BehaveSense: Continuous authentication for security-sensitive mobile apps using behavioral biometrics

With the emergence of smartphones as an essential part of our daily lives, continuous authentication becomes an urgent need which could efficiently protect user security and privacy. However, only a small percentage of apps contain sensitive data. To save energy and protect user security, we propose BehaveSense, an accurate and efficient continuous authentication method for security-sensitive mobile apps using touch-based behavioral biometrics. By exploring four different types of touch operations, we train the owner model using One-Class SVM (OCSVM) and isolation forest (iForest), and calculate the accuracy of each type with the model. Afterwards, we calculate the confidence level of each type using the Bayesian theorem. Finally, we obtain the accuracy of a touch operation sequence with an improved expectedprob algorithm. To validate the effectiveness of the proposed method, we conduct a series of experiments. We collect the WeChat app data of 45 volunteers during two weeks. Experimental results show that our method can recognize user identity efficiently. Specifically, our method achieves average accuracy of approaching 95.85% for touch operation sequence, when considering 9 touch operations. Our method is very promising to authenticate user.