Wrist in Motion: A Seamless Context-Aware Continuous Authentication Framework Using Your Clickings and Typings

In this paper, we propose enhanced continuous authentication by supplementing keystroke and mouse dynamics with wrist motion behaviors. Our method bridges the security gap when neither the mouse nor the keyboard is being used, such as during transitions from mouse to keyboard and vice versa, or during intermittent pauses when wrist movement is captured. Context-aware keystroke latency feature cell generation improves performance and solves latency fluctuation – different diagraphs have different latencies in different words. Based on two Random Forest Ensemble Classifiers (RFECs) recognizing the mouse and keystroke actions with corresponding wrist motions and one Sequential Sampling Analysis (SSA) or SSA Dynamic Trust Model (SSA-DTM), the identity of the user can be continuously verified no matter the operation mode — mouse clicking or keyboard typing. Experimental results, based on 44 subjects, show that the proposed approach can reach an FRR of 0.92% for genuine users and an FAR of 0 for attackers. The approach is shown to be more superior in efficient and timely authentications by making an authentication decision within only 35 mixed actions — mouse clicks or keystrokes, compared with conventional methods solely based on the mouse geometry and locomotion features or keystroke latency features.

[1]  Shambhu J. Upadhyaya,et al.  Adaptive techniques for intra-user variability in keystroke dynamics , 2016, 2016 IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[2]  Yan Lindsay Sun,et al.  Anatomy of secondary features in keystroke dynamics - achieving more with less , 2017, 2017 IEEE International Conference on Identity, Security and Behavior Analysis (ISBA).

[3]  Yang Gao,et al.  Enhanced free-text keystroke continuous authentication based on dynamics of wrist motion , 2017, 2017 IEEE Workshop on Information Forensics and Security (WIFS).

[4]  M. S. Mayzner,et al.  Tables of single-letter and digram frequency counts for various word-length and letter-position combinations. , 1965 .

[5]  Ani Nahapetian,et al.  WristSnoop: Smartphone PINs prediction using smartwatch motion sensors , 2015, 2015 IEEE International Workshop on Information Forensics and Security (WIFS).

[6]  Qing Yang,et al.  HMOG: New Behavioral Biometric Features for Continuous Authentication of Smartphone Users , 2015, IEEE Transactions on Information Forensics and Security.

[7]  Ruby B. Lee,et al.  Implicit Sensor-based Authentication of Smartphone Users with Smartwatch , 2016, HASP 2016.

[8]  Urmila Kukreja,et al.  RUI: Recording user input from interfaces under Windows and Mac OS X , 2006, Behavior research methods.

[9]  Rajesh Kumar,et al.  Continuous user authentication via unlabeled phone movement patterns , 2017, 2017 IEEE International Joint Conference on Biometrics (IJCB).

[10]  Stephanie Schuckers,et al.  Effect of data size on performance of free-text keystroke authentication , 2015, IEEE International Conference on Identity, Security and Behavior Analysis (ISBA 2015).

[11]  I. Woungang,et al.  Combining Mouse and Keystroke Dynamics Biometrics for Risk-Based Authentication in Web Environments , 2012, 2012 Fourth International Conference on Digital Home.

[12]  Soumik Mondal,et al.  A computational approach to the continuous authentication biometric system , 2015, Inf. Sci..

[13]  Danushka Bollegala,et al.  Iterative Keystroke Continuous Authentication: A Time Series Based Approach , 2018, KI - Künstliche Intelligenz.

[14]  Soumik Mondal,et al.  A study on continuous authentication using a combination of keystroke and mouse biometrics , 2017, Neurocomputing.

[15]  Stephanie Schuckers,et al.  A practical evaluation of free-text keystroke dynamics , 2017, 2017 IEEE International Conference on Identity, Security and Behavior Analysis (ISBA).

[16]  Xiangyu Liu,et al.  When Good Becomes Evil: Keystroke Inference with Smartwatch , 2015, CCS.

[17]  Vir V. Phoha,et al.  New impostor score based rejection methods for continuous keystroke verification with weak templates , 2012, 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[18]  Adrian D. C. Chan,et al.  Wavelet Distance Measure for Person Identification Using Electrocardiograms , 2008, IEEE Transactions on Instrumentation and Measurement.

[19]  Shambhu J. Upadhyaya,et al.  Enhanced recognition of keystroke dynamics using Gaussian mixture models , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[20]  N. Asokan,et al.  Pitfalls in Designing Zero-Effort Deauthentication: Opportunistic Human Observation Attacks , 2015, NDSS.

[21]  Lior Rokach,et al.  Clustering di-graphs for continuously verifying users according to their typing patterns , 2010, 2010 IEEE 26-th Convention of Electrical and Electronics Engineers in Israel.

[22]  Yan Wang,et al.  Friend or Foe?: Your Wearable Devices Reveal Your Personal PIN , 2016, AsiaCCS.

[23]  C. A. Terzuolo,et al.  Determinants and characteristics of motor patterns used for typing , 1980, Neuroscience.

[24]  Haining Wang,et al.  An efficient user verification system via mouse movements , 2011, CCS '11.

[25]  Ramón Díaz-Uriarte,et al.  Gene selection and classification of microarray data using random forest , 2006, BMC Bioinformatics.

[26]  John V. Monaco,et al.  Crossing domains with the inductive transfer encoder: Case study in keystroke biometrics , 2016, 2016 IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[27]  Vir V. Phoha,et al.  Utilizing linguistically enhanced keystroke dynamics to predict typist cognition and demographics , 2015, Int. J. Hum. Comput. Stud..

[28]  Mengjun Xie,et al.  MotionAuth: Motion-based authentication for wrist worn smart devices , 2015, 2015 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops).

[29]  Rama Chellappa,et al.  Continuous User Authentication on Mobile Devices: Recent progress and remaining challenges , 2016, IEEE Signal Processing Magazine.

[30]  David Kotz,et al.  ZEBRA: Zero-Effort Bilateral Recurring Authentication , 2014, IEEE Symposium on Security and Privacy.

[31]  Pilsung Kang,et al.  Keystroke dynamics-based user authentication using freely typed text based on user-adaptive feature extraction and novelty detection , 2018, Appl. Soft Comput..

[32]  Haining Wang,et al.  An Efficient User Verification System Using Angle-Based Mouse Movement Biometrics , 2016, TSEC.

[33]  Vir V. Phoha,et al.  Scan-Based Evaluation of Continuous Keystroke Authentication Systems , 2013, IT Professional.

[34]  Shambhu J. Upadhyaya,et al.  User authentication with keystroke dynamics in long-text data , 2016, 2016 IEEE 8th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[35]  Rami Albatal,et al.  Dynamic User Authentication Based on Mouse Movements Curves , 2015, MMM.

[36]  Mirko Stanic Continuous user verification based on behavioral biometrics using mouse dynamics , 2013, Proceedings of the ITI 2013 35th International Conference on Information Technology Interfaces.

[37]  Yang Gao,et al.  Hand in Motion: Enhanced Authentication Through Wrist and Mouse Movement , 2018, 2018 IEEE 9th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[38]  Patrick Langdon,et al.  A submovement analysis of cursor trajectories , 2005, Behav. Inf. Technol..

[39]  Lei Ma,et al.  A kind of mouse behavior authentication method on dynamic soft keyboard , 2016, 2016 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[40]  Patrick Bours Continuous keystroke dynamics: A different perspective towards biometric evaluation , 2012, Inf. Secur. Tech. Rep..

[41]  Sung-Hyuk Cha,et al.  Developing a Keystroke Biometric System for Continual Authentication of Computer Users , 2012, 2012 European Intelligence and Security Informatics Conference.

[42]  Wael Louis,et al.  Continuous Authentication Using One-Dimensional Multi-Resolution Local Binary Patterns (1DMRLBP) in ECG Biometrics , 2016, IEEE Transactions on Information Forensics and Security.

[43]  Lior Rokach,et al.  User identity verification via mouse dynamics , 2012, Inf. Sci..

[44]  Rama Chellappa,et al.  Continuous Authentication of Smartphones Based on Application Usage , 2018, IEEE Transactions on Biometrics, Behavior, and Identity Science.