Recognition of web users with the aid of biometric user model

Methods aimed at recognition of users are able to identify browsers or machines, but cannot distinguish physical persons. Multiple identities of single users are common on the Internet and this phenomenon decreases trustfulness of presented content as well as quality of provided services. This paper proposes a novel method for recognition of persons on the Web using input device usage patterns (keyboard, computer mouse, touchscreen), behavioral biometrics. The essential part of this method is a biometric component attached to the user model of an information system serving as a biometric identifier. The recognition of users relies in matching these components, specifically comparing values distribution shapes, which are characterizing users. The paper presents results of the method performance, which were obtained in a series of experiments focused on different aspects of evaluation (recognition rate, scalability, etc.). More specifically, a conducted case study shows application of the method to solve an issue in website visits analysis caused by erasing cookies.

[1]  H. Saevanee,et al.  User Authentication Using Combination of Behavioral Biometrics over the Touchpad Acting Like Touch Screen of Mobile Device , 2008, 2008 International Conference on Computer and Electrical Engineering.

[2]  Christophe Rosenberger,et al.  Soft biometrics for keystroke dynamics: Profiling individuals while typing passwords , 2014, Comput. Secur..

[3]  Haining Wang,et al.  An Efficient User Verification System Using Angle-Based Mouse Movement Biometrics , 2016, TSEC.

[4]  Ahmed Awad E. Ahmed,et al.  A New Biometric Technology Based on Mouse Dynamics , 2007, IEEE Transactions on Dependable and Secure Computing.

[5]  Daniela Chudá,et al.  Usage of computer mouse characteristics for identification in web browsing , 2014, CompSysTech.

[6]  Dawn Xiaodong Song,et al.  Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication , 2012, IEEE Transactions on Information Forensics and Security.

[7]  Heinrich Hußmann,et al.  Touch me once and i know it's you!: implicit authentication based on touch screen patterns , 2012, CHI.

[8]  S. Seo A Review and Comparison of Methods for Detecting Outliers in Univariate Data Sets , 2006 .

[9]  John R. Anderson,et al.  What can a mouse cursor tell us more?: correlation of eye/mouse movements on web browsing , 2001, CHI Extended Abstracts.

[10]  D.A. Schulz,et al.  Mouse Curve Biometrics , 2006, 2006 Biometrics Symposium: Special Session on Research at the Biometric Consortium Conference.

[11]  Hamid Jahankhani,et al.  A Survey of User Authentication Based on Mouse Dynamics , 2008 .

[12]  Deron Liang,et al.  A New Non-intrusive Authentication Approach for Data Protection Based on Mouse Dynamics , 2012, 2012 International Symposium on Biometrics and Security Technologies.

[13]  อนิรุธ สืบสิงห์,et al.  Data Mining Practical Machine Learning Tools and Techniques , 2014 .

[14]  G. Ruxton The unequal variance t-test is an underused alternative to Student's t-test and the Mann–Whitney U test , 2006 .

[15]  A.K. Jain,et al.  Webbiometrics: User Verification Via Web Interaction , 2007, 2007 Biometrics Symposium.

[16]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[17]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.

[18]  Hyoungjoo Lee,et al.  Retraining a keystroke dynamics-based authenticator with impostor patterns , 2007, Comput. Secur..

[19]  Wouter Joosen,et al.  PriVaricator: Deceiving Fingerprinters with Little White Lies , 2015, WWW.

[20]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[21]  Norman Shapiro,et al.  Authentication by Keystroke Timing: Some Preliminary Results , 1980 .

[22]  Mohammad Mannan,et al.  A Large-Scale Evaluation of High-Impact Password Strength Meters , 2015, TSEC.

[23]  Mark Claypool,et al.  Implicit interest indicators , 2001, IUI '01.

[24]  Daniela Chudá,et al.  Estimating Gender and Age of Web Page Visitors from the Way They Use Their Mouse , 2016, WWW.

[25]  Shivani Hashiaa,et al.  ON USING MOUSE MOVEMENTS AS A BIOMETRIC , 2005 .

[26]  Fabian Monrose,et al.  Authentication via keystroke dynamics , 1997, CCS '97.

[27]  Peter Brusilovsky,et al.  Adaptive Hypermedia , 2001, User Modeling and User-Adapted Interaction.

[28]  Gopal K. Gupta,et al.  Identity authentication based on keystroke latencies , 1990, Commun. ACM.

[29]  Patrick Bours,et al.  A Login System Using Mouse Dynamics , 2009, 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[30]  Daniela Chudá,et al.  Fine-tuning Web Traffic Statistics by Deduplication and Splitting of Visitors Records Using Mouse Biometrics , 2016, CompSysTech.

[31]  Ryen W. White,et al.  Finding relevant documents using top ranking sentences: an evaluation of two alternative schemes , 2002, SIGIR '02.

[32]  Nasir D. Memon,et al.  Biometric-rich gestures: a novel approach to authentication on multi-touch devices , 2012, CHI.

[33]  Daniela Chudá,et al.  Grouping instances in kNN for classification based on computer mouse features , 2015, CompSysTech '15.

[34]  Marcus Brown,et al.  User Identification via Keystroke Characteristics of Typed Names using Neural Networks , 1993, Int. J. Man Mach. Stud..

[35]  Adrian Ziderman How the cookie crumbles. , 1974 .

[36]  Sungzoon Cho,et al.  Keystroke dynamics identity verification - its problems and practical solutions , 2004, Comput. Secur..

[37]  Shiliang Sun,et al.  A Centroid k-Nearest Neighbor Method , 2010, ADMA.

[38]  Ana L. N. Fred,et al.  A behavioral biometric system based on human-computer interaction , 2004, SPIE Defense + Commercial Sensing.

[39]  Balachander Krishnamurthy,et al.  Generating a privacy footprint on the internet , 2006, IMC '06.

[40]  Daniela Chudá,et al.  Is the Visitor Reading or Navigating? , 2017, CompSysTech.

[41]  Issa Traoré,et al.  Improving Mouse Dynamics Biometric Performance Using Variance Reduction via Extractors With Separate Features , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[42]  Marjory Da Costa-Abreu,et al.  Using keystroke dynamics for gender identification in social network environment , 2011, ICDP.

[43]  Yigitcan Aksari,et al.  Active authentication by mouse movements , 2009, 2009 24th International Symposium on Computer and Information Sciences.

[44]  Haining Wang,et al.  An efficient user verification system via mouse movements , 2011, CCS '11.

[45]  Soumik Mondal,et al.  Continuous authentication using mouse dynamics , 2013, 2013 International Conference of the BIOSIG Special Interest Group (BIOSIG).

[46]  Claudia Picardi,et al.  Keystroke analysis of free text , 2005, TSEC.

[47]  Derrick Leflore,et al.  Mouse tracking, behavioral biometrics, and GEFE , 2013, 2013 Proceedings of IEEE Southeastcon.

[48]  Peter Brusilovsky,et al.  User Models for Adaptive Hypermedia and Adaptive Educational Systems , 2007, The Adaptive Web.

[49]  Peter Eckersley,et al.  How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.

[50]  Daniela Chudá,et al.  Mouse Clicks Can Recognize Web Page Visitors! , 2015, WWW.

[51]  Zhongmin Cai,et al.  Performance evaluation of anomaly-detection algorithms for mouse dynamics , 2014, Comput. Secur..

[52]  Peter W. McOwan,et al.  Java-Based Internet Biometric Authentication System , 2003, IEEE Trans. Pattern Anal. Mach. Intell..

[53]  Nicholas J. Belkin,et al.  Display time as implicit feedback: understanding task effects , 2004, SIGIR '04.

[54]  Sung-Hyuk Cha Comprehensive Survey on Distance/Similarity Measures between Probability Density Functions , 2007 .

[55]  Daniela Chudá,et al.  Influence of Body Postures on Touch-Based Biometric User Authentication , 2018, SOFSEM.

[56]  Lior Rokach,et al.  User identity verification via mouse dynamics , 2012, Inf. Sci..

[57]  Carla E. Brodley,et al.  User re-authentication via mouse movements , 2004, VizSEC/DMSEC '04.