Intrusion Detection Using Mouse Dynamics

Compared to other behavioural biometrics, mouse dynamics is a less explored area. General purpose data sets containing unrestricted mouse usage data are usually not available. The Balabit data set was released in 2016 for a data science competition, which against the few subjects, can be considered the first adequate publicly available one. This paper presents a performance evaluation study on this data set for impostor detection. The existence of very short test sessions makes this data set challenging. Raw data were segmented into mouse move, point and click and drag and drop types of mouse actions, then several features were extracted. In contrast to keystroke dynamics, mouse data is not sensitive, therefore it is possible to collect negative mouse dynamics data and to use two-class classifiers for impostor detection. Both action- and set of actions-based evaluations were performed. Set of actions-based evaluation achieves 0.92 AUC on the test part of the data set. However, the same type of evaluation conducted on the training part of the data set resulted in maximal AUC (1) using only 13 actions. Drag and drop mouse actions proved to be the best actions for impostor detection.Comment: Submitted to IET Biometrics on 23 May 201

Augmenting Authentication with Context-Specific Behavioral Biometrics

Behavioral biometrics, being non-intrusive and cost-efficient, have the potential to assist user identification and authentication. However, user behaviors can vary significantly for different hardware, software, and applications. Research of behavioral biometrics is needed in the context of a specific application. Moreover, it is hard to collect user data in real world settings to assess how well behavioral biometrics can discriminate users. This work aims to improving authentication by behavioral biometrics obtained for user groups. User data of a webmail application are collected in a large-scale user experiment conducted on Amazon Mechanical Turk. Used in a continuous authentication scheme based on user groups, off-line identity attribution and online authentication analytic schemes are proposed to study the applicability of application-specific behavioral biometrics. Our results suggest that the useful user group identity can be effectively inferred from users’ operational interaction with the email application

Cognitive fingerprint authentication system

The Internet is becoming an integral part of nearly every aspect of our lives, protecting the identity and personal privacy is crucial for any web organizations. Unfortunately, although technologies such as cognitive-based user authentication systems toward the adoption of stronger and more secure authentication schemes have proven superiority over the traditional ones, traditional authentication systems such as username/password are still dominate in computer security systems since cognitive-based authentication systems require sophisticated equipments. On the other hand, traditional authentication systems couldn\u27t continuously monitor users after initial login. In this regard, we propose a novel cognitive keystroke authentication that could integrate in the general environment without additional equipment. The proposed system introduces a novel feature extraction algorithm as the cognitive fingerprint, so-called Subword. Our approach combine Subword Searching Algorithm with Weighted Support Vector Machine (WSVM) and Fusion Algorithm to discriminate between impostors and legitimate users with a high success rate. This scheme will continuously monitor the typing behavior of a user and will determine if the current user is still the genuine one or not in the background. Large scale experiment with 800 participants at Iowa State University gives evidence that our approach is feasible in practice, in terms of ease of use, improved security, and performance. The experimental results show that our system can achieve 1.4 percent Equal Error Rate (EER), which demonstrates the system\u27s effectiveness as a new authentication mechanism. Our study define a new feature extraction approach in keystroke dynamics, and we hope our work will inspire researchers looking for another good feature for authentication in keystroke dynamics

Authenticating computer access based on keystroke dynamics using a probabilistic neural network

Comunicação apresentada na 2nd Annual International Conference on Global e-Security, Docklands, UK, 20 - 22 April 2006.Most computer systems are secured using a login id and password. When computers are connected to the internet, they become more vulnerable as more machines are available to attack them. In this paper, we present a novel method for protecting/enhancing login protection that can reduce the potential threat of internet connected computers. Our method is based on and enhancement to login id/password based on keystroke dynamics. We employ a novel authentication algorithm based on a probabilistic neural network. Our results indicate that we can achieve an equal error rate of less than 5%, comparable to what is achieved with hardware based solutions such as fingerprint scanners and facial recognition systems

A Computational Academic Integrity Framework

L'abast creixent i la naturalesa canviant dels programes acadèmics constitueixen un repte per a la integritat dels protocols tradicionals de proves i exàmens. L'objectiu d'aquesta tesi és introduir una alternativa als enfocaments tradicionals d'integritat acadèmica, per a cobrir la bretxa del buit de l'anonimat i donar la possibilitat als instructors i administradors acadèmics de fer servir nous mitjans que permetin mantenir la integritat acadèmica i promoguin la responsabilitat, accessibilitat i eficiència, a més de preservar la privadesa i minimitzin la interrupció en el procés d'aprenentatge. Aquest treball té com a objectiu començar un canvi de paradigma en les pràctiques d'integritat acadèmica. La recerca en l'àrea de la identitat de l'estudiant i la garantia de l'autoria són importants perquè la concessió de crèdits d'estudi a entitats no verificades és perjudicial per a la credibilitat institucional i la seguretat pública. Aquesta tesi es basa en la noció que la identitat de l'alumne es compon de dues capes diferents, física i de comportament, en les quals tant els criteris d'identitat com els d'autoria han de ser confirmats per a mantenir un nivell raonable d'integritat acadèmica. Per a això, aquesta tesi s'organitza en tres seccions, cadascuna de les quals aborda el problema des d'una de les perspectives següents: (a) teòrica, (b) empírica i (c) pragmàtica.El creciente alcance y la naturaleza cambiante de los programas académicos constituyen un reto para la integridad de los protocolos tradicionales de pruebas y exámenes. El objetivo de esta tesis es introducir una alternativa a los enfoques tradicionales de integridad académica, para cubrir la brecha del vacío anonimato y dar la posibilidad a los instructores y administradores académicos de usar nuevos medios que permitan mantener la integridad académica y promuevan la responsabilidad, accesibilidad y eficiencia, además de preservar la privacidad y minimizar la interrupción en el proceso de aprendizaje. Este trabajo tiene como objetivo iniciar un cambio de paradigma en las prácticas de integridad académica. La investigación en el área de la identidad del estudiante y la garantía de la autoría son importantes porque la concesión de créditos de estudio a entidades no verificadas es perjudicial para la credibilidad institucional y la seguridad pública. Esta tesis se basa en la noción de que la identidad del alumno se compone de dos capas distintas, física y de comportamiento, en las que tanto los criterios de identidad como los de autoría deben ser confirmados para mantener un nivel razonable de integridad académica. Para ello, esta tesis se organiza en tres secciones, cada una de las cuales aborda el problema desde una de las siguientes perspectivas: (a) teórica, (b) empírica y (c) pragmática.The growing scope and changing nature of academic programmes provide a challenge to the integrity of traditional testing and examination protocols. The aim of this thesis is to introduce an alternative to the traditional approaches to academic integrity, bridging the anonymity gap and empowering instructors and academic administrators with new ways of maintaining academic integrity that preserve privacy, minimize disruption to the learning process, and promote accountability, accessibility and efficiency. This work aims to initiate a paradigm shift in academic integrity practices. Research in the area of learner identity and authorship assurance is important because the award of course credits to unverified entities is detrimental to institutional credibility and public safety. This thesis builds upon the notion of learner identity consisting of two distinct layers (a physical layer and a behavioural layer), where the criteria of identity and authorship must both be confirmed to maintain a reasonable level of academic integrity. To pursue this goal in organized fashion, this thesis has the following three sections: (a) theoretical, (b) empirical, and (c) pragmatic

A computational academic integrity framework

L'abast creixent i la naturalesa canviant dels programes acadèmics constitueixen un repte per a la integritat dels protocols tradicionals de proves i exàmens. L'objectiu d¿aquesta tesi és introduir una alternativa als enfocaments tradicionals d'integritat acadèmica, per a cobrir la bretxa del buit de l'anonimat i donar la possibilitat als instructors i administradors acadèmics de fer servir nous mitjans que permetin mantenir la integritat acadèmica i promoguin la responsabilitat, accessibilitat i eficiència, a més de preservar la privadesa i minimitzin la interrupció en el procés d'aprenentatge. Aquest treball té com a objectiu començar un canvi de paradigma en les pràctiques d'integritat acadèmica. La recerca en l'àrea de la identitat de l'estudiant i la garantia de l'autoria són importants perquè la concessió de crèdits d'estudi a entitats no verificades és perjudicial per a la credibilitat institucional i la seguretat pública. Aquesta tesi es basa en la noció que la identitat de l'alumne es compon de dues capes diferents, física i de comportament, en les quals tant els criteris d'identitat com els d'autoria han de ser confirmats per a mantenir un nivell raonable d'integritat acadèmica. Per a això, aquesta tesi s'organitza en tres seccions, cadascuna de les quals aborda el problema des d'una de les perspectives següents: (a) teòrica, (b) empírica i (c) pragmàtica.El creciente alcance y la naturaleza cambiante de los programas académicos constituyen un reto para la integridad de los protocolos tradicionales de pruebas y exámenes. El objetivo de esta tesis es introducir una alternativa a los enfoques tradicionales de integridad académica, para cubrir la brecha del vacío anonimato y dar la posibilidad a los instructores y administradores académicos de usar nuevos medios que permitan mantener la integridad académica y promuevan la responsabilidad, accesibilidad y eficiencia, además de preservar la privacidad y minimizar la interrupción en el proceso de aprendizaje. Este trabajo tiene como objetivo iniciar un cambio de paradigma en las prácticas de integridad académica. La investigación en el área de la identidad del estudiante y la garantía de la autoría son importantes porque la concesión de créditos de estudio a entidades no verificadas es perjudicial para la credibilidad institucional y la seguridad pública. Esta tesis se basa en la noción de que la identidad del alumno se compone de dos capas distintas, física y de comportamiento, en las que tanto los criterios de identidad como los de autoría deben ser confirmados para mantener un nivel razonable de integridad académica. Para ello, esta tesis se organiza en tres secciones, cada una de las cuales aborda el problema desde una de las siguientes perspectivas: (a) teórica, (b) empírica y (c) pragmática.The growing scope and changing nature of academic programmes provide a challenge to the integrity of traditional testing and examination protocols. The aim of this thesis is to introduce an alternative to the traditional approaches to academic integrity, bridging the anonymity gap and empowering instructors and academic administrators with new ways of maintaining academic integrity that preserve privacy, minimize disruption to the learning process, and promote accountability, accessibility and efficiency. This work aims to initiate a paradigm shift in academic integrity practices. Research in the area of learner identity and authorship assurance is important because the award of course credits to unverified entities is detrimental to institutional credibility and public safety. This thesis builds upon the notion of learner identity consisting of two distinct layers (a physical layer and a behavioural layer), where the criteria of identity and authorship must both be confirmed to maintain a reasonable level of academic integrity. To pursue this goal in organized fashion, this thesis has the following three sections: (a) theoretical, (b) empirical, and (c) pragmatic

Username and password verification through keystroke dynamics

Most computer systems rely on usernames and passwords as a mechanism for access control and authentication of authorized users. These credential sets offer marginal protection to a broad scope of applications with differing levels of sensitivity. Traditional physiological biometric systems such as fingerprint, face, and iris recognition are not readily deployable in remote authentication schemes. Keystroke dynamics provide the ability to combine the ease of use of username/password schemes with the increased trustworthiness associated with biometrics. Our research extends previous work on keystroke dynamics by incorporating shift-key patterns. The system is capable of operating at various points on a traditional ROC curve depending on application specific security needs. A 1% False Accept Rate is attainable at a 14% False Reject Rate for high security systems. An Equal Error Rate of 5% can be obtained in lower security systems. As a username password authentication scheme, our approach decreases the penetration rate associated with compromised passwords by 95--99%