Identity authentication based on keystroke latencies
Communications of the ACM
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Proceedings of the twentieth annual ACM symposium on Principles of distributed computing
Introduction to Coding Theory
Password Memorability and Security: Empirical Results
IEEE Security and Privacy
Mobile Phones as Computing Devices: The Viruses are Coming!
IEEE Pervasive Computing
Large-Scale Evaluation of Multimodal Biometric Authentication Using State-of-the-Art Systems
IEEE Transactions on Pattern Analysis and Machine Intelligence
A convenient method for securely managing passwords
WWW '05 Proceedings of the 14th international conference on World Wide Web
MapReduce: simplified data processing on large clusters
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Proceedings of the 8th international conference on Mobile systems, applications, and services
Finding SHA-1 characteristics: general results and applications
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
The increased popularity of mobile devices widens opportunities for a user either to lose the device or to have the device stolen and compromised. At the same time, user interaction with a mobile device generates a unique set of features such as dialed numbers, timestamps of communication activities, contacted base stations, etc. This work proposes several methods to identify the user based on her communications history. Specifically, the proposed methods detect an abnormality based on the behavior fingerprint generated by a set of features from the network for each user session. We present an implementation of such methods that use features from real SMS, and voice call records from a major tier 1 cellular operator. This can potentially trigger a rapid reaction upon an unauthorized user gaining control of a lost or stolen terminal, preventing data compromise and device misuse. The proposed solution can also detect background malicious traffic originated by, for example, a malicious application running on the mobile device. Our experiments with annonymized data from 10,000 users, representing over 14 million SMS and voice call detail records, show that the proposed methods are scalable and can continuously identify millions of mobile users while preserving data privacy, and achieving low false positives and high misuse detection rates with low storage and computation overhead.