Fast Continuous User Authentication Using Distance Metric Fusion of Free-Text Keystroke Data

Authentication of a user through an ID and password is generally done at the start of a session. But the continuous authentication system observe the genuineness of the user throughout the entire session, and not at login only. In this paper, we propose the usage of keystroke dynamics as biometric trait for continuous user authentication in desktop platform. Biometric Authentication involves mainly three phases named as enrollment phase, verification phase and identification phase. The identification phase marks the accessed user as an authenticated only if the input pattern matches with the profile pattern otherwise the system is logout. The proposed Continuous User Biometric Authentication (CUBA) System is based on free text input from keyboard. There is no restriction on input data during Enrolment, Verification, and Identification phase. Unsupervised One-class Support Vector Machine is used to classify the authenticated user’s input from all the other inputs. This continuous authentication system can be used in many areas like in Un-proctored online examination systems, Intrusion & Fraud Detection Systems, Areas where user alertness is required for entire period e.g. Controlling Air Traffic etc.

Download Full-text

A Framework for Continuous Authentication Based on Touch Dynamics Biometrics for Mobile Banking Applications

Sensors ◽

10.3390/s21124212 ◽

2021 ◽

Vol 21 (12) ◽

pp. 4212

Author(s):

Priscila Morais Argôlo Bonfim Estrela ◽

Robson de Oliveira Albuquerque ◽

Dino Macedo Amaral ◽

William Ferreira Giozza ◽

Rafael Timóteo de Sousa Júnior

Keyword(s):

User Authentication ◽

Internet Banking ◽

Supervised Machine Learning ◽

Smart Devices ◽

Static Verification ◽

User Behaviors ◽

Legitimate User ◽

Continuous User ◽

Mobile Banking Applications ◽

Effective Layer

As smart devices have become commonly used to access internet banking applications, these devices constitute appealing targets for fraudsters. Impersonation attacks are an essential concern for internet banking providers. Therefore, user authentication countermeasures based on biometrics, whether physiological or behavioral, have been developed, including those based on touch dynamics biometrics. These measures take into account the unique behavior of a person when interacting with touchscreen devices, thus hindering identitification fraud because it is hard to impersonate natural user behaviors. Behavioral biometric measures also balance security and usability because they are important for human interfaces, thus requiring a measurement process that may be transparent to the user. This paper proposes an improvement to Biotouch, a supervised Machine Learning-based framework for continuous user authentication. The contributions of the proposal comprise the utilization of multiple scopes to create more resilient reasoning models and their respective datasets for the improved Biotouch framework. Another contribution highlighted is the testing of these models to evaluate the imposter False Acceptance Error (FAR). This proposal also improves the flow of data and computation within the improved framework. An evaluation of the multiple scope model proposed provides results between 90.68% and 97.05% for the harmonic mean between recall and precision (F1 Score). The percentages of unduly authenticated imposters and errors of legitimate user rejection (Equal Error Rate (EER)) are between 9.85% and 1.88% for static verification, login, user dynamics, and post-login. These results indicate the feasibility of the continuous multiple-scope authentication framework proposed as an effective layer of security for banking applications, eventually operating jointly with conventional measures such as password-based authentication.

Download Full-text