{"id":"https://openalex.org/W4414079974","doi":"https://doi.org/10.1109/tifs.2025.3607232","title":"Enhancing the Security of One-Tap Authentication Services via Dynamic Application Identification","display_name":"Enhancing the Security of One-Tap Authentication Services via Dynamic Application Identification","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4414079974","doi":"https://doi.org/10.1109/tifs.2025.3607232"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2025.3607232","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3607232","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5060042554","display_name":"Di Liu","orcid":"https://orcid.org/0000-0002-4365-2768"},"institutions":[{"id":"https://openalex.org/I37448385","display_name":"China People's Public Security University","ror":"https://ror.org/05twya590","country_code":"CN","type":"education","lineage":["https://openalex.org/I37448385"]},{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Di Liu","raw_affiliation_strings":["School of Criminal Investigation, People&#x2019;s Public Security University of China, Beijing, China","School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Criminal Investigation, People&#x2019;s Public Security University of China, Beijing, China","institution_ids":["https://openalex.org/I37448385"]},{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100324971","display_name":"Dawei Li","orcid":"https://orcid.org/0000-0003-1548-2666"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dawei Li","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110749493","display_name":"Yiming Guo","orcid":"https://orcid.org/0009-0000-5725-5344"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuxiao Guo","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100723626","display_name":"Ying Guo","orcid":"https://orcid.org/0000-0002-6429-9297"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ying Guo","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102611895","display_name":"Ruinan Hu","orcid":null},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruinan Hu","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100425107","display_name":"Jianwei Liu","orcid":"https://orcid.org/0000-0003-2965-3518"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianwei Liu","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065421587","display_name":"Song Bian","orcid":"https://orcid.org/0000-0003-0467-6203"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Song Bian","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070236605","display_name":"Xuhua Ding","orcid":"https://orcid.org/0000-0003-3974-590X"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Xuhua Ding","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Bras Basah, Singapore","School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Bras Basah, Singapore","institution_ids":["https://openalex.org/I79891267"]},{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018335177","display_name":"Yizhong Liu","orcid":"https://orcid.org/0000-0002-6129-3260"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yizhong Liu","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083017828","display_name":"Zhenyu Guan","orcid":"https://orcid.org/0000-0002-3959-338X"},"institutions":[{"id":"https://openalex.org/I82880672","display_name":"Beihang University","ror":"https://ror.org/00wk2mp56","country_code":"CN","type":"education","lineage":["https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhenyu Guan","raw_affiliation_strings":["School of Cyber Science and Technology, Beihang University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology, Beihang University, Beijing, China","institution_ids":["https://openalex.org/I82880672"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5060042554"],"corresponding_institution_ids":["https://openalex.org/I37448385","https://openalex.org/I82880672"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.31302157,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"20","issue":null,"first_page":"10231","last_page":"10245"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9233999848365784,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9233999848365784,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.657800018787384},{"id":"https://openalex.org/keywords/backward-compatibility","display_name":"Backward compatibility","score":0.5608000159263611},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5231000185012817},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.46889999508857727},{"id":"https://openalex.org/keywords/message-authentication-code","display_name":"Message authentication code","score":0.4348999857902527},{"id":"https://openalex.org/keywords/service-provider","display_name":"Service provider","score":0.40869998931884766},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.40630000829696655},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.3993000090122223},{"id":"https://openalex.org/keywords/mobile-phone","display_name":"Mobile phone","score":0.3939000070095062}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8913999795913696},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.657800018787384},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.57669997215271},{"id":"https://openalex.org/C20574231","wikidata":"https://www.wikidata.org/wiki/Q844605","display_name":"Backward compatibility","level":2,"score":0.5608000159263611},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5231000185012817},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47290000319480896},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.46889999508857727},{"id":"https://openalex.org/C141492731","wikidata":"https://www.wikidata.org/wiki/Q1052621","display_name":"Message authentication code","level":3,"score":0.4348999857902527},{"id":"https://openalex.org/C116537","wikidata":"https://www.wikidata.org/wiki/Q2169973","display_name":"Service provider","level":3,"score":0.40869998931884766},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.40630000829696655},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.3993000090122223},{"id":"https://openalex.org/C2777421447","wikidata":"https://www.wikidata.org/wiki/Q17517","display_name":"Mobile phone","level":2,"score":0.3939000070095062},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.3756999969482422},{"id":"https://openalex.org/C144543869","wikidata":"https://www.wikidata.org/wiki/Q2738570","display_name":"Mobile computing","level":2,"score":0.352400004863739},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.34769999980926514},{"id":"https://openalex.org/C184297639","wikidata":"https://www.wikidata.org/wiki/Q177765","display_name":"Biometrics","level":2,"score":0.33180001378059387},{"id":"https://openalex.org/C95491727","wikidata":"https://www.wikidata.org/wiki/Q992968","display_name":"Mobile telephony","level":3,"score":0.3294999897480011},{"id":"https://openalex.org/C2778707766","wikidata":"https://www.wikidata.org/wiki/Q202064","display_name":"Phone","level":2,"score":0.32739999890327454},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.3127000033855438},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.3068999946117401},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3052999973297119},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.29350000619888306},{"id":"https://openalex.org/C2779618445","wikidata":"https://www.wikidata.org/wiki/Q1640628","display_name":"Network service","level":2,"score":0.2872999906539917},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.2870999872684479},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2838999927043915},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.2809999883174896},{"id":"https://openalex.org/C153646914","wikidata":"https://www.wikidata.org/wiki/Q535695","display_name":"Cellular network","level":2,"score":0.2808000147342682},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.271699994802475},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.2637999951839447},{"id":"https://openalex.org/C2776362682","wikidata":"https://www.wikidata.org/wiki/Q568494","display_name":"Single sign-on","level":3,"score":0.26260000467300415}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2025.3607232","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3607232","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W1582716752","https://openalex.org/W1965555277","https://openalex.org/W1972720351","https://openalex.org/W1998227249","https://openalex.org/W2008056655","https://openalex.org/W2010019780","https://openalex.org/W2054535568","https://openalex.org/W2123382811","https://openalex.org/W2190207511","https://openalex.org/W2294912729","https://openalex.org/W2295598076","https://openalex.org/W2334842536","https://openalex.org/W2598853221","https://openalex.org/W2734150319","https://openalex.org/W2741727270","https://openalex.org/W2772333951","https://openalex.org/W2802502226","https://openalex.org/W2891699316","https://openalex.org/W2957423437","https://openalex.org/W2981318525","https://openalex.org/W2989724224","https://openalex.org/W3007562398","https://openalex.org/W3020886002","https://openalex.org/W3135988818","https://openalex.org/W4206029699","https://openalex.org/W4220902152","https://openalex.org/W4226055875","https://openalex.org/W4287849796","https://openalex.org/W4324007193","https://openalex.org/W4363651907","https://openalex.org/W4384917034","https://openalex.org/W4384948735","https://openalex.org/W4385819871","https://openalex.org/W4390703055"],"related_works":["https://openalex.org/W3216707083","https://openalex.org/W2060145807","https://openalex.org/W2912135041","https://openalex.org/W4248806346","https://openalex.org/W2166668397","https://openalex.org/W2116285675","https://openalex.org/W1533309011","https://openalex.org/W3048245612","https://openalex.org/W1980599209","https://openalex.org/W1555715488"],"abstract_inverted_index":{"The":[0,214],"One-Tap":[1],"Authentication":[2],"(OTAuth)":[3],"service":[4,41],"enables":[5],"users":[6],"to":[7,29,67,78,91,103,117,130,220],"quickly":[8],"log":[9],"in":[10,59],"or":[11],"sign":[12],"up":[13],"for":[14],"app":[15,72,230],"accounts":[16],"using":[17],"their":[18],"phone":[19],"number.":[20],"OTAuth":[21,40,61,101],"provides":[22],"a":[23,53,69,75,109,205,226],"more":[24],"secure":[25],"and":[26,31,81,149,154,181,197,209,233],"convenient":[27],"alternative":[28],"password-based":[30],"Short":[32],"Message":[33],"Service":[34],"(SMS)-based":[35],"authentication":[36],"schemes.":[37],"Consequently,":[38],"the":[39,60,92,98,119,126,136,145,151,161,171],"has":[42],"been":[43],"adopted":[44],"by":[45,175],"numerous":[46],"Mobile":[47],"Network":[48],"Operators":[49],"(MNOs)":[50],"worldwide.":[51],"However,":[52],"high":[54],"severity":[55],"vulnerability":[56],"remains":[57],"unaddressed":[58],"service,":[62],"which":[63],"allows":[64],"an":[65,210],"attacker":[66],"access":[68],"victim\u2019s":[70],"various":[71],"accounts,":[73],"posing":[74],"significant":[76],"risk":[77],"user":[79],"privacy":[80],"data":[82],"security.":[83],"In":[84],"this":[85,105,123],"paper,":[86],"we":[87],"present":[88],"LoadShow,":[89],"which,":[90],"best":[93],"of":[94,122,128,158,163,166,173],"our":[95],"knowledge,":[96],"is":[97,142],"first":[99],"security-enhanced":[100],"scheme":[102],"address":[104,118],"vulnerability.":[106],"We":[107,169,186],"propose":[108],"novel":[110],"dynamic":[111],"application":[112,140],"identification":[113,141],"technique":[114],"that":[115],"aims":[116],"root":[120],"cause":[121],"vulnerability,":[124],"i.e.,":[125],"inability":[127],"MNOs":[129],"distinguish":[131],"between":[132,223],"different":[133,195],"applications":[134,159,224],"on":[135,144,192,225],"same":[137],"device.":[138],"Specifically,":[139],"based":[143],"hardware":[146],"load":[147,156],"side-channel":[148],"captures":[150],"unique":[152],"CPU":[153],"GPU":[155],"characteristics":[157],"through":[160],"sequence":[162],"timing":[164],"values":[165],"fingerprinting":[167],"functions.":[168],"evaluate":[170,188],"effectiveness":[172],"LoadShow":[174,199],"accuracy,":[176,203],"False":[177],"Positive":[178,183],"Rate":[179,184],"(FPR),":[180],"True":[182],"(TPR).":[185],"also":[187],"its":[189],"multi-platform":[190],"compatibility":[191],"devices":[193],"with":[194,204],"architectures":[196],"models.":[198],"achieves":[200],"over":[201],"90%":[202,208],"TPR":[206],"exceeding":[207],"FPR":[211],"below":[212],"1%.":[213],"evaluation":[215],"results":[216],"demonstrate":[217],"LoadShow\u2019s":[218],"capability":[219],"effectively":[221],"differentiate":[222],"device,":[227],"defend":[228],"against":[229],"impersonation":[231],"attacks,":[232],"reliably":[234],"identify":[235],"legitimate":[236],"applications.":[237]},"counts_by_year":[],"updated_date":"2026-03-07T16:01:11.037858","created_date":"2025-10-10T00:00:00"}