快速检索:      
引用本文:
【打印本页】   【下载PDF全文】   查看/发表评论  【EndNote】   【RefMan】   【BibTex】
过刊浏览    高级检索
本文已被:浏览 508次   下载   
分享到: 微信 更多
基于用户行为特征的手机端身份识别研究
向东东1, 陈海光1, 熊俊杰2
1.上海师范大学;2.上海市桂林路100号上海师范大学信息与机电工程学院
摘要:
随着整个社会智能手机拥有量的增加和手机端信息服务的快速发展,手机端产生和积累的敏感数据的安全受到越来越多的重视。目前手机端常用的身份验证机制包括数字密码、图案密码、指纹识别、面部识别和虹膜识别等。这类身份验证我们称为一次性验证或静态验证,一次性验证一旦验证通过,不再关注当前手机操作者是用户本人还是一个入侵用户,这种条件下,手机中存储的隐私数据就可能泄露。本文针对智能手机端的身份验证问题展开研究,基于智能手机用户在输入身份验证密码和滑动触摸屏过程中带有个人独特的行为特征,提出了两种身份验证方案。本文将OCSVM算法应用到身份验证模型中,采用了网格搜索算法获取模型的最优参数。基于采集到的28位用户的特征数据进行了一系列实验。实验结果显示两种身份验证方案具有很好的泛化能力和验证精度,身份的验证过程不会干扰正常的用户操作。两种身份验证方案弥补了传统一次性身份验证方案仅在登录阶段验证的不足,同时,相比其它连续性验证方案,本课题采用的验证方案不需要要额外的硬件设备支持和用户的主动参与验证。
关键词:  隐私数据  行为特征  OCSVM  网格搜索  身份验证
DOI:
分类号:
基金项目:
Research On Identity Verification Of Mobile Based On User Behavior Characteristics
Xiang Dongdong,Chen Haiguang,Xiong Junjie
Shanghai Normal University
Abstract:
With the growing number of smart phones in the whole society and the rapid development of mobile information services, more and more attention is paid to the security of sensitive data generated and accumulated by mobile phones.At present, the commonly used mobile phone authentication mechanism includes digital password, pattern password, fingerprint recognition, face recognition and iris recognition, etc.This type of authentication we call one-time verification or static verification, once verified, one-time verification no longer concerned about who the current operator is.Under such conditions, the privacy data stored in the phone may be leaked.This paper focuses on the problem of identity authentication on the smartphone.Two authentication schemes are proposed based on the unique behavior patterns of the smartphone users entering the authentication password and sliding the touch screen.The OCSVM algorithm is applied to the authentication model, and the grid search algorithm is used to obtain the optimal parameters of the model.A series of experiments were conducted based on the collected 28-user characterization data. The experimental results show that the two authentication schemes have good generalization ability and verification accuracy, and the identity verification process will not interfere with the normal user operation.Two kinds of authentication schemes make up for the lack of verification of traditional one-time authentication schemes which verifies identity only in the login phase.Compared with other continuity verification schemes, the verification scheme adopted in this subject does not need additional hardware device support and user's active participation verification.
Key words:  Privacy Data  Behavior Features  OCSVM  Grid Search  Authentication