nach oben

International Journal of Information Security

Erschienen in:

16.06.2020 | Special Issue Paper

Combining behavioral biometrics and session context analytics to enhance risk-based static authentication in web applications

verfasst von: Jesus Solano, Luis Camacho, Alejandro Correa, Claudio Deiro, Javier Vargas, Martín Ochoa

Erschienen in: International Journal of Information Security | Ausgabe 2/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The fragility of password-based authentication has been recognized and studied for several decades. It is an increasingly common industry practice to profile users based on their sessions context, such as IP ranges and Browser type in order to build a risk profile on an incoming authentication attempt. On the other hand, behavioral dynamics such as mouse and keyword features have been proposed in the scientific literature order to improve authentication, but have been shown most effective in continuous authentication scenarios. In this paper we propose to combine both fingerprinting and behavioral dynamics (for mouse and keyboard) in order to increase security of login mechanisms. We do this by using machine learning techniques that aim at high accuracy, and only occasionally raise alarms for manual inspection. We evaluate our approach on a dataset containing mouse, keyboard and session context information of 24 users and simulated attacks. We show that while context analysis and behavioural analysis on their own achieve around 0.7 accuracy on this dataset, a combined approach reaches up to 0.9 accuracy using a linear combination of the outcomes of the single models.

Vorheriger Artikel A secure architecture for TCP/UDP-based cloud communications

Nächster Artikel Secure and efficient wildcard search over encrypted data

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Perrig, A.: Shortcomings of password-based authentication. In: 9th USENIX Security Symposium, vol. 130. ACM (2000)

Bonneau, J., Herley, C., Stajano, F.M., et al.: Passwords and the evolution of imperfect authentication. Commun. ACM 58, 78–87 (2014)CrossRef

Newman, L.: Hacker Lexicon: What is Credential Stuffing? Wired Magazine (2019). https://www.wired.com/story/what-is-credential-stuffing/. Accessed 12 Sept 2019

Kaspersky: Zeus malware. Online (2019). https://usa.kaspersky.com/resource-center/threats/zeus-virus. Accessed 12 Sept 2019

Alaca, F., Van Oorschot, P.C.: Device fingerprinting for augmenting web authentication: classification and analysis of methods. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 289–301. ACM (2016)

Salem, M.B., Hershkop, S., Stolfo, S.J.: A survey of insider attack detection research. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds.) Insider Attack and Cyber Security, pp. 69–90. Springer, Boston (2008)CrossRef

Yampolskiy, R.V., Govindaraju, V.: Behavioural biometrics: a survey and classification. Int. J. Biom. 1(1), 81–113 (2008)

Zheng, N., Paloski, A., Wang, H.: An efficient user verification system via mouse movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 139–150. ACM (2011)

Mondal, S., Bours, P.: Combining keystroke and mouse dynamics for continuous user authentication and identification. In: 2016 IEEE International Conference on Identity, Security and Behavior Analysis (ISBA), pp. 1–8. IEEE (2016)

10.

Shen, C., Cai, Z., Guan, X., Wang, J.: On the effectiveness and applicability of mouse dynamics biometric for static authentication: a benchmark study. In: 2012 5th IAPR International Conference on Biometrics (ICB) (2012)

11.

Solano, J., Camacho, L., Correa, A., Deiro, C., Vargas, J., Ochoa, M.: Risk-based static authentication in web applications with behavioral biometrics and session context analytics. In: Zhou, J., Deng, R., Li, Z., Majumdar, S., Meng, W., Wang, L., Zhang, K. (eds.) Applied Cryptography and Network Security Workshops, pp. 3–23. Springer, Berlin (2019)CrossRef

12.

Harilal, A., Toffalini, F., Homoliak, I., Castellanos, J., Guarnizo, J., Mondal, S., Ochoa, M.: The wolf of SUTD (twos): a dataset of malicious insider threat behavior based on a gamified competition. J. Wirel. Mob. Netw. (2018). https://doi.org/10.22667/JOWUA.2018.03.31.054CrossRef

13.

Traore, I., Woungang, I., Obaidat, M.S., Nakkabi, Y., Lai, I.: Combining mouse and keystroke dynamics biometrics for risk-based authentication in web environments. In: 2012 Fourth International Conference on Digital Home (2012)

14.

Swati Gurav, R.G., Mhangore, S.: Combining keystroke and mouse dynamics for user authentication. Int. J. Emerg. Trends Technol. Comput. Sci. (IJETTCS) 6, 055–058 (2017)

15.

Cao, Y., Li, S., Wijmans, E.: (Cross-)browser fingerprinting via OS and hardware level features. In: NDSS (2017). https://doi.org/10.14722/ndss.2017.23152

16.

Nakibly, G., Shelef, G., Yudilevich, S.: Hardware fingerprinting using HTML5 (2015). arXiv:1503.01408v3

17.

Sanchez-Rola, I., Santos, I., Balzarotti, D.: Clock around the clock: time-based device fingerprinting. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1502–1514 (2018)

18.

Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93–108 (2005)CrossRef

19.

Bailey, K.O., Okolica, J.S., Peterson, G.L.: User identification and authentication using multi-modal behavioral biometrics. Comput. Secur. 43, 77–89 (2014)CrossRef

20.

Misbahuddin, M., Bindhumadhava, B.S., Dheeptha, B.: Design of a risk based authentication system using machine learning techniques. In: 2017 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computed, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation, pp. 1–6 (2017)

21.

Solano, J., Tengana, L., Castelblanco, A., Rivera, E., Lopez, C., Ochoa, M.: A few-shot practical behavioral biometrics model for login authentication in web applications. In: NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb’20) (2020)

Titel: Combining behavioral biometrics and session context analytics to enhance risk-based static authentication in web applications
verfasst von: Jesus Solano
Luis Camacho
Alejandro Correa
Claudio Deiro
Javier Vargas
Martín Ochoa
Publikationsdatum: 16.06.2020
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 2/2021
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-020-00510-x

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2021

Studying lattice reduction algorithms improved by quick reordering technique

Toward a blockchain-based framework for challenge-based collaborative intrusion detection

Strong leakage-resilient encryption: enhancing data confidentiality by hiding partial ciphertext

An SDN approach to detect targeted attacks in P2P fully connected overlays

A secure architecture for TCP/UDP-based cloud communications

Secure and efficient wildcard search over encrypted data