NON INTRUSIVE SMARTPHONE USER VERIFICATION USING ANONYMZED MULTI MODAL DATA
ABSTRACT:
Smartphone user verification is important because personal daily activities are increasingly being held on the phone and the sensitive information is logged on. Generally accepted user verification methods are generally active, requiring a security token, including a user's collaboration to gain access. Although popular, these methods maintain heavy loads for smartphone users and remember token input at high frequency. To prohibit this penalty and provide additional security for users, we propose a new non-stop and continuous systemuser verification framework, which can reduce the frequency required by a user to input his / her security token. Using hidden Marquee models and continuous trouble-rate checking, data collection and privacy leak risk is anonymous and multifunction smartphone data with a low price, easy-to-read verification without additional effort. With a comprehensive estimate, we get a 94% higher rate and 74% of the detection of illegal smartphone applications to ensure proper applications. In a practical system, it can translate as a 74% frequency reduction in a security. Using a preferred authentication method, the token is only at risk of detecting roughly 6% hazardous infiltration, which is highly desirable.
ARCHITECTURE:
EXISTING SYSTEM:
OTP for any transaction on the web (with/without) consent.By simply going into the notification bar (even if the phone’s locked) and then copying the OTP by memorizing it and pasting it on the transaction page.Although the consequences would be not good for me after that XD.The Secure Shell protocol contains numerous features to avoid some of the vulnerabilities with password authentication. Passwords are sent as encrypted over the network, thus making it impossible to obtain the password by capturing network traffic. Also, passwords are never stored on the client. Empty passwords are not permitted by default (and they are strongly discouraged).On the server side, the Secure Shell protocol relies on the operating system to provide confidentiality of the user passwords. SSH Tectia Server also supports limiting the number of password retries, thereby making brute-force and dictionary attacks difficult.However, Secure Shell does not protect against weak passwords. If a malicious user is able to guess or obtain the password of a legitimate user, the malicious user can authenticate and pose as the legitimate user. Weak passwords can also be discovered by dictionary attacks from a remote machine.
DISADVANTAGES
1. Security is entirely based on confidentiality and the strength of the password.
2. Does not provide strong identity check (only based on password).
3. Unknown otpsms
PROPOSED SYSTEM:
Password authentication can also be used as a generic authentication method. This is the case with SSH Tectia Connector when all users use the same credentials. In this case only data encryption and data integrity services are provided. The responsibility for user authentication is left to the tunneled third-party application .One-time password or OTP is a password that is applicable for only one login session or transaction, on a computer system or different digital device. OTPs ignore various shortcomings that are linked with traditional, i.e., static password-based authentication; a number of accomplishments also integrates two-factor authentication by making sure that one-time password needs access to something a person has plus something a person already knows. The most significant advantage provided by OTPs is that, in distinction with static passwords, they are not susceptible to replay attacks. This means a prospective intruder who deals with an One Time Password that was already used to log in to a service or to perform a transaction will not be able to misuse it, as it will not be more suitable. Another advantage is that a user, who uses the same password for multiple systems, is not made susceptible on all of them, if the password for one of these is gained by an intruder. A number of OTP systems also target to make sure that a session cannot simply be intercepted or taken off without knowledge of random data created during the earlier session, thus decreasing the attack surface more. OTP is more secure than a static password, especially a user-created password, which is typically weak. OTPs may replace authentication login information or may be used in addition to it, to add another layer of security. Main for proposed system future checking macid in registration system and login system macid.
ADVANTAGES:
1. It became very difficult when there is no network or no battery on the phone/laptop or any other device.
2. Sometimes due to sever errors it takes very long time to get OTP or sometimes OTP does not deliver to us.
3. If someone knows user name so using OTP they open accounts, however that it least possibility only when you lose phone.
4. Simple to deploy—since the operating system provides the user accounts and password, almost no extra configuration is needed.
MODULES:
The modules are implemented as given in the following ways
USER VERIFACTION
LOG CROSS CHECK
SESSION DETALIS
PICTORIAL REPRESENTATION
USER VERIFACTION
User authentication is performed in almost all human-to-computer interactions other than guest and automatically logged in accounts. Authentication authorizes human-to-machine interactions on both wired and wireless networks to enable access to network and Internet connected systems and resources.Traditionally, user authentication has typically consisted of a simple ID and password combination. Increasingly, however, more authentication factors are added to improve the security of communications. An identity verification service is used by businesses to ensure that users or customers provide information that is associated with the identity of a real person. A non-documentary identity verification requires the user or customer to provide personal identity data which is sent to the identity verification service.For each System user, we formulate the user verification problem as a binary classification task. denote a trunk of multimodal sequential and anonymized data retrieved for implicit user verification at time, where denote a time segment of multimodal data acquired at and N is a predefined number of segments retrieved for user verification. The verification function produces two possible outcomes, i.e. accepted and unaccepted
LOG CROSS CHECK
User location is sometimes considered a fourth factor for authentication. The ubiquity of smartphones can help ease the burden here: Most smartphones are equipped with GPS, enabling reasonable surety confirmation of the login location. Lower surety measures include the MAC address of the login point or physical presence verifications through cards and other possession factor element We have a requirement where only the trusted System devices should be allowed into network. System username and password along with mac address should be verified. System username is tied up with particular mac address. Same System user id cannot be used some other personal mobiles or trusted devices not allocated to. Foreg,System user 1 is associated with mac1. System user 1 can only log into the System device with the mac address mac1. He cannot log into other System devices.
SESSION DETALIS
Stored log in time and log out time for every user by making two columns ‘login time’ and ‘logout time’ by adding the queries to login and logout scripts to save the Windows time stamp and set its data typeto current time stamp. This makes it store the time in the table automatically each time a row is inserted.Database to keep the users and the records of their login/logout times. You also need the
Index file so you can use the Session_OnEnd event to track the time when Session. Abandon occurs or Session. Timeout expires. That is when a user hit logout or quits application.
PICTORIAL REPRESENTATION
The analyses of proposed systems are calculated based on the User session details. This can be measured with the help of graphical notations such as pie chart, bar chart and line chart. The data can be given in a dynamical data.
ALGORITHM:
SUPPORT VECTOR MACHINE (SVM)
“Support Vector Machine” (SVM) is a supervised machine learning algorithm which can be used for both classification or regression challenges. However, it is mostly used in classification problems. In this algorithm, we plot each data item as a point in n-dimensional space (where n is number of features you have) with the value of each feature being the value of a particular coordinate. Then, we perform classification by finding the hyper-plane that differentiate the two classes very well (look at the below snapshot). The SVM algorithm is implemented in practice using a kernel. The learning of the hyperplane in linear SVM is done by transforming the problem using some linear algebra, which is out of the scope of this introduction to SVM. A powerful insight is that the linear SVM can be rephrased using the inner product of any two given observations, rather than the observations themselves. The inner product between two vectors is the sum of the multiplication of each pair of input values. For example, the inner product of the vectors [2, 3] and [5, 6] is 2*5 + 3*6 or 28. The equation for making a prediction for a new input using the dot product between the input (x) and each support vector (xi) is calculated as follows:
f(x) = B0 + sum(ai * (x,xi))
HIDDEN MARKOV MODEL (HMM)
Hidden markov model is a statistical Markov model in which the system being modeled is assumed to be a Markov process with unobserved (i.e. hidden) states.
There are three types of weather: sunny , rainy , and foggy . Let’s assume for the moment that the weather lasts all day, i.e., it doesn’t change from rainy to sunny in the middle of the day. Weather prediction is about trying to guess what the weather will be like tomorrow based on the observations of the weather in the past (the history). Let’s set up a statistical model for weather prediction: We collect statistics on what the weather qn is like today (on day n) depending on what the weatherwas like yesterday qn−1, the day before qn−2, and so forth. We want to find the following conditional probabilities
P(qn|qn−1, qn−2, ..., q1),
REQUIREMENT ANALYSIS
The project involved analyzing the design of few applications so as to make the application more users friendly. To do so, it was really important to keep the navigations from one screen to the other well ordered and at the same time reducing the amount of typing the user needs to do. In order to make the application more accessible, the browser version had to be chosen so that it is compatible with most of the Browsers.
thank you for your comment
pls call me on 8125424511