Adversarial Attacks on Continuous Authentication Security: A Dynamic Game Approach

Sarıtaş, Serkan
Sandberg, Henrik
Dan, Gyorgy
Identity theft through phishing and session hijacking attacks has become a major attack vector in recent years, and is expected to become more frequent due to the pervasive use of mobile devices. Continuous authentication based on the characterization of user behavior, both in terms of user interaction patterns and usage patterns, is emerging as an effective solution for mitigating identity theft, and could become an important component of defense-in-depth strategies in cyber-physical systems as well. In this paper, the interaction between an attacker and an operator using continuous authentication is modeled as a stochastic game. In the model, the attacker observes and learns the behavioral patterns of an authorized user whom it aims at impersonating, whereas the operator designs the security measures to detect suspicious behavior and to prevent unauthorized access while minimizing the monitoring expenses. It is shown that the optimal attacker strategy exhibits a threshold structure, and consists of observing the user behavior to collect information at the beginning, and then attacking (rather than observing) after gathering enough data. From the operator's side, the optimal design of the security measures is provided. Numerical results are used to illustrate the intrinsic trade-off between monitoring cost and security risk, and show that continuous authentication can be effective in minimizing security risk.
10th International Conference on Decision and Game Theory for Security (GameSec)


Cyber Security by a New Analogy: "The Allegory of the 'Mobile'Cave"
Canbek, Gurol (Informa UK Limited, 2018-01-01)
Mobile devices as the most pervasive technology enablers also bring new security risks in cyberspace. However, related cyber security studies mainly focus on technologies and practices rather than fundamentals and root causes. These studies may also omit the current scientific knowledge gained on other relevant or irrelevant domains that may be adapted to cyber security and ignore human nature that is more important than technology and processes. This study surveys and associates all the analogical methods ...
Graphical Passwords as Browser Extension: Implementation and Usability Study
BIÇAKCI, KEMAL; Yuceel, Mustafa; Erdeniz, Burak; Gurbaslar, Hakan; ATALAY, NART BEDİN (2009-06-19)
Today, most Internet applications still establish user authentication with traditional text based passwords. Designing a secure as well as a user-friendly password-based method has been on the agenda of security researchers for a long time. On one hand, there are password manager programs which facilitate generating site-specific strong passwords from a single user password to eliminate the memory burden due to multiple passwords. On the other hand, there are studies exploring the viability of graphical pas...
Improving the security and flexibility of one-time passwords by signature chains
Bıçakçı, Kemal; Baykal, Nazife (TÜBİTAK, 2003)
While the classical attack of ``monitor the network and intercept the password'' can be avoided by advanced protocols like SSH, one-time passwords are still considered a viable alternative or a supplement for software authentica since they are the only ones that safeguard against attacks on insecure client machines. In this paper by using public-key techniques we present a method called signature chain alternative to Lamport's hash chain to improve security and flexibility of one-time passwords. Our proposi...
Undermining User Privacy on Mobile Devices Using AI
Gulmezoglu, Berk; Zankl, Andreas; Tol, M. Caner; Islam, Saad; Eisenbarth, Thomas; Sunar, Berk (2019-01-01)
Over the past years, literature has shown that attacks exploiting the microarchitecture of modern processors pose a serious threat to user privacy. This is because applications leave distinct footprints in the processor, which malware can use to infer user activities. In this work, we show that these inference attacks can greatly be enhanced with advanced AI techniques. In particular, we focus on profiling the activity in the last-level cache (LLC) of ARM processors. We employ a simple Prime+Probe based mon...
NFC feature box: an open, nfc enabler independent mobile payment and identification method
Türk, İsmai; Kesim Çiçekli, Nihan.; Department of Computer Engineering (2019)
The use of Mobile Devices for electronic payment has increased significantly in the last decade. Near Field Communication (NFC) mobile payment is gaining popularity and it is widely considered to be the technology that will turn smartphones into m-wallets. While a typical wallet contains identification, loyalty, public transport and credit cards, m-wallet solutions currently have well-defined standards for credit card enrollment and usage only. In this thesis, we explore and present the main reason for this...
Citation Formats
S. Sarıtaş, H. Sandberg, and G. Dan, “Adversarial Attacks on Continuous Authentication Security: A Dynamic Game Approach,” Stockholm, İsveç, 2019, vol. 11836, Accessed: 00, 2021. [Online]. Available: