共查询到20条相似文献,搜索用时 0 毫秒
1.
针对基于统计学用户击键模式识别算法识别率较低的不足,提出了一种统计学三分类主机用户身份认证算法。该方法通过对当前注册用户的击键特征与由训练样本得到的标准击键特征进行比较,将当前注册用户划分为合法用户类、怀疑类与入侵类三类,对怀疑类采用二次识别机制。 采用动态判别域值,引入了与系统安全性和友好性相关的可控参量k,由系统管理员根据实际确定。并对该算法性能进行了理论分析与实验测试,结果表明该算法在保持贝叶斯统计算法需要训练样本集规模较小、算法收敛速度快优点的基础上,识别精度高于贝叶斯统计算法,错误拒绝率(FRR)和错误通过率(FAR)分别为1.6%和1.5%。 相似文献
2.
Keystroke dynamics is a behavioural biometric deployed as a software based method for the authentication and/or identification
of a user requesting access to a secured computing facility. It relies on how a user types on the input device (here assumed
to be a PC keyboard)-and makes the explicit assumption that there are typing characteristics that are unique to each individual.
If these unique characteristics can be extracted-then they can be used, in conjunction with the login details to enhance the
level of access security-over and above the possession of the login details alone. Most unique characteristics involve the
extraction of keypress durations and multi-key latencies. These characteristics are extracted during an enrollment phase,
where a user is requested to login into the computer system repeatedly. The unique characteristics then form a string of some
length, proportional to the enrollment character content times the number of attributes extracted. In this study, the deployment
of classical string matching features prevalent in the bioinformatics literature such as position specific scoring matrices
(motifs) and multiple sequence alignments to provide a novel approach to user verification and identification within the context
of keystroke dynamics based biometrics. This study provides quantitative information regarding the values of parameters such
as attribute acceptance thresholds, the number of accepted attributes, and the effect of contiguity. In addition, this study
examined the use of keystroke dynamics as a tool for user identification. The results in this study yield virtually 100% user
authentication and identification within a single framework.
Recommended by Guest Editor Phill Kyu Rhee. The author would like to thank the students at the Polish Japanese Institute of
Information Technology, in Warsaw, Poland for participating in this study.
Kenneth Revett received his Ph.D. degree in Neuroscience from the University of Maryland, College Park in 1999. His research interests include
behavioural biometrics and computational modelling. He is author of the text Behavioral Biometrics: A Remote Access Approach,
holds a UK patent in keystroke dynamics, and has published over 40 papers in the field. 相似文献
3.
用户击键行为作为一种生物特征,具有采集成本低、安全性高的特点。然而,现有的研究方法和实验环境都是基于实验室数据,并不适用于极度不平衡的真实数据。比如,在实验室数据上效果出色的分类算法在真实数据上却无法应用。针对此问题,提出了基于真实击键行为数据的用户识别算法。该方法将聚类算法和距离算法结合起来,通过比较新来的击键行为和历史击键行为相似度以实现用户识别。实验结果表明,该算法在100名用户的3015条真实击键记录组成的数据集上准确率达到88.22%,在投入实际应用后,随着样本集的增大算法的准确率还可以进一步提升。 相似文献
4.
5.
Pilsung Kang Author Vitae Author Vitae 《Pattern recognition》2009,42(11):3115-3127
The purpose of novelty detection is to detect (novel) patterns that are not generated by the identical distribution of the normal class. A distance-based novelty detector classifies a new data pattern as “novel” if its distance from “normal” patterns is large. It is intuitive, easy to implement, and fits naturally with incremental learning. Its performance is limited, however, because it relies only on distance. In this paper, we propose considering topological relations as well. We compare our proposed method with 13 other novelty detectors based on 21 benchmark data sets from two sources. We then apply our method to a real-world application in which incremental learning is necessary: keystroke dynamics-based user authentication. The experimental results are promising. Not only does our method improve the performance of distance-based novelty detectors, but it also outperforms the other non-distance-based algorithms. Our method also allows efficient model updates. 相似文献
6.
7.
Biometric-based approaches, including keystroke dynamics on keyboards, mice, and mobile devices, have incorporated machine learning algorithms to learn users’ typing behavior for authentication systems. Among the machine learning algorithms, one-class naïve Bayes (ONENB) has been shown to be effective when it is applied to anomaly tests; however, there have been few studies on applying the ONENB algorithm to keystroke dynamics-based authentication. We applied the ONENB algorithm to calculate the likelihood of attributes in keystroke dynamics data. Additionally, we propose the speed inspection in typing skills (SITS) algorithm designed from the observation that every person has a different typing speed on specific keys. These specific characteristics, also known as the keystroke’s index order, can be used as essential patterns for authentication systems to distinguish between a genuine user and imposter. To further evaluate the effectiveness of the SITS algorithm and examine the quality of each attribute type (e.g., dwell time and flight time), we investigated the influence of attribute types on the keystroke’s index order. From the experimental results of the proposed algorithms and their combination, we observed that the shortest/longest time attributes and separation of the attributes are useful for enhancing the performance of the proposed algorithms. 相似文献
8.
受硬件、环境、情绪等因素影响,用户的击键行为呈现多样性。单模板的单一击键中心和容忍半径只能描述用户的基本行为模式,而在实际情况中,用户行为模式多样,单模板方法检测范围有限。多模板联合决策更新方法利用多个模板检测结果,共同决策认证用户行为的合法性;同时调整模板的决策权重,用更接近用户中心的行为模板来替换检测结论较差的模板,优化模板集的构成。该方法比起普通的多模板检测方法,能够降低检测的错误率。 相似文献
9.
基于击键韵律的身份认证模型设计与实现 总被引:1,自引:0,他引:1
击键韵律是以人的行为特征为基础的身份认证技术.对PR-RP算法模型进行分析,参照PR-RP模型中四个关键的数据集,重新构建P-P时延数据集和R-R时延数据集,并且只选取密码的击键特征进行处理.然后建立特征模板,并在此模型的基础上对特征模板进行实时更新,保证特征模板中数据为用户的最新特征,来达到提高认证的识别率.实验结果表明,该方法能取得较好的认证效果. 相似文献
10.
在击键动态身份认证系统中,样本采集和模板建立直接影响系统性能。目前单模板击键认证系统存在无法使错误接受率和错误拒绝率都降低到可接受范围内的不足。为此将多模板思想引入击键认证过程中,在提出最大认证概率算法和最小认证概率算法后,提出均衡概率多模板选择算法,将两种错误率都控制在合理范围内。通过实验同GMMS算法进行对比,并研究了模板数和模板样本数对认证结果的影响,最后与单模板认证系统进行了比较分析。 相似文献
11.
针对无线传感器网络中外部用户直接访问内部传感器节点的安全威胁,提出了一种基于双要素用户认证方案的简单会话机制.该机制通过智能卡和密码两种因素来验证用户的有效性,并根据可供管理员配置的时间间隔来确定用户在会话中的状态,进而根据用户状态来限制其可用操作.该机制有效地缓解了用户认证单次有效的通信压力,且避免了用户认证长期有效的安全风险,同时它也为外部用户查询无线传感器内部节点的应用层增加了可实现性. 相似文献
12.
Seong-seob Hwang Hyoung-joo Lee Sungzoon Cho 《Expert systems with applications》2009,36(7):10649-10656
Keystroke dynamics-based authentication (KDA) is to verify a user’s identity using not only the password but also keystroke dynamics. With a small number of patterns available, data quality is of great importance in KDA applications. Recently, the authors have proposed to employ artificial rhythms and tempo cues to improve data quality: consistency and uniqueness of typing patterns. This paper examines whether improvement in uniqueness and consistency translates into improvement in authentication performance in real-world applications. In particular, we build various novelty detectors using typing patterns based on various strategies in which artificial rhythms and/or tempo cues are implemented. We show that artificial rhythms and tempo cues improve authentication accuracies and that they can be applicable in practical authentication systems. 相似文献
13.
User authentication via keystroke dynamics based on difference subspace and slope correlation degree
User authentication via keystroke dynamics remains a challenging problem due to the fact that keystroke dynamics pattern cannot be maintained stable over time. This paper describes a novel keystroke dynamics-based user authentication approach. The proposed approach consists of two stages, a training stage and an authentication stage. In the training stage, a set of orthogonal bases and a common feature vector are periodically generated from keystroke features of a legitimate user?s several recent successful authentications. In the authentication stage, the current keystroke feature vector is projected onto the set of orthogonal bases, and the distortion of the feature vector between its projection is obtained. User authentication is implemented by comparing the slope correlation degree of the distortion between the common feature vector with a threshold determined periodically using the recent impostor patterns. Theoretical and experimental results show that the proposed method presents high tolerance to instability of user keystroke patterns and yields better performance in terms of false acceptance rate (FAR) and false rejection rate (FRR) compared with some recent methods. 相似文献
14.
击键特征是一种能反映用户行为的动态特征,可作为用户身份识别的信息源。传统的认证方法通常仅采用击键特征向量中所包含的每个特征值的大小来进行身份识别,而没有利用任意两个相邻特征值之间的变化率,在一些情况下,可能导致识别准确度不理想。针对上述问题,定义了一种新颖的击键特征曲线差异度的概念,并由此提出基于击键特征曲线差异度的认证算法。该认证算法不仅利用了常规的击键特征信息,还首次引入了任意两个相邻特征值之间的变化率信息,使算法性能得到显著提高。实验结果表明,相比于曼哈顿距离算法、统计学算法、神经网络算法和机器学习算法,新算法的错误拒绝率、错误接受率和相等错误率更低,识别准确度更高,效果更好。 相似文献
15.
16.
Tzung-Her Chen 《Computers & Electrical Engineering》2008,34(1):53-62
Recently, Peyravian and Zunic proposed the remote password authentication schemes only based on the collision-resistant hash function. The schemes are, therefore, easy to implement and simple to use. The attractive properties cause a series of discussion. Several security flaws are found and remedied. Unfortunately, most of the remedies either are insecure or violate the original advantages because of involving public-key cryptosystems or modular exponential operations. Hence, it is still a challenge to design a secure scheme abiding by the beneficial assumption of the Peyravian-Zunic schemes. The proposed scheme not only keeps the original advantages (user friendness and computational cheapness) but also highlights certain of valuable features, such as (1) mutual authentication (higher security level), (2) server’s ignorance of users’ passwords (further security guaranee to users, specially for financial services), (3) immunity from maintaining security-sensitive table (maintaining burden reduction to servers), and so forth. 相似文献
17.
《Knowledge》2007,20(2):120-126
The naive Bayes classifier continues to be a popular learning algorithm for data mining applications due to its simplicity and linear run-time. Many enhancements to the basic algorithm have been proposed to help mitigate its primary weakness – the assumption that attributes are independent given the class. All of them improve the performance of naive Bayes at the expense (to a greater or lesser degree) of execution time and/or simplicity of the final model. In this paper we present a simple filter method for setting attribute weights for use with naive Bayes. Experimental results show that naive Bayes with attribute weights rarely degrades the quality of the model compared to standard naive Bayes and, in many cases, improves it dramatically. The main advantages of this method compared to other approaches for improving naive Bayes is its run-time complexity and the fact that it maintains the simplicity of the final model. 相似文献
18.
This paper presents the study to develop and evaluate techniques to authenticate valid users, using the keystroke dynamics of a user's PIN number entry on a numerical keypad, with force sensing resistors. Added with two conventional parameter lists of elements, i.e. digraph latency times and key hold times, keying force was chosen as a third element. Two experiments were conducted. The first experiment was to evaluate whether the three types of elements derived from keystrokes have a significant effect for subjects and to examine how trials and session effects generated the variation of the three elements. The second experiment was to demonstrate the system performance by calculating the False Rejection Rate (FRR) and the False Acceptance Rate (FAR) of the system. In the second experiment, a total of 20 keystrokes were recorded from each subject one week after the memorizing session, in order to evaluate the FRR of the system. To evaluate the FAR of the system, the subjects pretended to be impostors, and therefore they repeatedly watched videotaped pass trials made by a valid user as many times as they desired, and tried to imitate the keystroke dynamics of the valid users. The subject's keystrokes were then evaluated on whether they could fool the system. The first experiment, ANOVA revealed that a significant effect of subject was found on each of all three elements. Trial was not significantly affected to digraph latency times and peak force; however, it was significantly affected to key hold times. There was a trend that keystroke dynamics characterized by each element showed reformation of their patterns and reached a steady state over the 10 weeks of experimental sessions. The results of the second experiment showed the average equal error rate to be 2.4%. The results of system performance were compared with those of other studies and concluded that it was difficult to obtain enough information to behave as a perfect impostor by monitoring the videotaped keystrokes. 相似文献
19.
Since the number of server providing the facilities for the user is usually more than one, the authentication protocols for multi-server environment are required for practical applications. Most of password authentication schemes for multi-server environment are based on static ID, so the adversary can use this information to trace and identify the user's requests. It is unfavorable to be applied to special applications, such as e-commerce. In this paper, we develop a secure dynamic ID based remote user authentication scheme to achieve user's anonymity. The proposed scheme only uses hashing functions to implement a robust authentication scheme for the multi-server environment. It provides a secure method to update password without the help of third trusted party. The proposed scheme does not only satisfy all requirements for multi-server environment but also achieve efficient computation. Besides, our scheme provides complete functionality to suit with the real applications. 相似文献