CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition

Architectures relying on continuous authentication require a secure way to challenge the user's identity without trusting that the Continuous Authentication Subsystem (CAS) has not been compromised, i.e., that the response to the layer which manages service/application access is not fake. In this paper, we introduce the CALIPER protocol, in which a separate Continuous Access Verification Entity (CAVE) directly challenges the user's identity in a continuous authentication regime. Instead of simply returning authentication probabilities or confidence scores, CALIPER's CAS uses live hard and soft biometric samples from the user to extract a cryptographic private key embedded in a challenge posed by the CAVE. The CAS then uses this key to sign a response to the CAVE. CALIPER supports multiple modalities, key lengths, and security levels and can be applied in two scenarios: One where the CAS must authenticate its user to a CAVE running on a remote server (device-server) for access to remote application data, and another where the CAS must authenticate its user to a locally running trusted computing module (TCM) for access to local application data (device-TCM). We further demonstrate that CALIPER can leverage device hardware resources to enable privacy and security even when the device's kernel is compromised, and we show how this authentication protocol can even be expanded to obfuscate direct kernel object manipulation (DKOM) malwares.Comment: Accepted to CVPR 2016 Biometrics Worksho

Investigating the impact of combining handwritten signature and keyboard keystroke dynamics for gender prediction

© 2019 IEEE. The use of soft-biometric data as an auxiliary tool on user identification is already well known. Gender, handorientation and emotional state are some examples which can be called soft-biometrics. These soft-biometric data can be predicted directly from the biometric templates. It is very common to find researches using physiological modalities for soft-biometric prediction, but behavioural biometric is often not well explored for this context. Among the behavioural biometric modalities, keystroke dynamics and handwriting signature have been widely explored for user identification, including some soft-biometric predictions. However, in these modalities, the soft-biometric prediction is usually done in an individual way. In order to fill this space, this study aims to investigate whether the combination of those two biometric modalities can impact the performance of a soft-biometric data, gender prediction. The main aim is to assess the impact of combining data from two different biometric sources in gender prediction. Our findings indicated gains in terms of performance for gender prediction when combining these two biometric modalities, when compared to the individual ones

Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication

We investigate whether a classifier can continuously authenticate users based on the way they interact with the touchscreen of a smart phone. We propose a set of 30 behavioral touch features that can be extracted from raw touchscreen logs and demonstrate that different users populate distinct subspaces of this feature space. In a systematic experiment designed to test how this behavioral pattern exhibits consistency over time, we collected touch data from users interacting with a smart phone using basic navigation maneuvers, i.e., up-down and left-right scrolling. We propose a classification framework that learns the touch behavior of a user during an enrollment phase and is able to accept or reject the current user by monitoring interaction with the touch screen. The classifier achieves a median equal error rate of 0% for intra-session authentication, 2%-3% for inter-session authentication and below 4% when the authentication test was carried out one week after the enrollment phase. While our experimental findings disqualify this method as a standalone authentication mechanism for long-term authentication, it could be implemented as a means to extend screen-lock time or as a part of a multi-modal biometric authentication system.Comment: to appear at IEEE Transactions on Information Forensics & Security; Download data from http://www.mariofrank.net/touchalytics

Continuous user authentication featuring keystroke dynamics based on robust recurrent confidence model and ensemble learning approach

User authentication is considered to be an important aspect of any cybersecurity program. However, one-time validation of user’s identity is not strong to provide resilient security throughout the user session. In this aspect, continuous monitoring of session is necessary to ensure that only legitimate user is accessing the system resources for entire session. In this paper, a true continuous user authentication system featuring keystroke dynamics behavioural biometric modality has been proposed and implemented. A novel method of authenticating the user on each action has been presented which decides the legitimacy of current user based on the confidence in the genuineness of each action. The 2-phase methodology, consisting of ensemble learning and robust recurrent confidence model(R-RCM), has been designed which employs a novel perception of two thresholds i.e., alert and final threshold. Proposed methodology classifies each action based on the probability score of ensemble classifier which is afterwards used along with hyperparameters of R-RCM to compute the current confidence in the genuineness of user. System decides if user can continue using the system or not based on new confidence value and final threshold. However, it tends to lock out imposter user more quickly if it reaches the alert threshold. Moreover, system has been validated with two different experimental settings and results are reported in terms of mean average number of genuine actions (ANGA) and average number of imposter actions(ANIA), whereby achieving the lowest mean ANIA with experimental setting II

Continuous user authentication featuring keystroke dynamics based on robust recurrent confidence model and ensemble learning approach

User authentication is considered to be an important aspect of any cybersecurity program. However, one-time validation of user’s identity is not strong to provide resilient security throughout the user session. In this aspect, continuous monitoring of session is necessary to ensure that only legitimate user is accessing the system resources for entire session. In this paper, a true continuous user authentication system featuring keystroke dynamics behavioural biometric modality has been proposed and implemented. A novel method of authenticating the user on each action has been presented which decides the legitimacy of current user based on the confidence in the genuineness of each action. The 2-phase methodology, consisting of ensemble learning and robust recurrent confidence model(R-RCM), has been designed which employs a novel perception of two thresholds i.e., alert and final threshold. Proposed methodology classifies each action based on the probability score of ensemble classifier which is afterwards used along with hyperparameters of R-RCM to compute the current confidence in the genuineness of user. System decides if user can continue using the system or not based on new confidence value and final threshold. However, it tends to lock out imposter user more quickly if it reaches the alert threshold. Moreover, system has been validated with two different experimental settings and results are reported in terms of mean average number of genuine actions (ANGA) and average number of imposter actions(ANIA), whereby achieving the lowest mean ANIA with experimental setting II