User authentication remains one of the most pressing issues in modern cybersecurity, with traditional methods increasingly failing to meet the modern challenges. In particular, there is now a plethora of attacks traditional authentication algorithms are vulnerable to, and a successful attack can be seriously damaging for a system as a whole. For this reason, Continuous Authentication (CA) emerged as a new approach to securely authenticate users in a distributed system, with diverse methods using such technologies as machine learning, neural networks, behavioural biometrics, etc. However, several new attack vectors have been suggested that might compromise even CA-protected systems. In this article, we provide an analysis of possible attacks on various CA algorithms. Furthermore, we discuss the attacks’ limitations, various factors that might improve authentication systems’ resilience, as well as proposed defense mechanisms that could provide protection against these attacks. We conclude that most common CA methods today, while a step-up compared to traditional authentication methods, are still susceptible to being subverted, and implementing defense mechanisms and adopting security best practices should be an important consideration while designing a user authentication system
Original languageEnglish
Title of host publicationComputational Science and Its Applications – ICCSA 2024 Workshops
PublisherSpringer Nature
Pages369-385
Number of pages17
ISBN (Electronic)978-3-031-65308-7
ISBN (Print)978-3-031-65307-0
DOIs
StatePublished - 22 Aug 2024
EventThe 24th International Conference on Computational Science and Its Applications, ICCSA 2024 - Ханой, Viet Nam
Duration: 1 Jul 20244 Jul 2024
https://2024.iccsa.org/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Nature
Volume14821
ISSN (Print)0302-9743

Conference

ConferenceThe 24th International Conference on Computational Science and Its Applications, ICCSA 2024
Abbreviated titleICCSA
Country/TerritoryViet Nam
CityХаной
Period1/07/244/07/24
Internet address

    Research areas

  • Adversarial Attacks, Continuous Authentication, Cybersecurity, Machine Learning

ID: 123444388