ABSTRACTThe pervasive use of smart devices in everyday life has increased the risk of theft and cyberattacks, necessitating robust and continuous behavioral authentication techniques during every interactive session. Traditional authentication methods are insufficient to address these evolving threats, as they often fail to maintain security throughout the session. To address this challenge, we propose a continuous authentication scheme that leverages touch and motion sensors, incorporating user context to enhance security. However, building an effective authentication model requires creating a behavioral template by aggregating data from multiple users. Moreover, outsourcing sensitive sensor data to third‐party servers for processing introduces the risk of privacy breaches, such as behavioral profiling or the theft of personal information. To mitigate these risks, we designed CAPP—a context‐aware privacy‐preserving data outsourcing scheme for continuous authentication during live sessions. CAPP employs Format Preserving Encryption (FPE) to encrypt the sensor data, ensuring that the data's format remains intact, which allows the machine learning model to function with minimal loss of accuracy. Our solution enables secure and efficient authentication by creating a model on the server side using data from motion sensors like the accelerometer, gyroscope, and magnetometer. Our experimental results demonstrate the effectiveness of the proposed scheme, achieving an accuracy of 87.57% and an Equal Error Rate (EER) of 12.15%, while requiring only 1.69 ms to authenticate a user. These results show that CAPP preserves user privacy and provides a rapid and reliable authentication process, outperforming existing state‐of‐the‐art methods.
Read full abstract