M.S. Candidate: Gürkan Gündüz
Program: Data Informatics
Date: 21.08.2025 / 10:00
Place: A-212

Abstract: Mobile devices are exposed to security threats, even when protected by traditional authentication methods such as passwords, PINs, or physiological biometrics. These methods are vulnerable to attacks like shoulder surfing and spoofing, and they lack mechanisms for continuous identity verification after initial access. These issues are mitigated by Continuous Authentication (CA), which continuously validates identity through behavioral biometrics, such as scrolling and swiping patterns. In this work, a touch-based CA framework is introduced that models full probability distributions of interaction features (movement speed, acceleration, curvature, cumulative average speed) instead of relying on summary statistics. Kernel Density Estimation (KDE) is employed to generate feature distributions, and session- and user-specific bandwidths are optimized using Kullback–Leibler (KL) divergence, enhancing the fidelity of individual behavior models. These distribution-based features are then fed into a CNN-based Siamese network, where similarity embeddings across sessions are learned for authentication. When evaluated on the BehavePassDB dataset, the proposed method is consistently shown to outperform both a fixed-bandwidth alternative and a baseline XGBoost model using handcrafted statistics, achieving higher ROC AUC, lower Equal Error Rates, and improved precision–recall metrics. Authentication accuracy, robustness, and generalization across devices and populations are demonstrated to be significantly boosted by the modeling of complete behavioral distributions and the tailoring of KDE parameters per user.