1,020 research outputs found
Continuous Stress Monitoring under Varied Demands Using Unobtrusive Devices
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.This research aims to identify a feasible model to predict a learner’s stress in an online learning platform. It is desirable to produce a cost-effective, unobtrusive and objective method to measure a learner’s emotions. The few signals produced by mouse and keyboard could enable such solution to measure real world individual’s affective states. It is also important to ensure that the measurement can be applied regardless the type of task carried out by the user. This preliminary research proposes a stress classification method using mouse and keystroke dynamics to classify the stress levels of 190 university students when performing three different e-learning activities. The results show that the stress measurement based on mouse and keystroke dynamics is consistent with the stress measurement according to the changes of duration spent between two consecutive questions. The feedforward back-propagation neural network achieves the best performance in the classification
User Authentication and Supervision in Networked Systems
This thesis considers the problem of user authentication and supervision in networked
systems. The issue of user authentication is one of on-going concern in modem IT systems
with the increased use of computer systems to store and provide access to sensitive
information resources. While the traditional username/password login combination can be
used to protect access to resources (when used appropriately), users often compromise the
security that these methods can provide. While alternative (and often more secure)
systems are available, these alternatives usually require expensive hardware to be
purchased and integrated into IT systems. Even if alternatives are available (and
financially viable), they frequently require users to authenticate in an intrusive manner (e.g.
forcing a user to use a biometric technique relying on fingerprint recognition). Assuming
an acceptable form of authentication is available, this still does not address the problem of
on-going confidence in the users’ identity - i.e. once the user has logged in at the
beginning of a session, there is usually no further confirmation of the users' identity until
they logout or lock the session in which they are operating. Hence there is a significant
requirement to not only improve login authentication but to also introduce the concept of
continuous user supervision.
Before attempting to implement a solution to the problems outlined above, a range of
currently available user authentication methods are identified and evaluated. This is
followed by a survey conducted to evaluate user attitudes and opinions relating to login
and continuous authentication. The results reinforce perceptions regarding the weaknesses
of the traditional username/password combination, and suggest that alternative techniques
can be acceptable. This provides justification for the work described in the latter part o f
the thesis.
A number of small-scale trials are conducted to investigate alternative authentication
techniques, using ImagePIN's and associative/cognitive questions. While these techniques
are of an intrusive nature, they offer potential improvements as either initial login
authentication methods or, as a challenge during a session to confirm the identity of the
logged-in user.
A potential solution to the problem of continuous user authentication is presented through
the design and implementation o f a system to monitor user activity throughout a logged-in
session. The effectiveness of this system is evaluated through a series of trials
investigating the use of keystroke analysis using digraph, trigraph and keyword-based
metrics (with the latter two methods representing novel approaches to the analysis of
keystroke data). The initial trials demonstrate the viability of these techniques, whereas
later trials are used to demonstrate the potential for a composite approach. The final trial
described in this thesis was conducted over a three-month period with 35 trial participants
and resulted in over five million samples. Due to the scope, duration, and the volume of
data collected, this trial provides a significant contribution to the domain, with the use of a
composite analysis method representing entirely new work. The results of these trials
show that the technique of keystroke analysis is one that can be effective for the majority
of users. Finally, a prototype composite authentication and response system is presented,
which demonstrates how transparent, non-intrusive, continuous user authentication can be
achieved
Continuous and transparent multimodal authentication: reviewing the state of the art
Individuals, businesses and governments undertake an ever-growing range of activities online and via various Internet-enabled digital devices. Unfortunately, these activities, services, information and devices are the targets of cybercrimes. Verifying the user legitimacy to use/access a digital device or service has become of the utmost importance. Authentication is the frontline countermeasure of ensuring only the authorized user is granted access; however, it has historically suffered from a range of issues related to the security and usability of the approaches. They are also still mostly functioning at the point of entry and those performing sort of re-authentication executing it in an intrusive manner. Thus, it is apparent that a more innovative, convenient and secure user authentication solution is vital. This paper reviews the authentication methods along with the current use of authentication technologies, aiming at developing a current state-of-the-art and identifying the open problems to be tackled and available solutions to be adopted. It also investigates whether these authentication technologies have the capability to fill the gap between high security and user satisfaction. This is followed by a literature review of the existing research on continuous and transparent multimodal authentication. It concludes that providing users with adequate protection and convenience requires innovative robust authentication mechanisms to be utilized in a universal level. Ultimately, a potential federated biometric authentication solution is presented; however it needs to be developed and extensively evaluated, thus operating in a transparent, continuous and user-friendly manner
Continuous User Authentication Using Multi-Modal Biometrics
It is commonly acknowledged that mobile devices now form an integral part of an individual’s everyday life. The modern mobile handheld devices are capable to provide a wide range of services and applications over multiple networks. With the increasing capability and accessibility, they introduce additional demands in term of security.
This thesis explores the need for authentication on mobile devices and proposes a novel mechanism to improve the current techniques. The research begins with an intensive review of mobile technologies and the current security challenges that mobile devices experience to illustrate the imperative of authentication on mobile devices. The research then highlights the existing authentication mechanism and a wide range of weakness. To this end, biometric approaches are identified as an appropriate solution an opportunity for security to be maintained beyond point-of-entry. Indeed, by utilising behaviour biometric techniques, the authentication mechanism can be performed in a continuous and transparent fashion.
This research investigated three behavioural biometric techniques based on SMS texting activities and messages, looking to apply these techniques as a multi-modal biometric authentication method for mobile devices. The results showed that linguistic profiling; keystroke dynamics and behaviour profiling can be used to discriminate users with overall Equal Error Rates (EER) 12.8%, 20.8% and 9.2% respectively. By using a combination of biometrics, the results showed clearly that the classification performance is better than using single biometric technique achieving EER 3.3%. Based on these findings, a novel architecture of multi-modal biometric authentication on mobile devices is proposed. The framework is able to provide a robust, continuous and transparent authentication in standalone and server-client modes regardless of mobile hardware configuration. The framework is able to continuously maintain the security status of the devices. With a high level of security status, users are permitted to access sensitive services and data. On the other hand, with the low level of security, users are required to re-authenticate before accessing sensitive service or data
Ranking to Learn and Learning to Rank: On the Role of Ranking in Pattern Recognition Applications
The last decade has seen a revolution in the theory and application of
machine learning and pattern recognition. Through these advancements, variable
ranking has emerged as an active and growing research area and it is now
beginning to be applied to many new problems. The rationale behind this fact is
that many pattern recognition problems are by nature ranking problems. The main
objective of a ranking algorithm is to sort objects according to some criteria,
so that, the most relevant items will appear early in the produced result list.
Ranking methods can be analyzed from two different methodological perspectives:
ranking to learn and learning to rank. The former aims at studying methods and
techniques to sort objects for improving the accuracy of a machine learning
model. Enhancing a model performance can be challenging at times. For example,
in pattern classification tasks, different data representations can complicate
and hide the different explanatory factors of variation behind the data. In
particular, hand-crafted features contain many cues that are either redundant
or irrelevant, which turn out to reduce the overall accuracy of the classifier.
In such a case feature selection is used, that, by producing ranked lists of
features, helps to filter out the unwanted information. Moreover, in real-time
systems (e.g., visual trackers) ranking approaches are used as optimization
procedures which improve the robustness of the system that deals with the high
variability of the image streams that change over time. The other way around,
learning to rank is necessary in the construction of ranking models for
information retrieval, biometric authentication, re-identification, and
recommender systems. In this context, the ranking model's purpose is to sort
objects according to their degrees of relevance, importance, or preference as
defined in the specific application.Comment: European PhD Thesis. arXiv admin note: text overlap with
arXiv:1601.06615, arXiv:1505.06821, arXiv:1704.02665 by other author
MultiÂFactor and Continuous Verification of Identity during Remote Assessments and Individual Personalized Interactions
Authentication is one of the most important aspects of the present society. Almost everything people do has a technological aspect. If systems are not implemented correctly and
safely, namely by access control via authentication, several aspects of (cyber)security and
privacy can be exploited by ill-intentioned people. Unauthorised access can be made in
multiple ways, pretending to be another user is one of them.
This dissertation aims at the creation of a system prototype that can verify if the logged-in
user is the actual person using the system. This is achieved utilising behavioural biometrics, such has keyboard and mouse dynamics, to collect interactions with the system and
machine learning to predict if the collected information matches the person one says to
be. In case the algorithm detects an anomaly, the computer locks itself, so that only authorised people with true access to the computer can re-log in.A Autenticação é um dos aspetos mais importantes da sociedade atual. Quase todas as
ações concretizadas pelas pessoas que a compõem têm um aspeto tecnológico. Caso os sistemas não sejam implementados segura e corretamente, nomeadamente através do controlo de acesso via autenticação, vários aspetos de (ciber)segurança e privacidade podem
ser violados por pessoas mal intencionadas. Este acesso pode dar-se de muitas formas,
sendo uma delas fazendo-se passar por um outro utilizador.
Esta dissertação visa a criação de um protótipo de sistema que consiga verificar a identidade do utilizador autenticado no sistema. Esta verificação será concretizada através da
análise de biométricas comportamentais, neste caso, dinâmicas de rato e teclado, para
realizar a coleta de interações com o sistema e aprendizagem automática para prever,
através da informação coletada, se esta corresponde à pessoa autenticada. Caso o algoritmo detete uma anomalia, o computador irá bloquear, de modo a que apenas pessoas
autorizadas consigam fazer uma reautenticação
- …