NONINTRUSIVE SMARTPHONE USER

VERIFICATION USING ANONYMZED

MULTIMODAL DATA
ABSTRACT:
Smartphone user verification is important because personal daily
activities are increasingly being held on the phone and the sensitive
information is logged on. Generally accepted user verification methods
are generally active, requiring a security token, including a user's
collaboration to gain access. Although popular, these methods maintain
heavy loads for smartphone users and remember token input at high
frequency. To prohibit this penalty and provide additional security for
users, we propose a new non-stop and continuous systemuser
verification framework, which can reduce the frequency required by a
user to input his / her security token. Using hidden Marquee models and
continuous trouble-rate checking, data collection and privacy leak risk is
anonymous and multifunction smartphone data with a low price, easy-
to-read verification without additional effort. With a comprehensive
estimate, we get a 94% higher rate and 74% of the detection of illegal
smartphone applications to ensure proper applications. In a practical
system, it can translate as a 74% frequency reduction in a security.
Using a preferred authentication method, the token is only at risk of
detecting roughly 6% hazardous infiltration, which is highly desirable.
ARCHITECTURE:

EXISTING SYSTEM:
OTP for any transaction on the web (with/without) consent.By simply
going into the notification bar (even if the phone’s locked) and then
copying the OTP by memorizing it and pasting it on the transaction
page.Although the consequences would be not good for me after that
XD.The Secure Shell protocol contains numerous features to avoid some
of the vulnerabilities with password authentication. Passwords are sent
as encrypted over the network, thus making it impossible to obtain the
password by capturing network traffic. Also, passwords are never stored
on the client. Empty passwords are not permitted by default (and they
are strongly discouraged).On the server side, the Secure Shell protocol
relies on the operating system to provide confidentiality of the user
passwords. SSH Tectia Server also supports limiting the number of
password retries, thereby making brute-force and dictionary attacks
difficult.However, Secure Shell does not protect against weak
passwords. If a malicious user is able to guess or obtain the password of
a legitimate user, the malicious user can authenticate and pose as the
legitimate user. Weak passwords can also be discovered by dictionary
attacks from a remote machine.

DISADVANTAGES

1. Security is entirely based on confidentiality and the

strength of the password.
2. Does not provide strong identity check (only based
on password).
3. Unknown otpsms

PROPOSED SYSTEM:
 Password authentication can also be used as a generic
authentication method. This is the case with SSH Tectia Connector when
all users use the same credentials. In this case only data encryption and
data integrity services are provided. The responsibility for user
authentication is left to the tunneled third-party application .One-time
password or OTP is a password that is applicable for only one login
session or transaction, on a computer system or different digital device.
OTPs ignore various shortcomings that are linked with traditional, i.e.,
static password-based authentication; a number of accomplishments also
integrates two-factor authentication by making sure that one-time
password needs access to something a person has plus something a
person already knows. The most significant advantage provided by OTPs
is that, in distinction with static passwords, they are not susceptible to
replay attacks. This means a prospective intruder who deals with an One
Time Password that was already used to log in to a service or to perform
a transaction will not be able to misuse it, as it will not be more suitable.
Another advantage is that a user, who uses the same password for
multiple systems, is not made susceptible on all of them, if the password
for one of these is gained by an intruder. A number of OTP systems also
target to make sure that a session cannot simply be intercepted or taken
off without knowledge of random data created during the earlier session,
thus decreasing the attack surface more. OTP is more secure than a static
password, especially a user-created password, which is typically
weak. OTPs may replace authentication login information or may
be used in addition to it, to add another layer of security. Main for
proposed system future checking macid in registration system and login
system macid.

ADVANTAGES:
1. It became very difficult when there is no network or no battery
on the phone/laptop or any other device.
2. Sometimes due to sever errors it takes very long time to get
OTP or sometimes OTP does not deliver to us.
3. If someone knows user name so using OTP they open
accounts, however that it least possibility only when you lose
phone.
4. Simple to deploy—since the operating system provides the user
accounts and password, almost no extra configuration is
needed.

MODULES:
The modules are implemented as given in the following ways
USER VERIFACTION
LOG CROSS CHECK
SESSION DETALIS
PICTORIAL REPRESENTATION

USER VERIFACTION
User authentication is performed in almost all human-to-computer
interactions other than guest and automatically logged in accounts.
Authentication authorizes human-to-machine interactions on both wired
and wireless networks to enable access to network and Internet
connected systems and resources.Traditionally, user authentication has
typically consisted of a simple ID and password combination.
Increasingly, however, more authentication factors are added to improve
the security of communications. An identity verification service is used
by businesses to ensure that users or customers provide information that
is associated with the identity of a real person. A non-documentary
identity verification requires the user or customer to provide personal
identity data which is sent to the identity verification service.For each
System user, we formulate the user verification problem as a binary
classification task. denote a trunk of multimodal sequential and
anonymized data retrieved for implicit user verification at time, where
denote a time segment of multimodal data acquired at and N is a
predefined number of segments retrieved for user verification. The
verification function produces two possible outcomes, i.e. accepted and
unaccepted

LOG CROSS CHECK

User location is sometimes considered a fourth factor for
authentication. The ubiquity of smartphones can help ease the burden
here: Most smartphones are equipped with GPS, enabling reasonable
surety confirmation of the login location. Lower surety measures include
the MAC address of the login point or physical presence verifications
through cards and other possession factor element We have a
requirement where only the trusted System devices should be allowed
into network. System username and password along with mac address
should be verified. System username is tied up with particular mac
address. Same System user id cannot be used some other personal
mobiles or trusted devices not allocated to. Foreg,System user 1 is
associated with mac1. System user 1 can only log into the System device
with the mac address mac1. He cannot log into other System devices.

SESSION DETALIS

Stored log in time and log out time for every user by making two
columns ‘login time’ and ‘logout time’ by adding the queries to login
and logout scripts to save the Windows time stamp and set its data
typeto current time stamp. This makes it store the time in the table
automatically each time a row is inserted.Database to keep the users and
the records of their login/logout times. You also need the Index file so
you can use the Session_OnEnd event to track the time when Session.
Abandon occurs or Session. Timeout expires. That is when a user hit
logout or quits application.

PICTORIAL REPRESENTATION
The analyses of proposed systems are calculated based on the User
session details. This can be measured with the help of graphical
notations such as pie chart, bar chart and line chart. The data can be
given in a dynamical data.

ALGORITHM:
SUPPORT VECTOR MACHINE (SVM)
“Support Vector Machine” (SVM) is a supervised machine
learning algorithm which can be used for both classification or
regression challenges. However, it is mostly used in classification
problems. In this algorithm, we plot each data item as a point in n-
dimensional space (where n is number of features you have) with the
value of each feature being the value of a particular coordinate. Then,
we perform classification by finding the hyper-plane that differentiate
the two classes very well (look at the below snapshot). The SVM
algorithm is implemented in practice using a kernel. The learning of the
hyperplane in linear SVM is done by transforming the problem using
some linear algebra, which is out of the scope of this introduction to
SVM. A powerful insight is that the linear SVM can be rephrased using
the inner product of any two given observations, rather than the
observations themselves. The inner product between two vectors is the
sum of the multiplication of each pair of input values. For example, the
inner product of the vectors [2, 3] and [5, 6] is 2*5 + 3*6 or 28. The
equation for making a prediction for a new input using the dot product
between the input (x) and each support vector (xi) is calculated as
follows:

f(x) = B0 + sum(ai * (x,xi))

HIDDEN MARKOV MODEL (HMM)

Hidden markov model is a statistical Markov model in which the

system being modeled is assumed to be a Markov process with
unobserved (i.e. hidden) states.

There are three types of weather: sunny , rainy , and foggy .

Let’s assume for the moment that the weather lasts all day, i.e., it
doesn’t change from rainy to sunny in the middle of the day. Weather
prediction is about trying to guess what the weather will be like
tomorrow based on the observations of the weather in the past (the
history). Let’s set up a statistical model for weather prediction: We
collect statistics on what the weather qn is like today (on day n)
depending on what the weatherwas like yesterday qn−1, the day
before qn−2, and so forth. We want to find the following conditional
probabilities

P(qn|qn−1, qn−2, ..., q1),

REQUIREMENT ANALYSIS

The project involved analyzing the design of few applications so as

to make the application more users friendly. To do so, it was really
important to keep the navigations from one screen to the other well
ordered and at the same time reducing the amount of typing the user
needs to do. In order to make the application more accessible, the
browser version had to be chosen so that it is compatible with most of
the Browsers.

REQUIREMENT SPECIFICATION

Functional Requirements

 Graphical User interface with the User.

Software Requirements

For developing the application the following are the Software

Requirements:
 1. Python

2. Django

3. MySql

4. MySqlclient

5. WampServer 2.4

Operating Systems supported

1. Windows 7

2. Windows XP

3. Windows 8

Technologies and Languages used to Develop

1. Python

Debugger and Emulator

 Any Browser (Particularly Chrome)
Hardware Requirements

For developing the application the following are the Hardware

Requirements:

 Processor: Pentium IV or higher

 RAM: 256 MB
  Space on Hard Disk: minimum 512MB

CONCLUSION

We have provided a new nonintrusive user verification framework,

built on multi-dimensional smartphone application data with low cost
monitoring on cellphone connections, WiFi, application usage, battery
status, and charging. Using the HMM designed to connect different
surveys, our proposed structure combines a variety of anonymous
smartphone data lines into a similar model. Continuous Problem Rate
Testing We will create our model in anonymous data to minimize the
risk of handling personal information when user samples are shared.
Online for centralized management and security services in the Cloud
Center Our nonintrusive method has considerable advantages to zero for
smartphone users when compared to active user verification systems that
require user PIN, anestrostro method, and biometrics, such as face and
fingerprint. This can also be done Smartphone fills in active verification
methods to enhance the business of securing and maintaining the
usability of user authentication. This implies the probability that users
can compromise their security tokens in their active checks. We
conducted extensive tests to evaluate the proposed method, and our
announced results are based on a variety of factors. Firstly, different
performance offers different sources in the verification structure in
different trial periods. This is our general observation We still have data
sources, the best performance we can achieve. By using five data
sources, the best accuracy for detecting illegal users is 94.4% and the
rate at 74.4% to ensure proper users. By using all the resources, we have
found that the length required to test data rows is reduced from 12% to
18%. Our endeavor helps us to use effective insights and justifications
for using our inactive user verification for real-world applications.