A practical real-time authentication system with Identity Tracking based on mouse dynamics

It is relatively easier for an insider attacker to steal the password of a colleague or use an unattended machine (logged in by other users) within a trusted domain to launch an attack. A simple real-time authentication by password may not work if they have the password. A promising direction is to...

Full description

Saved in:
Bibliographic Details
Main Authors: Xiao-jun Chen, Fei Xu, Rui Xu, Yiu, S. M., Jin-qiao Shi
Format: Conference Proceeding
Language:English
Subjects:
Authentication
Biometrics (access control)
Feature extraction
Mice
Real-time systems
Testing
Training
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:It is relatively easier for an insider attacker to steal the password of a colleague or use an unattended machine (logged in by other users) within a trusted domain to launch an attack. A simple real-time authentication by password may not work if they have the password. A promising direction is to consider how a user uses the mouse (referred as mouse dynamics). By comparing the stored mouse behavioral profile of the valid user, the system automatically authenticates the user. However, existing approaches are impractical due to long verification time (several minutes on average). An attack may only take seconds (e.g. copying a file, sending an email). In this abstract, we propose a practical real-time authentication method via mouse dynamics, called PAITS (Practical Authentication with Identity Tracking System). The real-time authentication can be done in only 5 seconds with similar accuracy as existing methods. The novelty of PAITS comes from tracking the behavior of users using "short-lived interventional scenarios" (in which the cursor is out of control, e.g. cursor stops, disappears, or slows down) with 71 carefully chosen attributes as the profile.
DOI:10.1109/INFCOMW.2014.6849185