A framework for behavior-based detection of user substitution in a mobile context

Personal mobile devices, such as mobile phones, smartphones, and communicators can be easily lost or stolen. Due to the functional abilities of these devices, their use by unintended persons may result in severe security breaches concerning private or corporate data and services. Organizations develop their security policy and employ preventive techniques to combat unauthorized use. Current solutions, however, are still breakable and there is a strong need for means to detect user substitution when it happens. A crucial issue in designing such means is to define the measures to be monitored.In this paper, a structured conceptual framework for mobile-user substitution detection is proposed. The framework is based on the idea that some aspects of user behavior and environment reflect the user's personality in a recognizable way. These hypothesized aspects are further studied in order to identify the characteristics describing the individuality of these aspects, and to identify the measures whereby the characteristics can be represented.The main constructs of the framework are defined and explained in the paper; these include the components describing individuality of user behavior and environment, and the technical components needed to implement user substitution detection based on this individuality. The paper also provides a tentative list of individual behavioral and environmental aspects, along with characteristics and measures to represent them. The contemporary solutions, aimed at user substitution detection, are analyzed from the perspective of the framework, and the needs for further research are discussed.