Authentication by Mouse Movements. By Shivani Hashia Advisor: Dr. Chris Pollett Committee: Dr. Mark Stamp Dr. Robert Chun Dec 2004

Similar documents
Authentication by Mouse Movements. CS 297 Report. Shivani Hashia Advisor: Dr.Chris Pollett. May 2004

Behavior-based Authentication Systems. Multimedia Security

Technical White Paper. Behaviometrics. Measuring FAR/FRR/EER in Continuous Authentication

User Authentication and Human Factors

User Authentication. Tadayoshi Kohno

: BIOMETRIC AUTHENTICATION TOOL FOR USER IDENTIFICATION

Signature Verification Why xyzmo offers the leading solution

Electronic Signature Systems

CIS 4360 Secure Computer Systems Biometrics (Something You Are)

Authentication. Tadayoshi Kohno

Authentication Objectives People Authentication I

Passwords. EJ Jung. slide 1

Information Security Identification and authentication. Advanced User Authentication II

CSCE 548 Building Secure Software Biometrics (Something You Are) Professor Lisa Luo Spring 2018

Online Signature Verification Technique

Biometric Security Roles & Resources

Smart Card and Biometrics Used for Secured Personal Identification System Development

Gurmeet Kaur 1, Parikshit 2, Dr. Chander Kant 3 1 M.tech Scholar, Assistant Professor 2, 3

User Authentication Best Practices for E-Signatures Wednesday February 25, 2015

Identification, authentication, authorisation. Identification and authentication. Authentication. Authentication. Three closely related concepts:

CHAPTER 6 RESULTS AND DISCUSSIONS

Tutorial 8. Jun Xu, Teaching Asistant March 30, COMP4134 Biometrics Authentication

September 11, Unit 2 Day 1 Notes Measures of Central Tendency.notebook

US Secret Service National Threat Assessment Center (NTAC), Insider threat study (2004)

An Overview of Biometric Image Processing

Lecture 9 User Authentication

Ujma A. Mulla 1 1 PG Student of Electronics Department of, B.I.G.C.E., Solapur, Maharashtra, India. IJRASET: All Rights are Reserved

CSC 474 Network Security. Authentication. Identification

A Study on the Consistency of Features for On-line Signature Verification

Signature Recognition by Pixel Variance Analysis Using Multiple Morphological Dilations

Chapter 2: Access Control and Site Security. Access Control. Access Control. ACIS 5584 E-Commerce Security Dr. France Belanger.

Machine Learning. Topic 5: Linear Discriminants. Bryan Pardo, EECS 349 Machine Learning, 2013

Signature Verification: Why xyzmo offers the leading solution

Body Sensor Network Security

Lecture 11: Human Authentication CS /12/2018

Document Editor Basics

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

HumanAUT Secure Human Identification Protocols

minutes/question 26 minutes

AIT 682: Network and Systems Security

Authentication. Identification. AIT 682: Network and Systems Security

Lecture 14 Passwords and Authentication

Lecture 9. Authentication & Key Distribution

Mobile Biometric Authentication: Pros and Cons of Server and Device-Based

Example 1: Give the coordinates of the points on the graph.

Palm Vein Technology

International Journal of Advanced Research in Computer Science and Software Engineering

Integer Operations. Summer Packet 7 th into 8 th grade 1. Name = = = = = 6.

2016 AMC10B Problems

BIOMET: A Multimodal Biometric Authentication System for Person Identification and Verification using Fingerprint and Face Recognition

CSE 565 Computer Security Fall 2018

STA Rev. F Learning Objectives. Learning Objectives (Cont.) Module 3 Descriptive Measures

CS530 Authentication

What is the sum of the measures of the angles of a quadrilateral?

Tutorial 4: Texture Mapping Techniques

Computational Geometry Algorithmische Geometrie

Altamaha Federal Credit Union Online Banking Walkthrough

Access Control Biometrics User Guide

Start Here. Quick Installation Guide. Verifi. IMPORTANT. Always install the Software prior to Hardware Installation ENTERPRISE

BIOMETRIC MECHANISM FOR ONLINE TRANSACTION ON ANDROID SYSTEM ENHANCED SECURITY OF. Anshita Agrawal

Use of Extreme Value Statistics in Modeling Biometric Systems

DEFORMABLE MATCHING OF HAND SHAPES FOR USER VERIFICATION. Ani1 K. Jain and Nicolae Duta

Averages and Variation

Combined Fingerprint Minutiae Template Generation

An Efficient on-line Signature Verification System Using Histogram Features

User Guide. Web Intelligence Rich Client. Business Objects 4.1

International Journal of Electrical and Computer Engineering 4: Application of Neural Network in User Authentication for Smart Home System

CHAPTER 4 FACE RECOGNITION DESIGN AND ANALYSIS

Biometrics: The Password You ll Never Forget

LESSON 3.1 INTRODUCTION TO GRAPHING

Presented By: Miss Samya Ashraf Want Student ID

Improvement of SURF Feature Image Registration Algorithm Based on Cluster Analysis

Week 10 Part A MIS 5214

T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A. Authentication EECE 412. Copyright Konstantin Beznosov

REGION BASED SEGEMENTATION

Authentication, Passwords. Robert H. Sloan

Step-by-Step Guide to Ansur Executive 3.0 Installation With or without Electronic Signatures

A. Incorrect! This would be the negative of the range. B. Correct! The range is the maximum data value minus the minimum data value.

STUDY OF POSSIBILITY OF ON-PEN MATCHING FOR BIOMETRIC HANDWRITING VERIFICATION

User Authentication. Daniel Halperin Tadayoshi Kohno

A BIOMETRIC FUSION OF HAND AND FINGER VEIN APPROACH FOR AN EFFICIENT PERSONAL AUTHENTICATION IN HEALTH CARE

Computational Geometry TOPICS Preliminaries Point in a Polygon Polygon Construction Convex Hulls

Unit 2: Locomotion Kinematics of Wheeled Robots: Part 3

Prevention or Identification of Web Intrusion via Human Computer Interaction Behaviour A Proposal

Data Analysis & Probability

CIS 6930/4930 Computer and Network Security. Topic 6. Authentication

Math 214 Introductory Statistics Summer Class Notes Sections 3.2, : 1-21 odd 3.3: 7-13, Measures of Central Tendency

Graphical Tool For SC Automata.

Gaithashing: a two-factor authentication scheme based on gait features

INFS 2150 Introduction to Web Development

Introduction. User's manual

INFS 2150 Introduction to Web Development

A Fast Algorithm for Data Mining. Aarathi Raghu Advisor: Dr. Chris Pollett Committee members: Dr. Mark Stamp, Dr. T.Y.Lin

International Journal of Advance Engineering and Research Development. Iris Recognition and Automated Eye Tracking

MAT 142 College Mathematics. Module ST. Statistics. Terri Miller revised July 14, 2015

Section A Arithmetic ( 5) Exercise A

(12) Patent Application Publication (10) Pub. No.: US 2003/ A1. (51) Int. Cl."... G06F 17/60. Incoming Call. Electronic ID of Device

Multimodal Biometric System by Feature Level Fusion of Palmprint and Fingerprint

Polar (BC Only) They are necessary to find the derivative of a polar curve in x- and y-coordinates. The derivative

GEOMETRY. slide #3. 6th Grade Math Unit 7. 6th Grade Unit 7: GEOMETRY. Name: Table of Contents. Area of Rectangles

Transcription:

Authentication by Mouse Movements By Shivani Hashia Advisor: Dr. Chris Pollett Committee: Dr. Mark Stamp Dr. Robert Chun Dec 2004

Topics Introduction Design and Implementation Active authentication Passive authentication Experiments and Results Conclusion Future Work

Introduction Authentication: Process of validating a person is who he claims to be Aim: Build a secure technique to authenticate users Easy to use Cheap

Current methods of authentication Passwords- Based on what you know Advantages Easy to use Cheap Disadvantages Difficult to remember Can be cracked if not chosen wisely

Current methods of authentication ( cont d) Smart Card- Based on what you have Advantages Easy to use Disadvantages Expensive, requires card reader Can be stolen

Current methods of authentication ( cont d) Biometrics- Based on physiological or biological characteristics Advantages No one can forge unless template file changed Disadvantages Current methods expensive

Related work Researchers at Technion-Israel Institute of Technology were planning to built software, which can identify the authenticity of the users with their individual and distinct typing styles Ross Everitt and Peter McOwan at Queen Mary University of London did a research where they used mouse signature as the biometric to verify the authenticity of the users

Design and Implementation Model based on biometrics. It contains two parts: Active Authentication: One time authentication Passive Authentication: Continuous monitoring and authentication of mouse movements

Active Authentication Login Screen

Active Authentication Works in 3 phases Enrollment: For registering users. Acts like mean of data points Training: For getting as many samples as possible from users. Acts like variance of data points Verification: Actual logging in

Enrollment Design Vector.txt (stores 144 vectors of registered users) Template file created Verification Authenticate /Reject Training Model Created AvSd.txt (stores average, standard deviation of 144 vectors)

Enrollment Complete round of following points on screen with mouse four times Record parameters- speed, deviation, angle (positive, negative) Current mouse position Angle 2 1 Deviation

Enrollment (cont d) Find average, standard deviation, maximum and minimum of the four parameters For 1 pair of points, 4*4=16 vectors For 9 pair of points, 16*9=144 vectors Normalize vectors to bring on same scale Store vectors in file It acts like mean of vectors

Training Complete rounds 20 times Get variation in user s mouse movements Repeat procedure as during enrollment Store 144 vectors in a temporary file Acts like variance of vectors

Training (cont d) Find difference between each training phase data set and corresponding vectors in enrollment Average the differences of each vector Find standard deviation of differences for each vector Store average, standard deviation for each vector difference in a file

Training (cont d) Enrollment Vectors r 0.29552062240545846 8.31403561980209 172.5627504337201 Subtract Training Vectors r 0.313815368652677 8.386129099100515 154.35863930928812 r 0.312876369071465 5.112780770424284 159.4521907242159 r 0.3465478372758716 4.271812610295602 178.0942234512897 Store average, standard deviation of differences

Verification User given login screen Has to move mouse on the screen Speed, deviation, angle calculated 144 vectors from average, standard deviation, maximum, minimum calculated Vectors normalized

Verification (cont d) Find difference of verification vectors with corresponding vectors during enrollment Check if each difference lies in its corresponding range of average- 1.5*standard deviation and average+1.5*standard deviation

Verification (cont d) Count the number of vectors that lie in their defined range for each user Repeat same for training phase data to get range of counters for the user trying to verify If count falls within the range for that user and is the greatest for the user, he is authenticated

Verification(cont d) Enrollment Vectors(vector.txt) r 0.29552062240545846 8.31403561980209 172.5627504337201 - Subtract Verification Vectors (tmpvector.txt) r 0.2821213979661169 3.078898320018175 178.2263299758116 Average, standard deviation (AvSd.txt) r 0.212132278976185 1.2734653494142-2.475399603822249 Check if within range of average+- 1.5*standard deviation For vector 1, range =0.212132278976185+-1.5*1.2734653494142

Passive Authentication Idea to keep eye on user s movements Runs in background Two phases : Enrollment Verification

Enrollment Record mouse movements for 15 minutes Find dense regions on screen Draw convex hulls around dense regions Treat hulls as transition states

Enrollment (cont d) For transitions within same state calculate speed, distribution of points around the center, distance from best fit line, frequency Transition State Best fit line Mouse position Center of hull Center

Enrollment (cont d) For each state calculate average of speed, angular distribution and distance from best fit line Also find standard deviation of speed, angular distribution and distance from best fit line Store data in file

Verification Record movements continuously After every 2 minutes, calculate speed, angular distribution and distance from best fit line Check if they lie in the range for average-1.5*standard deviation to average +1.5*standard deviation for respective parameters

Verification(cont d) If majority of the data points lie within the specified range, keep on continuing Update files

Experiments and Results Performed a number of experiments to find a way to use mouse movements as authentication method Active Authentication Find parameters unique to users Find ways to use the parameters so that users are authenticated

Experiments (cont d) Passive Authentication Find way to record mouse coordinates in background Filter recorded data coordinates Draw bounded regions around dense regions to form transition states Find parameters and a way to use them

Active authentication Find parameters unique to users

Active authentication Ways to use the parameters 1) Check if the sum of square of differences is within a certain threshold 2) Use the lowest sum of square of differences Result: FAR of 40%, FRR of 40% FAR= False Acceptance Rate Forged user, system accepts (fraud rate) FRR= False Rejection Rate Actual user, system rejects (insult rate)

Active authentication 3) Select specific vectors Calculate maximum and minimum sum of square of differences between user s registered and training phase vectors Use lowest sum of square of differences and check if falls within range Result: FRR =12%, FAR=70%

Active authentication 4) Using specific vectors in different ways to get common set of vectors Compute sum of square of differences Check for the lowest sum of square of differences and see if lies in the range of differences

Active authentication Results All parameters Specific parameters Union of specific parameters Intersection of specific parameters FRR 65% 12% 50% 57% FAR 23% 70% 47% 57%

Active authentication 5) Using difference, average, standard deviation for specific vectors Calculate difference between verification and registered vectors Check if they fall within the range of average+-standard deviation Count number of vectors that follow the criterion

Results Active authentication FRR Specific parameters Av+3*sd 40% Specific parameters Av+2*sd 70% FAR 36% 15%

Active authentication 6) Using difference, average, standard deviation for all vectors Count number of vectors for which difference between verification and registered vectors lies between average-1.5*standard deviation to average+1.5*standard Repeat for every user Select one with the highest count

Active authentication 7) For each attempt of training phase, we also found the number of vectors which fall within the defined range Found range of counters for individual users from training phase Each user has his own range During verification, checked if the count of vectors is within the range specified

Active Authentication Using individual ranges. Separate model for everyone Model 1 FAR FRR 1 user 20% 0% 3 users 31.5% 0%

Active authentication Combining individual ranges and comparison with other users Model 2 1 user FAR 5% FRR 20% 3 users 13.1% 25%

100 90 80 70 60 50 40 30 20 10 0 Active authentication For single user Model 1 Model 2 FAR FRR

100 90 80 70 60 50 40 30 20 10 0 Active authentication For 3 users Model 1 Model 2 FAR FRR

Passive authentication 1) Record coordinates in background Used Windows hooks Recorded data for about 4 hours

Passive authentication

Passive authentication 2) Filter data points 1) Delete coordinates just before and after mouse went idle 2) Delete coordinates where the speed was above a threshold Result: Did not make a significant change in the concentration of points

Passive authentication 3) Selecting points around which density of points was above a certain number

Passive authentication 4) Enclose dense regions with a bounded figure Draw a rectangular region around dense regions Result: Couldn t get all the dense regions

Passive authentication

Passive authentication Using gift-wrapping algorithm Result

Passive authentication 5) Find vectors for authentication Checked for transitions between states Limited transitions within same state Recorded speed, angle, distance from best fit line Stored average, standard deviation of three parameters

Results Passive authentication FAR=90% Hopeful it would work if add more parameters to differentiate users

Conclusion Security important in today's world Need security systems that are cheap and easy to use Authentication by mouse movements provides both

Conclusion (cont d) Active authentication has FAR and FRR of 13% and 25 % respectively FAR and FRR increase if users have overlapping regions of similarity Passive authentication can be improved by adding more parameters

Future Work Need to reduce FAR and FRR Can add some more parameters to make it more precise Make improvements in passive authentication

Q&A Demo Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback