Abstract:
Existing continuous authentication models use a
fixed set of attributes and do not consider the application specific
requirements and associated vulnerabilities in their selection.
Selecting appropriate attributes for continuous authentication
is essentially a multi-criteria decision making process. Existing
multi-criteria decision making models are less competent in
providing a preference for each attribute in a set of possible
attributes. In this paper we propose a utility based approach:
PROAASEL, prospect theory based continuous authentication
attribute selection model. The main assumption of our approach
is the associated risks for each attribute are pre-defined in terms
of known vulnerabilities. The main advantage of our model is the
ability to select the attributes based on application specific risk
characterizations. We have evaluated PROAASEL using CVE
data from [1]. Furthermore, we compared the selection method
with existing MCDM techniques TOPSIS and N-model for plausible
application scenarios. The results reveal that PROAASEL
is more expressive and offer more reliable selection when the
associated risks are fixed.
Citation:
U. S. Premarathne, "PROAASEL: Prospect theory based continuous authentication attribute selection model," 2016 Moratuwa Engineering Research Conference (MERCon), 2016, pp. 84-89, doi: 10.1109/MERCon.2016.7480120.