AUTHENTICATION METHODS USING BEHAVIORAL ANALYTICS AND MACHINE LEARNING FOR INTERNET OF THINGS DEVICES
DOI:
https://doi.org/10.28925/2663-4023.2025.30.941Keywords:
behavioral biometrics, machine learning, user authentication, anomaly detection, cybersecurityAbstract
The growing complexity of cyber threats has highlighted the limitations of traditional authentication methods, including passwords, tokens, and standard two-factor authentication (2FA). In the Internet of Things (IoT) environment, these methods are particularly vulnerable due to limited computational resources, the dynamic nature of connections, and the need for seamless user–device interaction. In response to these challenges, behavioral analytics and machine learning (ML) are gaining increasing attention as they enable the development of adaptive, continuous, and user-transparent authentication systems. This study focuses on behavioral authentication methods, including keystroke dynamics, mouse movement patterns, geolocation data, session activity, and network traffic analysis. A modular architecture is proposed that integrates both supervised and unsupervised ML algorithms, such as Support Vector Machines (SVM), Random Forest, Artificial Neural Networks (ANN), and autoencoders. Based on a combination of public and experimental datasets, extensive preprocessing and feature engineering were applied to identify the most informative behavioral characteristics of users and devices. Experimental results showed that the Random Forest model achieved the highest accuracy (96%) and F1-score (0.94), while the deployed prototype system provided fast response times (0.6 s) and a low false positive rate (0.1%) in a real-time web environment. These findings confirm the practical applicability of behavioral authentication methods for IoT, where classical approaches are often ineffective. At the same time, several key implementation challenges were identified: the need for large volumes of training data, ensuring the privacy of behavioral patterns, integration into heterogeneous IoT ecosystems, and maintaining a balance between performance and accuracy. Promising directions for further research include optimizing algorithms for resource-constrained devices and applying federated learning to minimize the risks of data leakage. Thus, behavioral analytics combined with ML forms a new paradigm of authentication, capable of providing a high level of information security in the context of the rapid expansion of IoT.
Downloads
References
Ahmed, A. A. E., & Traore, I. (2007). A new biometric technology based on mouse dynamics. IEEE Transactions on Dependable and Secure Computing, 4(3), 165–179. https://doi.org/10.1109/TDSC.2007.1003
Banerjee, S., & Woodard, D. L. (2012). Biometric authentication and identification using keystroke dynamics: A survey. Journal of Pattern Recognition Research, 7(1), 116–139.
Bergadano, F., Gunetti, D., & Picardi, C. (2002). User authentication through keystroke dynamics. ACM Transactions on Information and System Security (TISSEC), 5(4), 367–397. https://doi.org/10.1145/581271.581274
Bours, P., & Mondal, S. (2015). Performance evaluation of continuous authentication systems. Information Security Technical Report, 19(1), 45–52. https://doi.org/10.1016/j.istr.2014.09.003
Cao, K., & Jain, A. K. (2018). Hacking mobile phones using 2D printed fingerprints. Michigan State University, Technical Report.
Chen, F., et al. (2020). Behavioral biometrics for continuous authentication in the Internet of Things era: An overview. IEEE Internet of Things Journal, 7(8), 7118–7131. https://doi.org/10.1109/JIOT.2020.2975332
Fridman, L., Weber, S., Greenstadt, R., & Kam, M. (2015). Active authentication on mobile devices via stylometry, application usage, web browsing, and GPS location. IEEE Systems Journal, 11(2), 513–521. https://doi.org/10.1109/JSYST.2015.2453215
Gamboa, H., & Fred, A. (2004). A behavioral biometric system based on human-computer interaction. In Biometric Authentication (pp. 381–392). Springer. https://doi.org/10.1007/978-3-540-25948-0_45
Gunetti, D., & Picardi, C. (2005). Keystroke analysis of free text. ACM Transactions on Information and System Security (TISSEC), 8(3), 312–347.
Killourhy, K. S., & Maxion, R. A. (2009). Comparing anomaly-detection algorithms for keystroke dynamics. In Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems & Networks (pp. 125–134). https://doi.org/10.1109/DSN.2009.5270348
Mondal, S., & Bours, P. (2015). A study on continuous authentication using a combination of keystroke and mouse biometrics. Neurocomputing, 230, 1–22. https://doi.org/10.1016/j.neucom.2016.12.007
Morales, A., Fierrez, J., & Ortega-Garcia, J. (2016). Keystroke dynamics recognition based on personal data: A comparative experimental evaluation. Pattern Recognition Letters, 79, 20–27. https://doi.org/10.1016/j.patrec.2016.03.007
Pusara, M., & Brodley, C. E. (2004). User re-authentication via mouse movements. In Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security (pp. 1–8). https://doi.org/10.1145/1029208.1029210
Revett, K., de Magalhães, S. T., & Santos, H. P. (2008). Behavioral biometrics: A remote access approach. International Journal of Information Security, 7, 243–258. https://doi.org/10.1007/s10207-008-0056-2
Shen, C., Cai, Z., Guan, X., & Du, X. (2013). A privacy-preserving protocol for secure and efficient user authentication. Computer Standards & Interfaces, 35(2), 240–246.
Shen, C., Guan, X., & Cai, Z. (2011). Continuous authentication for mouse dynamics: A pattern-growth approach. International Journal of Information Security, 10, 221–229. https://doi.org/10.1007/s10207-011-0120-2
Tiwari, A., & Gupta, A. (2022). A hybrid model for user authentication using keystroke and mouse dynamics with machine learning. Journal of Intelligent & Fuzzy Systems, 42(2), 1283–1296. https://doi.org/10.3233/JIFS-210883
Traore, I., Ahmed, A., & Woungang, I. (2013). Behavioral biometrics for continuous and transparent authentication. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 43(3), 531–546. https://doi.org/10.1109/TSMC.2012.2218613
Yang, Z., Hu, Y., Yu, Z., Wang, Y., & Li, J. (2020). Multi-modal behavioral biometrics authentication based on deep learning. IEEE Access, 8, 24690–24700. https://doi.org/10.1109/ACCESS.2020.2969195
Zhang, C., Sun, J., & Li, J. (2018). A deep learning-based behavior modeling approach for user identification in cloud systems. Future Generation Computer Systems, 86, 95–104. https://doi.org/10.1016/j.future.2018.03.028
Barchenko, N., Tolbatov, V., Lavryk, T., Obodiak, V., Shelehov, I., Tolbatov, A., Gnatyuk, S., & Tolbatova, O. (2022). Mathematical Model for Adaptive Technology in E-learning Systems. International Journal of Modern Education and Computer Science (IJMECS), 14(4), 1–15.
Lavrov, E., Tolbatov, A., Pasko, N., & Tolbatov, V. (2017). Cybersecurity of distributed information systems: The minimization of damage caused by errors of operators during group activity. Proceedings of the 2nd International Conference on Advanced Information and Communication Technologies (AICT 2017), Lviv, Ukraine, 83–87.
Lavrov, E., Tolbatov, A., Pasko, N., & Tolbatov, V. (2017). Ergonomic reserves for improving reliability of data processing in distributed banking systems. Proceedings of the 2nd International Conference on Advanced Information and Communication Technologies (AICT 2017), Lviv, Ukraine, 79–82.
Gnatyuk, S., Barchenko, N., Azarenko, O., Tolbatov, A., Obodiak, V., & Tolbatov, V. (2019). Ergonomic Support for Decision-Making Management of the Chief Information Security Officer. Proceedings of the 1st International Conference on Cyber Hygiene and Conflict Management in Global Information Networks (CyberConf 2019), Lviv, Ukraine, 459–471. Retrieved from http://ceur-ws.org/Vol-2588/
Legenkyi, M., Piankivska, L., & Tolbatov, A. (2024). Legal basis for cybersecurity in Ukraine under martial law. CH&CMiGIN, 3925. Retrieved from https://ceur-ws.org/Vol-3925/short10.pdf
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Євгеній Сокирка, Іван Кукулевський, Андрій Толбатов
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
