Authentication Using Users’ Mouse Behavior in Uncontrolled Surroundings
Trusted interaction mechanism is very crucial to ensure the online security, but almost all studies of authentication using behavioral biometrics are based on controlled experiment. In order to generalize the authentication, data were continuously gathered from websites. The experimental system, which was designed as websites, can be regarded as an uncontrolled experiment. Eight users used the websites for more than three months. No specific tasks were asked to be finished, so the users could use the websites as their will. The system gathered users’ mouse data automatically, and based on that, mouse behavior models were built. Only left click and movement sequence of mouse events are considered, but error rates are lower than 3.36% in terms of left click and 4.21% in terms of the movement sequence. The results of a case study show that the authentication accuracy using users’ mouse behavior in uncontrolled surroundings is quite high. This research has verified a rapid and general approach to authentic user behavior on the network environment.
KeywordsTrusted interaction mechanism Authentication Uncontrolled surroundings Network environment Mouse behavior
This work was supported by Fundamental Research Funds for the Central Universities NO. 106112016CDJXY110003, 2016.1-2017.12 and the National Natural Science Foundation of China under Grant No. 71671020.
- 1.Multi factor user authentication on multiple devices (2017). https://patents.google.com/patent/US20180097806A1/en. Accessed 26 Apr 2018
- 5.Muthumari, G., Shenbagaraj, R., Pepsi, M.B.B.: Mouse gesture based authentication using machine learning algorithm. In: 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies, pp. 492–496 (2014)Google Scholar
- 6.Zheng, N., Paloski, A., Wang, H.: An efficient user verification system via mouse movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 139–150. ACM, New York (2011). http://doi.acm.org/10.1145/2046707.2046725. Accessed 25 Aug 2017
- 7.Gamboa, H., Fred, A.: A behavioral biometric system based on human-computer interaction, pp. 381–392 (2004). http://adsabs.harvard.edu/abs/2004SPIE.5404..381G. Accessed 25 Aug 2017
- 8.Mondal, S., Bours, P.: Combining keystroke and mouse dynamics for continuous user authentication and identification. In: 2016 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA, pp. 1–8 (2016)Google Scholar
- 10.Gaines, R.S., Lisowski, W., Press, S.J., Shapiro, N.: Authentication by keystroke timing: some preliminary results. Report No. RAND-R-2526-NSF. Rand Corp Santa Monica CA, May 1980. http://www.dtic.mil/docs/citations/ADA484022. Accessed 25 Aug 2017
- 12.Haider, S., Abbas, A., Zaidi, A.K.: A multi-technique approach for user identification through keystroke dynamics. In: 2000 IEEE International Conference on Systems, Man, and Cybernetics, vol. 2, pp. 1336–1341 (2000)Google Scholar
- 14.Monrose, F., Rubin, A.: Authentication via keystroke dynamics. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, CCS 1997, pp. 48–56. ACM, New York (1997). http://doi.acm.org/10.1145/266420.266434. Accessed 25 Aug 2017
- 15.Pusara, M.: An examination of user behavior for user re-authentication (2007). https://search.proquest.com/openview/1bd296a5f59df64c30768646f674eeab/1?pq-origsite=gscholar&cbl=18750&diss=y. Accessed 25 Aug 2017
- 17.Pusara, M., Brodley, C.E.: User re-authentication via mouse movements. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, VizSEC/DMSEC 2004, pp. 1–8. ACM, New York (2004). http://doi.acm.org/10.1145/1029208.1029210. Accessed 26 Apr 2018
- 20.Ahmed, A.A.E., Traore, I.: Anomaly intrusion detection based on biometrics. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 452–453 (2005)Google Scholar