Behavioral Authorization Framework for Cloud Environments using Deep Representation Learning and Discriminative Decision Modeling

Mandeep Kaur; Prachi Garg

doi:https://doi.org/10.14445/22315381/IJETT-V74I6P102

Research Article | Open Access | Download PDF

Volume 74 | Issue 6 | Year 2026 | Article Id. IJETT-V74I6P102 | DOI : https://doi.org/10.14445/22315381/IJETT-V74I6P102

Behavioral Authorization Framework for Cloud Environments using Deep Representation Learning and Discriminative Decision Modeling

Mandeep Kaur, Prachi Garg

Received	Revised	Accepted	Published
30 Jun 2025	07 Apr 2026	20 Apr 2026	27 Jun 2026

Citation :

Mandeep Kaur, Prachi Garg, "Behavioral Authorization Framework for Cloud Environments using Deep Representation Learning and Discriminative Decision Modeling," International Journal of Engineering Trends and Technology (IJETT), vol. 74, no. 6, pp. 17-32, 2026. Crossref, https://doi.org/10.14445/22315381/IJETT-V74I6P102

Abstract

The security of any system is as good as the authentication mechanism used to access it. Authentication verifies user identities in systems such as cloud applications, services, or data. Traditional passwords, Identity and Access Management (IAM), OTPs, and Multi-Factor Authentication (MFA) are increasingly vulnerable to cyber threats, including identity theft, account hijacking, and spoofing attacks due to advancements in AI, improvements in hardware, and inexpensive computational power. Considering these challenges, there is a need to develop mechanisms that do not rely solely on simple authentication techniques but are robust and continuous. Researchers are also focusing on developing the use of keystroke dynamics for authentication and developing AI and machine learning models for security. This work proposes a novel behavioral authentication framework based on a hybrid CNN_SVM model for continuous user verification, which secures against unauthorized access and breaches in Cloud environments. It considers various behavioral biometrics, including keystroke dynamics, touch patterns, pressure points, mouse movement patterns, touchpad pointer, device properties, time of use (when), usage pattern (how and frequency), and user interaction with the interface for real-time continuous user authentication. First, a comprehensive dataset of user behavior traits is collected, then preprocessed for feature normalization, and finally, dimensionality reduction and feature engineering are applied. It uses CNN to learn high-level behavioral patterns in the dataset, and an SVM classifier to optimize discrimination between legitimate users based on their activities. It evaluates and compares the use of SVM_CNN, RESNET_SVM, Random Forest, XGBoost, and Decision Tree machine learning models in validating the effectiveness of the proposed framework. The results show that the SVM_CNN model yields the best accuracy of 0.85, precision of 0.8658, recall of 0.8789, F1 score of 0.8723, and ROC AUC of 0.8855 compared to the existing approaches. The ablation study compares the criticality of different model components: data augmentation, pre-trained weights, batch normalization, and dropout regularization in classification accuracy. Moreover, the feature count analysis shows an accuracy gain of up to 0.85 when the behavioral features increased from 2 to 12. Experimental results confirm that the proposed hybrid CNN_SVM behavioral authentication system provides a robust, scalable, and intelligent solution. It achieved better performance due to the addition of reading, typing, time, and device-related features rather than only using typing-related features for authentication. It can be used as a continuous, frictionless, and adaptive authentication mechanism for cloud security by integrating it with their traditional mechanisms. If integrated accordingly, it shall ensure the detection of security anomalies and take proactive actions to strengthen the security, while supporting other regulatory compliance.

Keywords

Authentication, Behavioral Authentication, Cloud Computing, Machine Learning, Security.

References

[1] Prosper Kandabongee Yeng, Stephen D. Wolthusen, and Bian Yang, “Comparative Analysis of Threat Modeling Methods for Cloud Computing Towards Healthcare Security Practice,” International Journal of Advanced Computer Science and Applications (IJACSA), vol. 11, no. 11, pp. 772-784, 2020.
[CrossRef] [Publisher Link]

[2] Hamed Tabrizchi, and Marjan Kuchaki Rafsanjani, “A Survey on Security Challenges in Cloud Computing: Issues, Threats, and Solutions,” The Journal of Supercomputing, vol. 76, no. 12, pp. 9493-9532, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[3] Deepak Ranjan Panda, Susanta Kumar Behera, and Debasish Jena, “A Survey on Cloud Computing Security Issues, Attacks and Countermeasures,” Advances in Machine Learning and Computational Intelligence: Proceedings of ICMLCI, Singapore, pp. 513-524, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[4] Cheng Wang, Hangyu Zhu, and Bo Yang, “Composite Behavioral Modeling for Identity Theft Detection in Online Social Networks,” IEEE Transactions on Computational Social Systems vol. 9, no. 2, pp. 428-439, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[5] Xiang Zhang et al., “DeepKey: A Multimodal Biometric Authentication System via Deep Decoding Gaits and Brainwaves,” ACM Transactions on Intelligent Systems and Technology, vol. 11, no. 4, pp. 1-24, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[6] Cong Wang et al., “A Framework for Behavioral Biometric Authentication using Deep Metric Learning on Mobile Devices,” IEEE Transactions on Mobile Computing, vol. 22, no. 1, pp. 19-36, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[7] Zenan Wu et al., “Network User Behavior Authentication based on Hidden Markov Model,” 2021 IEEE International Conference on Information Communication and Software Engineering (ICICSE), Chengdu, China, pp. 76-82, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[8] Congcong Shi et al., “Identity Authentication with Association Behavior Sequence in Machine-to-Machine Mobile Terminals,” Mobile Networks and Applications, vol. 27, no. 1, pp. 96-108, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[9] Nandini Bhattacharya, “Behavioural Biometrics in Action,” Biometric Technology Today, vol. 2020, no. 10, pp. 8-11, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[10] Ulysses Monteiro, Behavioral Authentication is Changing the Game in Cybersecurity, LinkedIn, 2023. [Online]. Available: https://www.linkedin.com/pulse/2023-behavioral-authentication-changing-game-ulysses-monteiro

[11] What is Behavioral MFA and How Does it Work?, TwoSense, 2024. [Online]. Available: https://www.twosense.ai/blog/what-is-behavioral-mfa-and-how-does-it-work

[12] Cheng Wang et al., “Behavioral Authentication for Security and Safety,” Security and Safety, vol. 3, pp. 1-36, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[13] Mohanaad Shakir, “Applying Human Behaviour Recognition in Cloud Authentication Method-A Review,” Proceedings of International Conference on Emerging Technologies and Intelligent Systems ICETIS, Springer, Cham, vol. 322, pp. 565-578, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[14] ASEE Cybersecurity, Behavioral Biometrics Authentication: Use Cases and Benefits, 2023. [Online]. Available: https://cybersecurity.asee.io/blog/what-is-behavioral-biometrics-authentication/

[15] Ayman Mohamed Mostafa et al., “Strengthening Cloud Security: An Innovative Multi-Factor Multi-Layer Authentication Framework for Cloud user Authentication,” Applied Sciences, vol. 13, no. 19, pp. 1-24, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[16] Samuel Oladiipo Olabanji et al., “AI-Driven Cloud Security: Examining the Impact of user Behavior Analysis on Threat Detection,” Asian Journal of Research in Computer Science, vol. 17, no. 3, pp. 57-74, 2024.
[Google Scholar]

[17] Ioannis Stylios et al., “Behavioral Biometrics and Continuous user Authentication on Mobile Devices: A Survey,” Information Fusion, vol. 66, pp. 76-99, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[18] V. Vanitha Carmel, and D. Akila, “A Survey on Biometric Authentication Systems in Cloud to Combat Identity Theft,” Journal of Critical Reviews, vol. 7, no. 3, pp. 540-547, 2020.
[Google Scholar]

[19] Mariem Bouchaala, Rihab Boussada, and Leila Azouz Saidane, “I4AS-cloud: Identification, Authentication and Authorization as a Service Cloud Computing,” 2023 International Wireless Communications and Mobile Computing (IWCMC), Marrakesh, Morocco, pp. 1460-1465, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[20] What is Identity and Access Management (IAM)?, eMudhra Limited, 2023. [Online]. Available: https://emudhra.com/blog/identity-and-access-management

[21] What is Identity and Access Management (IAM)?, Oracle, 2021. [Online]. Available: https://www.oracle.com/in/security/identity-management/what-is-iam/

[22] Amjad Alsirhani, Mohamed Ezz, and Ayman Mohamed Mostafa, “Advanced Authentication Mechanisms for Identity and Access Management in Cloud Computing,” Computer Systems Science and Engineering, vol. 43, no. 3, pp. 967-984, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[23] A. Riyaz Fathima, and A. Saravanan, “An Approach to Cloud user Access Control using Behavioral Biometric-based Authentication and Continuous Monitoring,” International Journal of Advanced Technology and Engineering Exploration, vol. 11, no. 119, pp. 1469-1496, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[24] What is Cloud MFA (CFA)?, InstaSafe, 2024. [Online]. Available: https://instasafe.com/glossary/what-is-cloud-mfa/

[25] Vivek Kumar, and Sangram Ray, “Applying Efforts for Behavior-based Authentication for Mobile Cloud Security,” Proceedings of the International Conference on Computational Intelligence and Sustainable Technologies, ICoCIST, pp. 589-601, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[26] Mohammed Ennahbaoui, and Hind Idrissi, “A New Agent-based Framework Combining Authentication, Access Control and user Behavior Analysis for Secure and Flexible Cloud-based Healthcare Environment,” Concurrency and Computation: Practice and Experience, vol. 34, no. 5, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[27] Andrey Yu. Iskhakov, Mark V. Mamchenko, and Sergey P. Khripunov, “Enhanced user Authentication Algorithm based on Behavioral Analytics in Web-based Cyberphysical Systems,” 2023 International Russian Smart Industry Conference (SmartIndustryCon), Sochi, Russian Federation, pp. 253-258, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[28] Manjunath Reddy, and Anusha Bodepudi, “Analysis of Cloud based Keystroke Dynamics for Behavioral Biometrics using Multiclass Machine Learning,” ResearchBerg Review of Science and Technology, vol. 2, no. 1, pp. 120-135, 2022.
[Google Scholar] [Publisher Link]

[29] Hosam El- El-Sofany, “A Proposed Biometric Authentication Model to Improve Cloud Systems Security,” Computer Systems Science and Engineering, vol. 43, no. 2, pp. 573-589, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[30] Sanagana Durga Prasada Rao, “Preventing Insider Threats in Cloud Environments: Anomaly Detection and Behavioral Analysis Approaches,” Science Technology and Human Values, vol. 4, no. 1, pp. 225-232, 2023.
[Google Scholar]

[31] Mohammed Fawzi Sheet, and Melad Jader Saeed, “Behavioral Features of users as a Security Solution in Cloud Computing,” 2022 8^th International Conference on Contemporary Information Technology and Mathematics (ICCITM), Mosul, Iraq, pp. 25-29, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[32] Bonthala Prabhanjan Yadav et al., “A Coherent and Privacy-Protecting Biometric Authentication Strategy in Cloud Computing,” IOP Conference Series: Materials Science and Engineering, vol. 981, no. 2, pp. 1-7, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[33] Teena Joseph et al., “RETRACTED ARTICLE: A Multimodal Biometric Authentication Scheme based on Feature Fusion for Improving Security in Cloud Environment,” Journal of Ambient Intelligence and Humanized Computing, vol. 12, no. 6, pp. 6141-6149, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[34] Sajad Einy, Cemil Oz, and Yahya Dorostkar Navaei, “IoT Cloud-based Framework for Face Spoofing Detection with Deep Multicolor Feature Learning Model,” Journal of Sensors, vol. 2021, no. 1, pp. 1-18, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[35] Neeru Bala, Rashmi Gupta, and Anil Kumar, “Multimodal Biometric System based on Fusion Techniques: A Review,” Information Security Journal: A Global Perspective, vol. 31, no. 3, pp. 289-337, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[36] B. Mahalakshmi, and Beulah David, “An Analytical Survey on Multi-Biometric Authentication System for Enhancing the Security Levels in Cloud Computing,” 2023 Eighth International Conference on Science Technology Engineering and Mathematics (ICONSTEM), Chennai, India, pp. 1-6, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[37] R. Stockton Gaines et al., “Authentication by Keystroke Timing: Some Preliminary Results,” RAND Corporation, 1980. [Google Scholar] [Publisher Link]

[38] Alvin Andrean, Manoj Jayabalan, and Vinesh Thiruchelvam, “Keystroke Dynamics based user Authentication using Deep Multilayer Perceptron,” International Journal of Machine Learning and Computing, vol. 10, no. 1, pp. 134-139, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[39] Aditya Subash et al., “Mouse Dynamics based Online Fraud Detection System for Online Education Platforms,” Proceedings of Ninth International Congress on Information and Communication Technology, ICICT, London, United Kingdom, vol. 10, pp. 257-269, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[40] Abir Mhenni et al., “Double Serial Adaptation Mechanism for Keystroke Dynamics Authentication based on a Single Password,” Computers and Security, vol. 83, pp. 151-166, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[41] Aditya Subash, and Insu Song, “Real Time Behavioral Biometric Information Security System for Assessment Fraud Detection,” 2021 IEEE International Conference on Computing (ICOCO), Kuala Lumpur, Malaysia, pp. 186-191, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[42] Emanuele Maiorana, Himanka Kalita, and Patrizio Campisi, “Mobile Keystroke Dynamics for Biometric Recognition: An Overview,” IET Biometrics, vol. 10, no. 1, pp. 1-23, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[43] Dilshan Senarath et al., “Re Evaluating Keystroke Dynamics for Continuous Authentication,” 2023 3^rdInternational Conference on Advanced Research in Computing (ICARC), Belihuloya, Sri Lanka, pp. 202-207, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[44] Kim-Ngan Nguyen et al., “Spatio Temporal Dual Attention Transformer for Time Series Behavioral Biometrics,” IEEE Transactions on Biometrics, Behavior, and Identity Science, vol. 6, no. 4, pp. 591-601, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[45] Alejandro Acien et al., “TypeNet: Deep Earning Keystroke Biometrics,” IEEE Transactions on Biometrics, Behavior, and Identity Science, vol. 4, no. 1, pp. 57-70, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[46] Giuseppe Stragapede et al., “Typeformer: Transformers for Mobile Keystroke Biometrics,” Neural Computing and Applications, vol. 36, no. 29, pp. 18531-18545, 2024.
[CrossRef] [Google Scholar] [Publisher Link]