Currently, the smartphone devices have become an essential part of our daily activities. Smartphone’ users run various essential applications (such as banking and e-health Apps), which contains very confidential information (e.g., credit card number and its PIN). Typically, the smartphone’s user authentication is achieved using mechanisms (password or security pattern) to verify the user identity. Although these mechanisms are cheap, simple, and quick enough for frequent logins, they are vulnerable to attacks such as shoulder surfing or smudge attack. This problem could be addressed by authenticating the users using their behaviour (i.e., touch behaviour) while using their smartphones. Such behaviours include finger’s pressure, size, and pressure time while tapping keys. Selecting features (from these behaviours) could play an important role in the authentication process’s performance. This paper aims to propose an efficient authentication method providing an implicit authentication for smartphone users while not imposing an additional cost of special hardware and addressing the limited smartphone capabilities. We first investigated feature selection techniques from the filter and wrapper approaches and then used the best one to propose our implicit authentication method. The random forest classifier is used to evaluate these techniques. It is also used to achieve the classification task in our authentication method. Using a public dataset, the experimental results showed that the filter-based technique (i.e., rank aggregation) is the best feature selection to build an implicit authentication method for the smartphone environment. It showed accuracy results around 97.80% using only 25 features out of 53 features (i.e., require less mobile resources (memory and processing power) to authenticate users. At the same time, the results showed that our method has less error rate: 2.03 FAR, 0.04 FRR, and 1.04 ERR, comparing to the related work. These promising results would be used to develop a mobile application that allows implicit authentication of legitimate owners while avoiding the traditional authentication problems and using fewer smartphone resources.

目前，智能手机已成为我们日常活动的重要组成部分。智能手机的用户运行各种基本应用程序（例如银行和电子医疗应用程序），其中包含非常机密的信息（例如信用卡号及其PIN）。通常，使用验证用户身份的机制（密码或安全模式）来实现智能手机的用户身份验证。尽管这些机制便宜，简单且足够快速地进行频繁登录，但它们很容易受到诸如肩膀冲浪或污迹攻击之类的攻击。可以通过在使用智能手机时使用其行为（即触摸行为）对用户进行身份验证来解决此问题。这样的行为包括在敲击按键时手指的压力，大小和压力时间。选择功能（从这些行为中）可能在身份验证过程的性能中起重要作用。本文旨在提出一种有效的身份验证方法，为智能手机用户提供隐式身份验证，同时不增加特殊硬件的额外成本并解决有限的智能手机功能。我们首先研究了过滤器和包装器方法中的特征选择技术，然后使用最佳方法来提出我们的隐式身份验证方法。随机森林分类器用于评估这些技术。在我们的身份验证方法中，它也用于完成分类任务。使用公开数据集，实验结果表明，基于过滤器的技术（即 排名汇总）是为智能手机环境构建隐式身份验证方法的最佳功能选择。结果表明，使用53个功能中的25个功能（即需要较少的移动资源（内存和处理能力）来验证用户身份）中的25个功能，准确性结果约为97.80％；同时，结果表明我们的方法的错误率更低：2.03 FAR ，0.04 FRR和1.04 ERR，与相关工作相比，这些有希望的结果将被用于开发一种移动应用程序，该应用程序可以对合法所有者进行隐式身份验证，同时避免传统的身份验证问题并使用更少的智能手机资源。同时，结果表明，与相关工作相比，我们的方法具有更低的错误率：2.03 FAR，0.04 FRR和1.04 ERR。这些有希望的结果将用于开发一种移动应用程序，该应用程序可以对合法所有者进行隐式身份验证，同时避免传统的身份验证问题并使用更少的智能手机资源。同时，结果表明，与相关工作相比，我们的方法具有更低的错误率：2.03 FAR，0.04 FRR和1.04 ERR。这些有希望的结果将用于开发一种移动应用程序，该应用程序可以对合法所有者进行隐式身份验证，同时避免传统的身份验证问题并使用更少的智能手机资源。