Australian Information Security Management Conference

Document Type

Conference Proceeding


Woodiss-Field, A. (2016). A hybrid behaviour recognition and intrusion detection method for mobile devices. In Johnstone, M. (Ed.). (2016). The Proceedings of 14th Australian Information Security Management Conference, 5-6 December, 2016, Edith Cowan University, Perth, Western Australia. (pp.37-47).


Behaviour-based authorisation is a technique that assesses the user of a device for authenticity by comparing their activities to previously established behaviour profiles. Passwords and other point of entry authorisation techniques are often inadequate for protecting mobile device security as they only provide an initial barrier to usage and do not operate continuously. Behaviour-based authorisation continuously assesses user authorisation, using the device owner’s profile for authentication. This research improves upon behaviour-based authorisation performance by applying a hybridised intrusion detection method. The constituent intrusion detection methods that were applied include context-awareness and self-correction. Performance of a behaviour-based authorisation method can be measured as either an increase in intrusion detection, without significantly increasing false positives or a decrease in false positives without totally compromising intrusion detection. This research found that an increase in performance can be achieved by the addition of intrusion detection components.