{"id":"https://openalex.org/W4391842999","doi":"https://doi.org/10.1145/3648372","title":"MRAAC: A Multi-stage Risk-aware Adaptive Authentication and Access Control Framework for Android","display_name":"MRAAC: A Multi-stage Risk-aware Adaptive Authentication and Access Control Framework for Android","publication_year":2024,"publication_date":"2024-02-15","ids":{"openalex":"https://openalex.org/W4391842999","doi":"https://doi.org/10.1145/3648372"},"language":"en","primary_location":{"id":"doi:10.1145/3648372","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3648372","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5033929481","display_name":"Jiayi Chen","orcid":"https://orcid.org/0000-0002-0722-8150"},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Jiayi Chen","raw_affiliation_strings":["University of Waterloo, Waterloo, Canada"],"affiliations":[{"raw_affiliation_string":"University of Waterloo, Waterloo, Canada","institution_ids":["https://openalex.org/I151746483"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102843571","display_name":"Urs Hengartner","orcid":"https://orcid.org/0000-0002-9840-0015"},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Urs Hengartner","raw_affiliation_strings":["University of Waterloo, Waterloo, Canada"],"affiliations":[{"raw_affiliation_string":"University of Waterloo, Waterloo, Canada","institution_ids":["https://openalex.org/I151746483"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103029246","display_name":"Hassan Khan","orcid":"https://orcid.org/0000-0003-2946-5920"},"institutions":[{"id":"https://openalex.org/I79817857","display_name":"University of Guelph","ror":"https://ror.org/01r7awg59","country_code":"CA","type":"education","lineage":["https://openalex.org/I79817857"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Hassan Khan","raw_affiliation_strings":["University of Guelph, Guelph, Canada"],"affiliations":[{"raw_affiliation_string":"University of Guelph, Guelph, Canada","institution_ids":["https://openalex.org/I79817857"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5033929481"],"corresponding_institution_ids":["https://openalex.org/I151746483"],"apc_list":null,"apc_paid":null,"fwci":0.8142,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.72913996,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"27","issue":"2","first_page":"1","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9872999787330627,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7454131841659546},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6368276476860046},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.5597051382064819},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.47766098380088806},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.43152618408203125},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1458013653755188}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7454131841659546},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6368276476860046},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.5597051382064819},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47766098380088806},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.43152618408203125},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1458013653755188}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3648372","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3648372","pdf_url":null,"source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W1483327747","https://openalex.org/W1503444668","https://openalex.org/W1606813229","https://openalex.org/W1968660590","https://openalex.org/W1979834178","https://openalex.org/W2006536389","https://openalex.org/W2028915091","https://openalex.org/W2112995928","https://openalex.org/W2147658271","https://openalex.org/W2151854612","https://openalex.org/W2278569723","https://openalex.org/W2580439803","https://openalex.org/W2801816216","https://openalex.org/W2881632231","https://openalex.org/W2898732531","https://openalex.org/W2949197199","https://openalex.org/W2953371218","https://openalex.org/W2972978455","https://openalex.org/W3014370958","https://openalex.org/W3160042174","https://openalex.org/W4243858748","https://openalex.org/W4246091810","https://openalex.org/W4246939875","https://openalex.org/W4248372054","https://openalex.org/W4297955515","https://openalex.org/W6652022918","https://openalex.org/W6677005141"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W4391913857","https://openalex.org/W2350741829","https://openalex.org/W2912135041"],"abstract_inverted_index":{"Adaptive":[0],"authentication":[1,32,56,79,107,225],"enables":[2,211],"smartphones":[3],"and":[4,10,18,34,64,73,80,104,114,187,201,217,233],"enterprise":[5,216],"apps":[6,126],"to":[7,12,29,37,53,99,123,127,146,148,195,221],"decide":[8],"when":[9],"how":[11],"authenticate":[13],"users":[14],"based":[15,109,135],"on":[16,110,136,227],"contextual":[17],"behavioral":[19],"factors.":[20],"In":[21],"practice,":[22],"a":[23,75,149,155],"system":[24],"may":[25,50],"employ":[26],"multiple":[27,97],"policies":[28,95],"adapt":[30],"its":[31],"mechanisms":[33,108],"access":[35,69,81,118],"controls":[36],"various":[38,212],"scenarios.":[39],"However,":[40],"existing":[41,60,142],"approaches":[42,61],"suffer":[43],"from":[44],"contradictory":[45],"or":[46],"insecure":[47],"adaptations,":[48],"which":[49,85],"enable":[51,124],"attackers":[52],"bypass":[54],"the":[55,87,129,197],"system.":[57],"Besides,":[58],"most":[59],"are":[62,144],"inflexible":[63],"do":[65],"not":[66],"provide":[67,222],"desirable":[68],"controls.":[70],"We":[71,164,192],"design":[72],"build":[74],"multi-stage":[76],"risk-aware":[77],"adaptive":[78,224],"control":[82],"framework":[83],"(MRAAC),":[84],"provides":[86,121],"following":[88],"novel":[89],"contributions:":[90],"Multi-stage:":[91],"MRAAC":[92,120,153,169,210],"organizes":[93],"adaptation":[94],"in":[96],"stages":[98],"handle":[100],"different":[101],"risk":[102,138,162],"types":[103],"progressively":[105],"adapts":[106],"context,":[111],"resource":[112],"sensitivity,":[113],"user":[115],"authenticity.":[116],"Appropriate":[117],"control:":[119],"libraries":[122],"sensitive":[125],"manage":[128],"availability":[130],"of":[131,157,168,180,204],"their":[132],"in-app":[133],"resources":[134],"MRAAC\u2019s":[137],"awareness.":[139],"Extensible:":[140],"While":[141],"proposals":[143],"tailored":[145],"cater":[147],"single":[150],"use":[151,158,175],"case,":[152],"supports":[154],"variety":[156],"cases":[159],"with":[160,230],"custom":[161],"models.":[163],"exemplify":[165],"these":[166],"advantages":[167],"by":[170],"deploying":[171],"it":[172],"for":[173,190],"three":[174],"cases:":[176],"an":[177],"enhanced":[178],"version":[179],"Android":[181,229],"Smart":[182],"Lock,":[183],"guest-aware":[184],"continuous":[185],"authentication,":[186],"corporate":[188],"app":[189,219],"BYOD.":[191],"conduct":[193],"experiments":[194],"quantify":[196],"CPU,":[198],"memory,":[199],"latency,":[200],"battery":[202,234],"performance":[203],"MRAAC.":[205],"Our":[206],"evaluation":[207],"shows":[208],"that":[209],"stakeholders":[213],"(device":[214],"manufacturers,":[215],"secure":[218],"developers)":[220],"complex":[223],"workflows":[226],"COTS":[228],"low":[231],"processing":[232],"overhead.":[235]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}