Authentication Using Users’ Mouse Behavior in Uncontrolled Surroundings

  • Fan Mo
  • Shiquan XiongEmail author
  • Shuping Yi
  • Qian Yi
  • Anchuan Zhang
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 924)


Trusted interaction mechanism is very crucial to ensure the online security, but almost all studies of authentication using behavioral biometrics are based on controlled experiment. In order to generalize the authentication, data were continuously gathered from websites. The experimental system, which was designed as websites, can be regarded as an uncontrolled experiment. Eight users used the websites for more than three months. No specific tasks were asked to be finished, so the users could use the websites as their will. The system gathered users’ mouse data automatically, and based on that, mouse behavior models were built. Only left click and movement sequence of mouse events are considered, but error rates are lower than 3.36% in terms of left click and 4.21% in terms of the movement sequence. The results of a case study show that the authentication accuracy using users’ mouse behavior in uncontrolled surroundings is quite high. This research has verified a rapid and general approach to authentic user behavior on the network environment.


Trusted interaction mechanism Authentication Uncontrolled surroundings Network environment Mouse behavior 



This work was supported by Fundamental Research Funds for the Central Universities NO. 106112016CDJXY110003, 2016.1-2017.12 and the National Natural Science Foundation of China under Grant No. 71671020.


  1. 1.
    Multi factor user authentication on multiple devices (2017). Accessed 26 Apr 2018
  2. 2.
    Joyce, R., Gupta, G.: Identity authentication based on keystroke latencies. Commun. ACM 33(2), 168–176 (1990)CrossRefGoogle Scholar
  3. 3.
    Monrose, F., Rubin, A.D.: Keystroke dynamics as a biometric for authentication. Future Gener. Comput Syst. 16(4), 351–359 (2000)CrossRefGoogle Scholar
  4. 4.
    Ahmed, A.A.E., Traore, I.: A new biometric technology based on mouse dynamics. IEEE Trans. Dependable Secur. Comput. 4(3), 165–179 (2007)CrossRefGoogle Scholar
  5. 5.
    Muthumari, G., Shenbagaraj, R., Pepsi, M.B.B.: Mouse gesture based authentication using machine learning algorithm. In: 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies, pp. 492–496 (2014)Google Scholar
  6. 6.
    Zheng, N., Paloski, A., Wang, H.: An efficient user verification system via mouse movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 139–150. ACM, New York (2011). Accessed 25 Aug 2017
  7. 7.
    Gamboa, H., Fred, A.: A behavioral biometric system based on human-computer interaction, pp. 381–392 (2004). Accessed 25 Aug 2017
  8. 8.
    Mondal, S., Bours, P.: Combining keystroke and mouse dynamics for continuous user authentication and identification. In: 2016 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA, pp. 1–8 (2016)Google Scholar
  9. 9.
    Park, J., Han, S.H., Kim, H.K., Moon, H., Park, J.: Developing and verifying a questionnaire for evaluating user value of a mobile device. Hum. Factors Ergon. Manuf. Serv. Ind. 25(6), 724–739 (2015)CrossRefGoogle Scholar
  10. 10.
    Gaines, R.S., Lisowski, W., Press, S.J., Shapiro, N.: Authentication by keystroke timing: some preliminary results. Report No. RAND-R-2526-NSF. Rand Corp Santa Monica CA, May 1980. Accessed 25 Aug 2017
  11. 11.
    Brown, M., Rogers, S.J.: User identification via keystroke characteristics of typed names using neural networks. Int. J. Man-Mach. Stud. 39(6), 999–1014 (1993)CrossRefGoogle Scholar
  12. 12.
    Haider, S., Abbas, A., Zaidi, A.K.: A multi-technique approach for user identification through keystroke dynamics. In: 2000 IEEE International Conference on Systems, Man, and Cybernetics, vol. 2, pp. 1336–1341 (2000)Google Scholar
  13. 13.
    Han, S.J., Kim, S.-U.: Placement of a touchpad and click-buttons to relieve arm fatigue and discomfort in a laptop PC. Hum. Factors Ergon. Manuf. Serv. Ind. 27(3), 131–137 (2017)CrossRefGoogle Scholar
  14. 14.
    Monrose, F., Rubin, A.: Authentication via keystroke dynamics. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, CCS 1997, pp. 48–56. ACM, New York (1997). Accessed 25 Aug 2017
  15. 15.
    Pusara, M.: An examination of user behavior for user re-authentication (2007). Accessed 25 Aug 2017
  16. 16.
    Bergadano, F., Gunetti, D., Picardi, C.: User authentication through keystroke dynamics. ACM Trans. Inf. Syst. Secur. 5(4), 367–397 (2002)CrossRefGoogle Scholar
  17. 17.
    Pusara, M., Brodley, C.E.: User re-authentication via mouse movements. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, VizSEC/DMSEC 2004, pp. 1–8. ACM, New York (2004). Accessed 26 Apr 2018
  18. 18.
    Everitt, R.A.J., McOwan, P.W.: Java-based internet biometric authentication system. IEEE Trans. Pattern Anal. Mach. Intell. 25(9), 1166–1172 (2003)CrossRefGoogle Scholar
  19. 19.
    Shen, C., Cai, Z., Guan, X., Du, Y., Maxion, R.A.: User authentication through mouse dynamics. IEEE Trans. Inf. Foren. Secur. 8(1), 16–30 (2013)CrossRefGoogle Scholar
  20. 20.
    Ahmed, A.A.E., Traore, I.: Anomaly intrusion detection based on biometrics. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 452–453 (2005)Google Scholar
  21. 21.
    Bailey, K.O., Okolica, J.S., Peterson, G.L.: User identification and authentication using multi-modal behavioral biometrics. Comput. Secur. 43, 77–89 (2014)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  • Fan Mo
    • 1
  • Shiquan Xiong
    • 1
    Email author
  • Shuping Yi
    • 1
  • Qian Yi
    • 1
  • Anchuan Zhang
    • 1
  1. 1.Department of Industrial EngineeringChongqing UniversityChongqingPeople’s Republic of China

Personalised recommendations