Privacy-Preserving Continuous Authentication for Mobile and IoT Systems Using Warmup-Based Federated Learning

Authors

Mohamad Wazzeh, Department of Software and IT engineering, Ecole de Technologie Sup ´ erieure ( ´ ETS), Canada
Hakima Ould-Slimane, Department of mathematics and computer science, Universite de Qu ´ ebec ´ a Trois-Rivi ` eres (UQTR), Canada
Chamseddine Talhi, Department of Software and IT engineering, Ecole de Technologie Sup ´ erieure ( ´ ETS), Canada
Azzam Mourad, Department of Computer Science and Mathematics, Lebanese American University (LAU), Beirut, Lebanon & Science Division, New York University Abu Dhabi (NYU Abu Dhabi), Abu Dhabi, United Arab Emirates
Mohsen Guizani, Mohamed bin Zayed University of Artificial IntelligenceFollow

Document Type

Article

Publication Title

IEEE Network

Abstract

Continuous authentication for mobile devices acknowledges users by studying their behavioural interactions with their devices. It provides an extended protection mechanism that supplies an additional layer of security for smartphones and Internet of Things (IoT) devices and locks out intruders in cases of stolen credentials or hijacked sessions. Most of the continuous authentication efforts in the literature consist of collecting behavioural, sensory data from users and extracting statistical patterns through adopting various Machine Learning (ML) techniques. The main drawback of these approaches is their heavy reliance on acquiring the users' personal data, which exposes the latter's privacy. To address this limitation, we introduce a novel Federated Learning (FL) based continuous authentication mechanism for mobile and IoT devices. Our approach preserves the users' privacy by allowing each individual to locally train an ML model that captures his/her behaviour and then shares the model weights with the server for global aggregation. An extended scheme with a warmup FL approach for continuous authentication is proposed. Performance evaluation is done with a unique non-IID dataset built from three well-known datasets MNIST, CIFAR-10 and FEMNIST. The extensive experimental results show a major accuracy increase in user authentication. IEEE

First Page

1

Last Page

7

DOI

10.1109/MNET.121.2200099

Publication Date

8-8-2022

Keywords

Authentication, Collaborative work, Data models, Internet of Things, Security, Sensors, Servers

Comments

IR Deposit conditions:

OA version (pathway a) Accepted version

No embargo

When accepted for publication, set statement to accompany deposit (see policy)

Must link to publisher version with DOI

Publisher copyright and source must be acknowledged

Recommended Citation

M. Wazzeh, H. Ould-Slimane, C. Talhi, A. Mourad and M. Guizani, "Privacy-Preserving Continuous Authentication for Mobile and IoT Systems Using Warmup-Based Federated Learning," in IEEE Network, doi: 10.1109/MNET.121.2200099.