CN110287664A - A kind of identity identifying method being characterized selection based on multirow - Google Patents
A kind of identity identifying method being characterized selection based on multirow Download PDFInfo
- Publication number
- CN110287664A CN110287664A CN201910585740.9A CN201910585740A CN110287664A CN 110287664 A CN110287664 A CN 110287664A CN 201910585740 A CN201910585740 A CN 201910585740A CN 110287664 A CN110287664 A CN 110287664A
- Authority
- CN
- China
- Prior art keywords
- user
- behavior
- behavioural characteristic
- feature
- template
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
- G06F18/2411—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on the proximity to a decision surface, e.g. support vector machines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Data Mining & Analysis (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Social Psychology (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Evolutionary Computation (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of identity identifying methods that selection is characterized based on multirow, the present invention carries out authentication using a variety of behavioural characteristics (keystroke, mouse, facility information, IP), more appropriate feature and subcharacter are selected, solves the problems, such as legitimate user's identity erroneous judgement when determining identity based on whole behavioural characteristics.This method is realized simple, the advantages of being identified using behavioural characteristic and applicable field, improve fault-tolerance, it reduces uncertain, with high security, complicated hardware device and high accuracy for examination are not needed, the redundancy for overcoming whole behavioural characteristics makes it have wider safety and applicability.
Description
Technical field
The present invention relates to field of information security technology, specially a kind of authentication side that selection is characterized based on multirow
Method.
Background technique
Computer system and computer network is a virtual digital world.In this digital world, all information
Identity information including user all indicates that computer can only identify the digital identity of user with one group of specific data,
The authorization of all couples of users is also the authorization for number identity.And the real world that we live is a true object
The world is managed, everyone is owned by unique physical identity.How to guarantee be exactly with the operator that digital identity is operated
This digital identity lawful owner, that is to say, that guarantee that the physical identity of operator is corresponding with digital identity, just become one
A critically important problem.In real world, a person's identity is mainly determined by three kinds of modes, first is that according to known to people
Information prove identity (what you know), it is assumed that certain information only have someone to know, such as secret signal etc., pass through inquiry
Ask the identity that this information can confirm this people;Second is that proving identity (what you according to the gathered around anything of people
Have), it is assumed that some thing only has someone to have, such as seal etc., by showing this thing it can be identified that people really
Identity;Third is that your identity (who you are) is directly proved according to the unique physical trait of people, such as fingerprint,
Looks, DNA etc..Based on above authentication mode, in conjunction with particular technique, people have invented usemame/password certification, IC card is recognized
The modes such as card, dynamic password authentication, USB Key certification, finger print identifying, iris authentication.But these authentication modes are more or less
There is some problems, such as shared key to be easy leakage, rely on specific hardware, can only carry out one-time authentication, can not continue to protect
Shield etc..But our most traditional identity identify the identification for being namely based on password, and a kind of most weak identification method, are easy
Forget, is easy to be intercepted and captured by wooden horse.Identification based on USBkey, since the problem of carrying is only used in the field of the minority such as bank.Base
In the identification of fingerprint, the iris physiological characteristic collector special due to needs, the cost identified is relatively high, is also only used in few
Number field.
Keyboard, mouse are the most common output equipments of computer, and IP address, physical address, facility information etc. are in certain journey
The basic act of user and contacting for system can be regarded on degree as, a fixed user carries out sign-on access using commonly used equipment and answers
Certain habit is always followed with the behavior of service, it, can be right based on this since the difference of habit can generate different behavioural characteristics
The identity of user authenticates.Compared with currently used identity identifying technology, the authentication tool based on user behavior analysis
It has the advantage that
(1) it is the program on a complete backstage, and the process of entire collection data and verifying does not need user oneself progress
Any operation, it is very friendly to user.
(2) it does not need complicated hardware supported, improves the performance of identification.
(3) its process by safety certification from disposably becoming duration.Password, which is once identified through, to be regarded as closing
Method user, but the safety certification of Behavior-based control analysis is then a verification process lasting for a long time.
(4) it is difficult to be stolen.Except non-violator can perfectly imitate the behavioural habits of owner very much, but this is
Almost without what is punished by law.
But since behavioural characteristic is there are certain fluctuation, there are redundancies for some behavioural characteristics, cause the property of classifier
Can be poor, so that the method for judging identity based on all behavioural characteristics can generate erroneous judgement, authentication performance is poor, and being easy will be legal
User's misjudgement is illegal user.Therefore to become a kind of practical method for judging identity, it is necessary to solve the misjudgement of legitimate user's identity
The problem of.The present invention proposes a kind of new method that can more efficiently solve the problems, such as this.
Summary of the invention
In view of the deficiencies of the prior art, the present invention provides a kind of identity identifying method for being characterized selection based on multirow,
It is used to carry out identity monitoring and authentication to computer user, and accuracy is high, effectively reduces the misjudgement of legitimate user's identity
The problem of.
In order to achieve the above object, the present invention is achieved by the following technical programs: one kind being characterized selection based on multirow
Identity identifying method, include the following steps:
Step 1): new user needs to register before logging in, and keystroke behavior, the keyboard row of user are recorded in registration process
For, IP address, physical address and facility information pre-processed and extracted behavioural characteristic, generate behavioural characteristic template, deposit row
It is characterized in template database;
Step 2): when user logs in, behavioral data is acquired, extracts corelation behaviour in user's current logged-on status and step 1)
Feature is verified compared with behavioural characteristic template using the behavioural characteristic that feature selecting algorithm selects better performances;
Step 3): after user's checking passes through, the behavior of user is monitored, timing acquiring behavioral data, to acquisition
Behavioral data, which extracts, obtains current behavior feature, and current behavior feature and behavioural characteristic template are compared, if verifying is obstructed
It crosses, needs login authentication again;If being verified, current behavior feature is recorded, more as behavioural characteristic template in step 4)
New foundation;
Step 4): the behavioural characteristic legal to the multiple groups recorded in step 3) is best out by corresponding classification algorithm training
Behavioural characteristic template, be deposited into behavioural characteristic template database, regeneration behavior feature templates.
2, the identity identifying method according to claim 1 that selection is characterized based on multirow, it is characterised in that: step
2) the specific scheme is that
1) pretreatment operation is carried out to the behavioral data of acquisition;
2) feature extraction is carried out to the behavioral data after the pretreatment operation of record and obtains the essential characteristic of behavior;
3) corresponding behavioural characteristic template is generated using mRMR algorithm according to the behavioural characteristic of extraction;
4) SVM machine learning algorithm is recycled to carry out whether authentication determination is legitimate user to the behavior of user.
Beneficial effect
Compared with prior art, the present invention has the advantage that
1. carrying out authentication using a variety of behavioural characteristics (keystroke, mouse, facility information, IP), select more appropriate
Feature and subcharacter, solve the problems, such as based on whole behavioural characteristics determine identity when legitimate user's identity erroneous judgement.
2. fault-tolerance is improved in the advantages of this method is realized simply, is identified using behavioural characteristic and applicable field, reduce not
Certainty with high security, does not need complicated hardware device and high accuracy for examination, overcomes the superfluous of whole behavioural characteristics
Yu Xing makes it have wider safety and applicability.
Detailed description of the invention
Fig. 1 is flow diagram of the invention.
Specific embodiment
The present invention is described further with reference to the accompanying drawings and examples.
It is a kind of that the identity identifying method of selection is characterized with techniqueflow as shown in Figure 1, whole process includes based on multirow
Three part subprocess user's registrations, user authentication, data retraining.In the user's registration stage, user designs according to system
Trivial games prompt operation operates keyboard and mouse, this process mainly extracts the keyboard behavior and mouse behavior of user,
Facility information physical address and IP address are obtained by some softwares, and some acquired behaviors as user do not have in registration phase
Have, is to continue for some time to obtain after login system later.This process for collecting data is hiding to user.It is collected into
After behavioral data, data are pre-processed, dispose some unreasonable data and some uncorrelated data.After pretreatment
Behavioral data carry out feature extraction, wherein keystroke behavior includes two subcharacters of time series feature and pressure characteristic;Mouse
Behavior includes mobile, three dragging, click subcharacters;Facility information includes equipment language, firmware model, CPU, screen size etc.
Feature;By the feature of extraction as positive example sample, old user's behavioural characteristic is used to carry out as negative data using SVM algorithm
Learning training obtains the hyperplane separated, is deposited into conduct in behavioural characteristic template library in this, as behavioural characteristic template
The foundation of authentication.In user authentication process, behavioral data is obtained, data prediction feature extraction and registration process are thought together,
Excellent behavioural characteristic is obtained using mRMR (maximal correlation minimal redundancy) algorithm with mutual information measurement again to the feature of extraction,
This behavioural characteristic is calculated again to the distance S of hyperplane, and S, which is positive, is represented as legitimate user, and S, which is negative, is represented as illegal user.When for
When legitimate user, the user of login is monitored, per the certification for carrying out stealth to it at regular intervals, i.e. this process user
Do not know, but if user authentication is that illegal user can verify again user during this.Because of some behavior meetings of people
Some changes occur over time, therefore authenticate successful behavioural characteristic group during this to be used as behavioural characteristic template
The data of update carry out retraining, obtain new behavioural characteristic template.Because old user has used a period of time some behavior meetings
Compare fixation, therefore login time, log out time and key entry frequency etc. all can serve as new feature and account for.
The behavioural characteristic of keystroke includes time series feature and pressure characteristic.Pressure characteristic includes the pressure p and touching of key
The size size of point.If being down by the state of key pressing, the state of release is up, the timestamp of recording status.Pass through the time
The subcharacter of the available 4 time series features of the difference of stamp, is defined as follows:
Down-up: it indicates by the time interval between down key and release key;
Up-down: indicate that a key is discharged into the time interval of next key pressing;
Down-down: the time interval of one key pressing of expression to next key pressing;
Up-up: indicate that a key is discharged into the time interval of next key release;
The behavioural characteristic of mouse includes moving direction, and average movement speed, mouse clicks the time interval of release.Equipment
Information includes equipment language, firmware model, CPU, screen size feature.The acquired behavior feature of old user include login time,
Log out time and key entry frequency.
Feature selecting is carried out using mRMR, if feature is x, then a feature group is m { x1, x2, L, xn, our target
It is to find character subset S from this n feature:
Two stochastic variables x and y are given, their probability density function (corresponding to continuous variable) is p (x), p (y), p
(x, y), then mutual information are as follows:
Maximum correlation:
xiFor ith feature, c is Analog Variable, and S is characterized subset
Minimum redundancy:
Then maximum correlation and minimum redundancy are integrated:
Max Φ (D, R), Φ=D-R
The behavioural characteristic collection that character subset S is better performances is finally obtained, it is special according to the behavior obtained using SVM algorithm
Sign template is compared, and calculates this behavioural characteristic collection to the distance S of hyperplane, and S, which is positive, is represented as legitimate user, and S is negative representative
For illegal user.
Invention is explained in detail in conjunction with specific embodiments above, these not constitute the limitation to invention.
Without departing from the principles of the present invention, those skilled in the art can also make many modification and improvement, these are also answered
It belongs to the scope of protection of the present invention.
Claims (2)
1. a kind of identity identifying method for being characterized selection based on multirow, which comprises the steps of:
Step 1): new user needs to register before logging in, recorded in registration process the keystroke behavior of user, keyboard behavior,
IP address, physical address and facility information are pre-processed and are extracted behavioural characteristic, generate behavioural characteristic template, and deposit behavior is special
It levies in template database;
Step 2): when user logs in, acquiring behavioral data, and it is special to extract corelation behaviour in user's current logged-on status and step 1)
Sign, is verified compared with behavioural characteristic template using the behavioural characteristic that feature selecting algorithm selects better performances;
Step 3): after user's checking passes through, being monitored the behavior of user, timing acquiring behavioral data, the behavior to acquisition
Data, which extract, obtains current behavior feature, and current behavior feature and behavioural characteristic template are compared, if verifying does not pass through, needs
It will login authentication again;If being verified, record current behavior feature, as in step 4) behavioural characteristic template renewal according to
According to;
Step 4): the behavioural characteristic legal to the multiple groups recorded in step 3) goes out best row by corresponding classification algorithm training
It is characterized template, is deposited into behavioural characteristic template database, regeneration behavior feature templates.
2. the identity identifying method according to claim 1 for being characterized selection based on multirow, it is characterised in that: step 2)
The specific scheme is that
1) pretreatment operation is carried out to the behavioral data of acquisition;
2) feature extraction is carried out to the behavioral data after the pretreatment operation of record and obtains the essential characteristic of behavior;
3) corresponding behavioural characteristic template is generated using mRMR algorithm according to the behavioural characteristic of extraction;
4) SVM machine learning algorithm is recycled to carry out whether authentication determination is legitimate user to the behavior of user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910585740.9A CN110287664A (en) | 2019-07-01 | 2019-07-01 | A kind of identity identifying method being characterized selection based on multirow |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910585740.9A CN110287664A (en) | 2019-07-01 | 2019-07-01 | A kind of identity identifying method being characterized selection based on multirow |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110287664A true CN110287664A (en) | 2019-09-27 |
Family
ID=68021511
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910585740.9A Pending CN110287664A (en) | 2019-07-01 | 2019-07-01 | A kind of identity identifying method being characterized selection based on multirow |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110287664A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113157662A (en) * | 2021-02-23 | 2021-07-23 | 北京芯盾时代科技有限公司 | Behavior database construction method and device and readable storage medium |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101833619A (en) * | 2010-04-29 | 2010-09-15 | 西安交通大学 | Method for judging identity based on keyboard-mouse crossed certification |
US20140282964A1 (en) * | 2013-03-15 | 2014-09-18 | Telesign Corporation | System and method for utilizing behavioral characteristics in authentication and fraud prevention |
CN104765453A (en) * | 2015-03-29 | 2015-07-08 | 中国海洋大学 | Built-in three-dimensional accelerometer based identity authentication method of handheld device |
CN104809377A (en) * | 2015-04-29 | 2015-07-29 | 西安交通大学 | Method for monitoring network user identity based on webpage input behavior characteristics |
WO2016045225A1 (en) * | 2014-09-25 | 2016-03-31 | 同济大学 | Password fault tolerance method based on mouse behaviour |
WO2017075913A1 (en) * | 2015-11-05 | 2017-05-11 | 同济大学 | Mouse behaviors based authentication method |
US20170199995A1 (en) * | 2016-01-07 | 2017-07-13 | Electronics And Telecommunications Research Institute | User classification apparatus and method using keystroke pattern based on user posture |
CN109068009A (en) * | 2018-10-26 | 2018-12-21 | 北京交通大学 | The implicit identity identifying method of smart phone based on context detection |
CN109447099A (en) * | 2018-08-28 | 2019-03-08 | 西安理工大学 | A kind of Combining Multiple Classifiers based on PCA dimensionality reduction |
-
2019
- 2019-07-01 CN CN201910585740.9A patent/CN110287664A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101833619A (en) * | 2010-04-29 | 2010-09-15 | 西安交通大学 | Method for judging identity based on keyboard-mouse crossed certification |
US20140282964A1 (en) * | 2013-03-15 | 2014-09-18 | Telesign Corporation | System and method for utilizing behavioral characteristics in authentication and fraud prevention |
WO2016045225A1 (en) * | 2014-09-25 | 2016-03-31 | 同济大学 | Password fault tolerance method based on mouse behaviour |
CN104765453A (en) * | 2015-03-29 | 2015-07-08 | 中国海洋大学 | Built-in three-dimensional accelerometer based identity authentication method of handheld device |
CN104809377A (en) * | 2015-04-29 | 2015-07-29 | 西安交通大学 | Method for monitoring network user identity based on webpage input behavior characteristics |
WO2017075913A1 (en) * | 2015-11-05 | 2017-05-11 | 同济大学 | Mouse behaviors based authentication method |
US20170199995A1 (en) * | 2016-01-07 | 2017-07-13 | Electronics And Telecommunications Research Institute | User classification apparatus and method using keystroke pattern based on user posture |
CN109447099A (en) * | 2018-08-28 | 2019-03-08 | 西安理工大学 | A kind of Combining Multiple Classifiers based on PCA dimensionality reduction |
CN109068009A (en) * | 2018-10-26 | 2018-12-21 | 北京交通大学 | The implicit identity identifying method of smart phone based on context detection |
Non-Patent Citations (3)
Title |
---|
沈超 等: "基于鼠标行为特征的用户身份认证与监控", 《通信学报》 * |
程建峰 等: "基于SVM算法的用户行为认证方法", 《计算机系统应用》 * |
陈功 等: "基于用户鼠标行为的身份认证方法", 《常州大学学报(自然科学版)》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113157662A (en) * | 2021-02-23 | 2021-07-23 | 北京芯盾时代科技有限公司 | Behavior database construction method and device and readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Ryu et al. | Continuous multimodal biometric authentication schemes: a systematic review | |
Matyas et al. | Toward reliable user authentication through biometrics | |
US7864987B2 (en) | Methods and systems for secured access to devices and systems | |
Ross et al. | Handbook of multibiometrics | |
Serwadda et al. | Examining a large keystroke biometrics dataset for statistical-attack openings | |
Matyáš et al. | Biometric authentication—security and usability | |
US20200201443A1 (en) | Three-dimensional in-the-air finger motion based user login framework for gesture interface | |
US20040172562A1 (en) | System and method for identity recognition of an individual for enabling an access to a secured system | |
CN107317682A (en) | A kind of identity identifying method and system | |
Wang et al. | Improving reliability: User authentication on smartphones using keystroke biometrics | |
CN112861082B (en) | Integrated system and method for passive authentication | |
Jain | Biometric recognition: overview and recent advances | |
CN106817342A (en) | Active identity authorization system based on user behavior feature recognition | |
Liu et al. | BioDraw: Reliable multi-factor user authentication with one single finger swipe | |
Matyáš et al. | Biometric authentication systems | |
Shen et al. | A hypo-optimum feature selection strategy for mouse dynamics in continuous identity authentication and monitoring | |
CN110287664A (en) | A kind of identity identifying method being characterized selection based on multirow | |
JPH11253426A (en) | Method and device for verifying biological feature and storage medium | |
Eltahir et al. | Design and evaluation of a pressure-based typing biometric authentication system | |
Fu et al. | Artificial intelligence meets kinesthetic intelligence: Mouse-based user authentication based on hybrid human-machine learning | |
Saini et al. | Authenticating mobile phone user using keystroke dynamics | |
Dafer et al. | Evaluation of keystroke dynamics authentication systems: Analysis of physical and touch screen keyboards | |
CN113496015A (en) | Identity authentication method and device and computer readable storage medium | |
Panasiuk et al. | Influence of database quality on the results of keystroke dynamics algorithms | |
Tait | Behavioural biometrics authentication tested using eyewriter technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190927 |