Go to DBLP homepageAnalysis of Attacks on Continuous Authentication Methods and Ways of Defending Against Them
Abstract: User authentication remains one of the most pressing issues in modern cybersecurity, with traditional methods increasingly failing to meet the modern challenges. In particular, there is now a plethora of attacks traditional authentication algorithms are vulnerable to, and a successful attack can be seriously damaging for a system as a whole. For this reason, Continuous Authentication (CA) emerged as a new approach to securely authenticate users in a distributed system, with diverse methods using such technologies as machine learning, neural networks, behavioural biometrics, etc. However, several new attack vectors have been suggested that might compromise even CA-protected systems. In this article, we provide an analysis of possible attacks on various CA algorithms. Furthermore, we discuss the attacks’ limitations, various factors that might improve authentication systems’ resilience, as well as proposed defense mechanisms that could provide protection against these attacks. We conclude that most common CA methods today, while a step-up compared to traditional authentication methods, are still susceptible to being subverted, and implementing defense mechanisms and adopting security best practices should be an important consideration while designing a user authentication system.
Loading