SmartCAMPP - Smartphone-based continuous authentication leveraging motion sensors with privacy preservation

Luis Hernández-Álvarez, José María de Fuentes, Lorena González-Manzano, Luis Hernández Encinas
Pattern Recognition Letters, Volume 147, 2021, Pages 189-196

Continuous Authentication (CA) approaches are attracting attention due to the explosion of available sensors from IoT devices such as smartphones. However, a critical privacy concern arises when CA data is outsourced. Data from motion sensors may reveal users’ private issues. Despite the need for CA in smartphones, no previous work has explored how to tackle this matter leveraging motion sensors in a privacy-preserving way. In this work, a mechanism dubbed SmartCAMPP is proposed to achieve CA based on gyroscope and accelerometer data. Format-preserving encryption techniques are applied to privately outsource them. Our results show the suitability of the proposed scheme, featuring 76.85% of accuracy while taking 5.12 ms. of computation for authenticating each user. Interestingly, the use of cryptography does not lead to a significant impact as compared to a non-privacy-preserving mechanism.

Keywords: Continuous authentication; Smartphone; Privacy; Gyroscope; Accelerometer

Acknowledgments

The authors would like to thank the anonymous reviewers for their insightful comments. This work was partially supported by Spanish MINECO, AEI and European Regional Development Fund (ERDF), through grants TIN2017-84844-C2-1-R (COPCIS) and PID2019-111429RBC21 (ODIO); by Comunidad de Madrid (Spain) through grant P2018/TCS-4566-CM (CYNAMON), co-funded with ERDF, and also jointly with Univ. Carlos III de Madrid, grant CAVTIONS-CM-UC3M. Lorena González and José María de Fuentes would like to thank the Excellence Program for University Researchers. Luis Hernández-Álvarez would like to thank CSIC Project 202050E304 (CASDiM).