User identification and authentication using multi-modal behavioral biometrics

Abstract Biometric computer authentication has an advantage over password and access card authentication in that it is based on something you are, which is not easily copied or stolen. One way of performing biometric computer authentication is to use behavioral tendencies associated with how a user interacts with the computer. However, behavioral biometric authentication accuracy rates are worse than more traditional authentication methods. This article presents a behavioral biometric system that fuses user data from keyboard, mouse, and Graphical User Interface (GUI) interactions. Combining the modalities results in a more accurate authentication decision based on a broader view of the user's computer activity while requiring less user interaction to train the system than previous work. Testing over 31 users shows that fusion techniques significantly improve behavioral biometric authentication accuracy over single modalities on their own. Between the two fusion techniques presented, feature fusion and an ensemble based classification method, the ensemble method performs the best with a False Acceptance Rate (FAR) of 2.10% and a False Rejection Rate (FRR) 2.24%.

[1]  Shivani Hashiaa,et al.  ON USING MOUSE MOVEMENTS AS A BIOMETRIC , 2005 .

[2]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[3]  Bojan Cukic,et al.  Evaluating the Reliability of Credential Hardening through Keystroke Dynamics , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[4]  Arun Ross,et al.  Information fusion in biometrics , 2003, Pattern Recognit. Lett..

[5]  Rashmi Singhal,et al.  Towards an Integrated Biometric Technique , 2012 .

[6]  Carla E. Brodley,et al.  An examination of user behavior for user re-authentication , 2007 .

[7]  B. Hussien,et al.  Computer-Access Security Systems Using Keystroke Dynamics , 1990, IEEE Trans. Pattern Anal. Mach. Intell..

[8]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[9]  A. Garg,et al.  Profiling Users in GUI Based Systems for Masquerade Detection , 2006, 2006 IEEE Information Assurance Workshop.

[10]  John-David Marsters Keystroke dynamics as a biometric , 2009 .

[11]  D. Opitz,et al.  Popular Ensemble Methods: An Empirical Study , 1999, J. Artif. Intell. Res..

[12]  Welch Bl THE GENERALIZATION OF ‘STUDENT'S’ PROBLEM WHEN SEVERAL DIFFERENT POPULATION VARLANCES ARE INVOLVED , 1947 .

[13]  Patrick Bours Continuous keystroke dynamics: A different perspective towards biometric evaluation , 2012, Inf. Secur. Tech. Rep..

[14]  M. Turk,et al.  Temporal Integration for Continuous Multimodal Biometrics , 2003 .

[15]  Claudia Picardi,et al.  User authentication through keystroke dynamics , 2002, TSEC.

[16]  Norman Shapiro,et al.  Authentication by Keystroke Timing: Some Preliminary Results , 1980 .

[17]  R. Stockton Gaines,et al.  Authentication by Keystroke Timing , 1980 .

[18]  S. Shapiro,et al.  An Analysis of Variance Test for Normality (Complete Samples) , 1965 .

[19]  Carla E. Brodley,et al.  User re-authentication via mouse movements , 2004, VizSEC/DMSEC '04.

[20]  Jiankun Hu,et al.  A k-Nearest Neighbor Approach for User Authentication through Biometric Keystroke Dynamics , 2008, 2008 IEEE International Conference on Communications.

[21]  Noureddine Doghmane,et al.  Face and Speech Based Multi-Modal Biometric Authentication , 2010 .

[22]  Ana Fred,et al.  A Behavioural Biometric System Based on Human Computer Interaction , 2004 .

[23]  Sajjad Haider,et al.  A multi-technique approach for user identification through keystroke dynamics , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[24]  Usama M. Fayyad,et al.  Multi-Interval Discretization of Continuous-Valued Attributes for Classification Learning , 1993, IJCAI.

[25]  I. Traore,et al.  Anomaly intrusion detection based on biometrics , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[26]  Haining Wang,et al.  An efficient user verification system via mouse movements , 2011, CCS '11.

[27]  K. Rabuzin,et al.  E-learning: Biometrics as a Security Factor , 2006, 2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06).

[28]  R. Polikar,et al.  Ensemble based systems in decision making , 2006, IEEE Circuits and Systems Magazine.

[29]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[30]  Gopal K. Gupta,et al.  Identity authentication based on keystroke latencies , 1990, Commun. ACM.

[31]  Arun Ross,et al.  Information fusion in biometrics , 2003, Pattern Recognit. Lett..

[32]  Ahmed Awad E. Ahmed,et al.  A New Biometric Technology Based on Mouse Dynamics , 2007, IEEE Transactions on Dependable and Secure Computing.

[33]  Václav Matyás,et al.  Toward Reliable User Authentication through Biometrics , 2003, IEEE Secur. Priv..

[34]  Marcus Brown,et al.  User Identification via Keystroke Characteristics of Typed Names using Neural Networks , 1993, Int. J. Man Mach. Stud..

[35]  C. Chellappan,et al.  Authentication of e-learners using multimodal biometric technology , 2008, 2008 International Symposium on Biometrics and Security Technologies.

[36]  Claudia Picardi,et al.  Keystroke analysis of free text , 2005, TSEC.

[37]  Soumik Mondal,et al.  Continuous authentication using mouse dynamics , 2013, 2013 International Conference of the BIOSIG Special Interest Group (BIOSIG).

[38]  A. Karr,et al.  Computer Intrusion: Detecting Masquerades , 2001 .

[39]  Stefania Marrara,et al.  Impostor Users Discovery Using a Multimodal Biometric Continuous Authentication Fuzzy System , 2008, KES.

[40]  Zhongmin Cai,et al.  A hypo-optimum feature selection strategy for mouse dynamics in continuous identity authentication and monitoring , 2010, 2010 IEEE International Conference on Information Theory and Information Security.

[41]  Roy A. Maxion,et al.  Masquerade detection using truncated command lines , 2002, Proceedings International Conference on Dependable Systems and Networks.

[42]  Lior Rokach,et al.  User identity verification via mouse dynamics , 2012, Inf. Sci..

[43]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[44]  Fabian Monrose,et al.  Authentication via keystroke dynamics , 1997, CCS '97.

[45]  Ana L. N. Fred,et al.  A behavioral biometric system based on human-computer interaction , 2004, SPIE Defense + Commercial Sensing.

[46]  John A. Hamilton,et al.  Applications of gui usage analysis , 2008 .