Privacy-Preserving and Scalable Authentication based on Network Connection Traces

Abstract

Since password-based authentication is no longer sufficient for web applications, additional authentication factors are required. Especially in the context of mobile devices and with regard to usability, there is an increasing focus on methods where the user's behavior is used as authentication factor (e.g., touchscreen interactions or sensors). As this typically requires the processing of large amounts of sensitive data, issues related to privacy and scalability arise. Our work addresses the issues by presenting a scalable and privacy-friendly approach for authenticating users of mobile applications based on information about their network connections.