research-article

Activity Attribute-Based User Behavior Model for Continuous User Authentication

Authors:

Ari Moesriami BarmawiAuthors Info & Claims

ICCNS '22: Proceedings of the 2022 12th International Conference on Communication and Network Security

Pages 69 - 76

https://doi.org/10.1145/3586102.3586113

Published: 24 July 2023 Publication History

Abstract

In general, authentication using a username and password has been used to manage access to the system. This way, it can be arranged so that only authorized people can access a system. However, it does not rule out the possibility of several spoofing attacks. User behavior can be used instead of a password to solve this problem. Given that user behavior is unique, the behavior can be used for the authentication process. One of the authentication processes is to continuously use weblogs, as proposed by Leslie et al. However, the method used by Leslie et al. still has a drawback with the Leslie method. Only the user's role is identified. So, the attacker's identity cannot be known if an attack occurs. A continuous authentication method using weblogs and user attributes such as user id, DateTime, event, category, and products is used to overcome this problem. Using this method, the user's identity can be identified immediately after the role is known. In addition, using the proposed method, the accuracy of user identity authentication obtained is, on average, 95.08%, which means it is greater than the accuracy of user role authentication using the Leslie method, which is 46%.

References

[1]

Altinok and M. Turk. Temporal integration for continuous multimodal biometrics. In Proceedings of the Workshop on Multimodal User Authentication, number 1. Citeseer, 2003.

[2]

I. Deutschmann, P. Nordstr Ãàom, and L. Nilsson. Continuous authentication using behavioral biometrics. IT Professional, 15(4):12-15, 2013.

Digital Library

[3]

P. Eckersley. How unique is your web browser? In International Symposium on Privacy Enhancing Technologies Symposium, pages 1-18. Springer, 2010.

Digital Library

[4]

R. P. Guidorizzi. Security: active authentication. IT professional, 15(4):4-7, 2013.

Digital Library

[5]

H.-B. Kang and M.-H. Ju. Multi-modal feature integration for secure authentication. In International conference on intelligent computing, pages 1191-1200. Springer, 2006.

Digital Library

[6]

P. Lally, C. H. Van Jaarsveld, H. W. Potts, and J. Wardle. How are habits formed: Modelling habit formation in the real world. European journal of social psychology, 40(6):998-1009, 2010.

[7]

L. Milton, B. Robbins, and A. Memon. N-gram-based user behavioral model for continuous user authentication. SECURWARE 2014, page 54, 2014.

[8]

F. Monrose and A. D. Rubin. Keystroke dynamics as a biometric for authentication. Future Generation computer systems, 16(4):351-359, 2000.

[9]

D. Mukhopadhyay and S. Sinha. A new approach to design graph based search engine for multiple domains using different ontologies. In 2008 International Conference on Information Technology, pages 267-272. IEEE, 2008.

Digital Library

[10]

K. Niinuma and A. K. Jain. Continuous user authentication using temporal information. In Biometric technology for human identification VII, volume 7667, pages 201-211. SPIE, 2010.

[11]

K. Niinuma, U. Park, and A. K. Jain. Soft biometric traits for continuous user authentication. IEEE Transactivities on information forensics and security, 5(4):771-780, 2010.

Digital Library

[12]

C. Shen, Z. Cai, and X. Guan. Continuous authentication for mouse dynamics: A pattern-growth approach. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), pages 1-12. IEEE, 2012.

[13]

I. Traore. Continuous Authentication Using Biometrics: Data, Models, and Metrics: Data, Models, and Metrics. Igi Global, 2011.

[14]

Y. Xie, F. Yu, Q. Ke, M. Abadi, E. Gillum, K. Vitaldevaria, J. Walter, J. Huang, and Z. M. Mao. Innocent by association: early recognition of legitimate users. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 353-364, 2012.

Digital Library

[15]

J. Zhu, P. Wu, X. Wang, and J. Zhang. Sensec: Mobile security through passive sens- ing. In 2013 international conference on computing, networking and communications (ICNC), pages 1128-1133. IEEE, 2013.

Cited By

Chen FXin JPhoha V(2024)SSPRA: A Robust Approach to Continuous Authentication Amidst Real-World Adversarial ChallengesIEEE Transactions on Biometrics, Behavior, and Identity Science10.1109/TBIOM.2024.33695906:2(245-260)Online publication date: Apr-2024
https://doi.org/10.1109/TBIOM.2024.3369590

Index Terms

Activity Attribute-Based User Behavior Model for Continuous User Authentication
1. Security and privacy
  1. Software and application security
    1. Web application security

Recommendations

A Three-Factor Based Remote User Authentication Scheme: Strengthening Systematic Security and Personal Privacy for Wireless Communications

Anonymous remote user authentication plays more and more important role in wireless personal communication networks to guarantee systematic security and personal privacy. However, as promising as it is, security and privacy issues have seriously ...
Improved Remote User Authentication Scheme Preserving User Anonymity
CNSR '07: Proceedings of the Fifth Annual Conference on Communication Networks and Services Research

Most of smart card-based remote authentication schemes proposed didn't protect the users' identities while authenticating the users, even though user anonymity is an important issue in many e-commerce applications. In 2004, Das et al. proposed a remote ...
Secure remote user authentication scheme using bilinear pairings
WISTP'07: Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems

In 2006, Das et al. proposed a remote user authentication scheme using the properties of bilinear pairings. The current paper, however, demonstrates that Das et al.'s scheme is still vulnerable to an impersonation attack and an off-line password ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICCNS '22: Proceedings of the 2022 12th International Conference on Communication and Network Security

December 2022

241 pages

ISBN:9781450397520

DOI:10.1145/3586102

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 July 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICCNS 2022

ICCNS 2022: 2022 the 12th International Conference on Communication and Network Security

December 1 - 3, 2022

Beijing, China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
25
Total Downloads

Downloads (Last 12 months)25
Downloads (Last 6 weeks)1

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen FXin JPhoha V(2024)SSPRA: A Robust Approach to Continuous Authentication Amidst Real-World Adversarial ChallengesIEEE Transactions on Biometrics, Behavior, and Identity Science10.1109/TBIOM.2024.33695906:2(245-260)Online publication date: Apr-2024
https://doi.org/10.1109/TBIOM.2024.3369590

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents