypass a pass-lock,IA may be able to detect it

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

some IA system

TAP:a virtual key typing based authentication system for mobile device,transparently enhance the secrity of the mobile device in two stage:login stage and post-login stage

- continuous mobile authentication using virtual key typing biometrics

Contemporary IA:device-centric

Application-centric implicit authentication： enable fine grained authentication control with high accuracy

- Towards Application-Centric Implicit Authentication on Smartphones

Implicit Authentication at platform level

OS or app framework is responsible for providing IA to all apps in an app independent manner;

Limitation:1. different apps have different characteristics2. Performance and battery life3. The difference in app characteristics reduce the

accuracy of IA 4. not be able to distinguish which activities within an

app require protection5. need to be managed by the platform developers or

some central authority.

Solution for Limitation

These limitations can be circumvented by enabling the apps themselves to implicity authenticate users.

Delegate IA to apps:usability and flexibilityApp developer requires domain-specific

knowledge and significant effort to provide IA support: IA library

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

Challenges

Marking the resulting library easy to use for app developers

Be flexible enough to cater for app-specific functionality

Be extensible by the researchers developing novel IA schemes

Shouldn’t have a noticeable impact on performance or battery life to end users

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

Itus

A framework that separates the domain knowledge of IA from its deployment

App developers can provide IA in their apps easily

Allowing IA developers to iteratively contribute improvement to the framework.

Implement as a library at the user level Itus Oracle:a tool for app developer

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

For app developer

Easy to use

For app developer

configurable

For app developer

customized

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

For researchers and IA developers

Prefabs

Prefabs are pre-configured instances of the Itus Agent…can specify classifiers,feature subsets,parameters,etc.…allow an app developer to pick a prefab and go

Machine Learning Toolkit

Contains Classifier objects, each implementing a single machine learning algorithm

Developers implement only train and classify methods in order to add new algorithms

Event Processor

Developers create Measurement classes (e.g. Touch, Keystroke, Movement)

User input events are centrally managed and delivered by a Dispatcher object

Measurement objects only need to process input data into a numeric feature vector

Outline

• Background

• Introduction for IA

• Previous work on IA

• challenge

• Introduction to Itus

• Itus for app developer

• Itus for IA developer

• Performance & conclusion

Performance

Created three Itus Prefabs using different machine learning algorithms and feature sets- Touch-based, movement-based, and keystroke-based

Added to two open-source Android apps- Zirco web browser and TextSecure SMS messenger

Measured library overhead in terms of CPU, memory, and battery

CPU Overhead

Memory Overhead

Conclusion

Itus is an application-level implicit authentication framework for Android that is:easy can be deployed by developers with minimal LoC extensible subcomponents can be improved iteratively

Flexible support for application-specific functionality

fast minimal, tuneable performance overhead