WACA: Wearable-Assisted Continuous Authentication

TL;DR

WACA introduces a wearable sensor-based continuous authentication method that enhances security and usability by reliably verifying users throughout a session with minimal overhead.

Contribution

This paper presents WACA, a novel wearable-assisted continuous authentication framework that leverages sensor-based keystroke dynamics for improved reliability and usability.

Findings

Error rate as low as 1% with 30 seconds processing

High accuracy (99.2%) in identifying insider threats

Robust against imitation and statistical attacks

Abstract

One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session without reducing the user convenience. Continuous authentication can address this issue. However, existing methods are either not reliable or not usable. In this paper, we introduce a usable and reliable method called Wearable Assisted Continuous Authentication (WACA). WACA relies on the sensor based keystroke dynamics, where the authentication data is acquired through the built in sensors of a wearable (e.g., smartwatch) while the user is typing. We implemented the WACA framework and evaluated its performance on real devices with real users. The empirical evaluation of WACA reveals that WACA is feasible and its error rate is as low as 1 percent with 30 seconds of processing time and 2 3% for 20 seconds. The computational overhead is minimal. Furthermore, we tested WACA against different attack scenarios. WACA is capable of identifying insider threats with very high accuracy (99.2%) and also robust against powerful adversaries such as imitation and statistical attackers.