KR101860319B1 - Authentication method using user's keyboard and mouse input behavior pattern and storing medium storing authentication program using the method thereof - Google Patents
Authentication method using user's keyboard and mouse input behavior pattern and storing medium storing authentication program using the method thereof Download PDFInfo
- Publication number
- KR101860319B1 KR101860319B1 KR1020160145294A KR20160145294A KR101860319B1 KR 101860319 B1 KR101860319 B1 KR 101860319B1 KR 1020160145294 A KR1020160145294 A KR 1020160145294A KR 20160145294 A KR20160145294 A KR 20160145294A KR 101860319 B1 KR101860319 B1 KR 101860319B1
- Authority
- KR
- South Korea
- Prior art keywords
- mouse
- keyboard
- input
- user
- authentication
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/02—Input arrangements using manually operated switches, e.g. using keyboards or dials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/03—Arrangements for converting the position or the displacement of a member into a coded form
- G06F3/033—Pointing devices displaced or positioned by the user, e.g. mice, trackballs, pens or joysticks; Accessories therefor
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Human Computer Interaction (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
The authentication method using the keyboard and mouse input behavior pattern of the present invention according to the present invention is a method for comparing the reference input action information with the authentication input action information to determine whether the user is the same or not, The distance between the time at which the button is pressed and the time at which the button is pressed, the position of the mouse point, and the moving speed of the mouse are compared to determine whether the user is the same.
Description
The present invention relates to an authentication method using a keyboard and a mouse input behavior pattern of a user and a recording medium on which a program implementing the method is recorded. More specifically, And a recording medium on which a program for implementing the method is recorded.
When a user logs in to a specific computer, various methods such as inputting a password, inputting a pattern, and inputting biometric information are used to authenticate the user.
Patent Document 1 discloses an invention for verifying whether a user is the same by using vein scanning information among biological signals, and Patent Document 2 discloses an invention for verifying whether a user is the same by using fingerprint information of biological signals , Patent Document 3 discloses an invention in which a user is identified by using keystroke dynamics when a user enters a password.
However, since the conventional password input method and pattern input method can be easily authenticated by a third party by imitating the input password, the security is weak. In addition, the security methods described in Patent Documents 1 to 2 have a problem that expensive hardware is required for confirming a living body signal. The security method of Patent Document 3 uses only a keyboard input, so the accuracy is not high.
A problem to be solved by the present invention is to provide a highly secure authentication method when a user logs in to a specific computer, while being simple and low in cost.
One example of an authentication method using a keyboard and a mouse input behavior pattern according to the present invention is an authentication method using a keyboard and a mouse input behavior pattern of a user in a terminal including a controller, a storage unit, a keyboard, and a mouse, A first step of storing input action information input by the user through the keyboard and the mouse as reference input action information in a storage unit by the control unit a predetermined number of times; A second step of, when the user wishes to authenticate, storing the input action information input by the user through the keyboard and mouse as authentication input action information in the storage unit; And a third step of the control unit comparing the reference input action information and the authentication input action information to determine whether the user is the same. When the reference input action information and the authentication input action information are stored in the storage unit, A time interval between a time at which the keyboard is pressed and a time at which the keyboard is pressed, a time at which the mouse button is pressed and a time at which the button is pressed, a position of the mouse point, and a moving speed of the mouse. The distance between the time of pressing the mouse button and the time of pressing, the position of the mouse point, and the moving speed of the mouse are compared with each other to determine whether the user is the same.
In the third step, when it is determined whether the user is the same by comparing the interval between the time of pressing the keyboard and the time of pressing, the interval between the time of pressing the mouse button and the time of pressing, the position of the mouse point, , An average value and a standard deviation of the interval between the keyboard pressing time and the pressing time of the reference input action inputted a predetermined number of times, the interval between the pressing time of the mouse button and the pressing time, the position of the mouse point, It is possible to determine whether the user is the same using the average value and the standard deviation.
When the computer program according to the present invention is installed in a terminal including a control unit, a storage unit, a keyboard, and a mouse, the method may be implemented.
Another example of a user authentication method using a keyboard and a mouse input behavior pattern according to the present invention is a system including a terminal control unit, a keyboard, a terminal including a mouse, a server control unit, and an authentication server including a server storage unit, And a mouse input behavior pattern, the method comprising: a first step of transmitting, by the terminal control unit of the terminal, input activity information input by a user through a keyboard and a mouse to the authentication server a predetermined number of times; A second step in which the server control unit of the authentication server stores the received input action information as reference input action information in a server storage unit; A third step for the terminal control unit of the terminal to transmit the input action information input by the user through the keyboard and the mouse to the authentication server when the user desires authentication; A fourth step of the server control unit of the authentication server storing the received input action information as authentication input action information in the server storage unit; And a fifth step of comparing the reference pattern input and the authentication pattern input by the server control unit to determine whether the user is the same. When storing the reference input action information and the authentication input action information in the server storage unit, Wherein the controller stores the interval between the time and the pressing time, the interval between the time of pressing the mouse button and the time of pressing, the position of the mouse point, and the moving speed of the mouse, The distance between the pressing time and the pressing time of the mouse button, the position of the mouse point, and the moving speed of the mouse are compared to determine whether the user is the same.
In the fifth step, when it is determined whether the user is the same by comparing the interval between the pressing time of the keyboard and the pressing time, the interval between the pressing time of the mouse button and the pressing time, the position of the mouse point, , An average value and a standard deviation of the interval between the keyboard pressing time and the pressing time of the reference input action inputted a predetermined number of times, the interval between the pressing time of the mouse button and the pressing time, the position of the mouse point, It is possible to determine whether the user is the same using the average value and the standard deviation.
Another example of an authentication method using a keyboard and a mouse input behavior pattern according to the present invention is a authentication method using a keyboard and a mouse input behavior pattern of a user in a terminal including a controller, a storage unit, a keyboard, and a mouse, A first step of storing input action information input by a user through a keyboard and a mouse as reference input action information in a storage unit by a predetermined number of times; A second step of, when the user wishes to authenticate, storing the input action information input by the user through the keyboard and mouse as authentication input action information in the storage unit; A third step of comparing the reference input action information and the authentication input action information to determine whether the user is the same; Wherein the keyboard input information, the moving speed of the mouse pointer, the degree of directional change, and the curvature are stored when the reference input action information and the authentication input action information are stored in the storage unit, The moving speed of the mouse pointer, the degree of directional change, and the curvature are compared to determine whether the user is the same.
Another example of a user authentication method using a keyboard and a mouse input behavior pattern according to the present invention is a system including a terminal control unit, a keyboard, a terminal including a mouse, a server control unit, and an authentication server including a server storage unit, And a mouse input behavior pattern, the method comprising: a first step of transmitting, by the terminal control unit of the terminal, input activity information input by a user through a keyboard and a mouse to the authentication server a predetermined number of times; A second step in which the server control unit of the authentication server stores the received input action information as reference input action information in a server storage unit; A third step for the terminal control unit of the terminal to transmit the input action information input by the user through the keyboard and the mouse to the authentication server when the user desires authentication; A fourth step of the server control unit of the authentication server storing the received input action information as authentication input action information in the server storage unit; And a fifth step of comparing the reference pattern input with the authentication pattern input to determine whether the user is the same. When storing the reference input action information and the authentication input action information in the server storage unit, , The moving speed of the mouse pointer, the degree of directional change, and the curvature are stored. In the fifth step, the keyboard input information, the moving speed of the mouse pointer, the directional change degree, and the curvature are compared to determine whether the user is the same .
The present invention provides a highly secure authentication method when the user logs in to a specific computer, while being simple and low-cost.
1 shows an example of a screen for inputting a password using a mouse
2 shows an example of inputting a password by a mouse click
Fig. 3 is a diagram showing the configuration of the first embodiment according to the present invention
4 is a diagram showing the configuration of the second embodiment according to the present invention
5 shows an example of a screen for inputting a character password using a mouse
While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail. It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.
The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise.
BRIEF DESCRIPTION OF THE DRAWINGS The invention will be described in more detail with reference to the accompanying drawings.
In a conventional terminal (terminal computer), when inputting an ID and a password for use authentication, there are cases where the input is performed only by the keyboard. However, in some cases, a password is input through a mouse in order to reduce the risk of hacking.
1 is an example of a screen for inputting a password with a mouse.
If one can select one of the nine numbers in the password input screen, the input screen can be divided into nine areas as shown in FIG. 1, and each area is divided into areas 1, 2 Region 3, region 4, region 5, region 6, region 7, region 8, and region 9.
2 shows an example of inputting a password by a mouse click.
In the conventional authentication method using a mouse input, as shown in FIG. 3, when the user inputs a mouse click, only the information that the user clicks the first area, second area, fifth area and eight area is stored, .
However, in the present invention, an accurate XY coordinate position of a mouse point when a mouse is clicked, an interval between a time of pressing the mouse button and a pressing time are stored together, and the user is authenticated using this information.
The exact XY coordinate position of the mouse point can vary depending on the resolution of the input screen. For example, if you have 200 horizontal and 70 vertical resolutions, the horizontal coordinate (X coordinate) can have a value between 1 and 200, and the vertical coordinate (Y coordinate) can have a value between 1 and 70. have.
Even if the user tries to click the area 1, the XY coordinates of the mouse pointer may be different for each user, and the XY coordinates of the mouse pointer may be different each time the user clicks the mouse.
At this time, the interval between the depression time of the mouse button and the depression time can be stored together. Examples of the value include 0.11 seconds for the mouse button 1, 0.09 seconds for the mouse button 2, 0.08 seconds for the mouse button 5, and 8 0.09 seconds, the time to release the mouse button in area 1 and press the mouse button in area 2 0.99 s, the time to release the mouse button in area 2 and press the mouse button in area 5 0.98 seconds , The time from when the mouse button of the area 5 is released to the time when the mouse button of the area 8 is pressed is 0.97 seconds.
When typing "1258" on the keyboard, you can store the interval between the time you press and the time you press the keyboard in the same way. Examples of these values are: 0.12 seconds for keyboard number 1, 0.08 seconds for keyboard number 2, 0.09 seconds for keyboard number 5, 0.09 seconds for keyboard number 8, and 1 for keyboard number 1 The time until the keyboard number 2 is pressed is 0.99 seconds, the time from when you release the keyboard number 2 to the time you press the keyboard number 5, 0.98 seconds, the time until you release the keyboard number 5 and press the keyboard number 8 Of 0.97 seconds.
The moving speed of the mouse can be known by dividing the moving distance of the mouse point by the moving time.
In the present invention, the same user is authenticated by using a value input by a keyboard and a value input by a mouse, together with a method of inputting an ID with a keyboard and a password with a mouse.
The interval between the pressing time of the keyboard and the pressing time, the interval between the pressing time of the mouse button and the pressing time, the position of the mouse point, and the moving speed of the mouse can be changed each time the user inputs. Therefore, it is desirable to input the reference input action information several times and to store the average value and the standard deviation of the reference input action information. It is preferable that the user inputs the reference input action information about 5 times since the accuracy is lowered when inputting only 1-2 times and the user is inconvenient when inputting 5 times or more.
According to the normal distribution table, the probability that the mean value will be more than 1 times the standard deviation becomes about 16.9%, and the probability that it will be more than twice the standard deviation becomes about 2.3%.
Therefore, if a predetermined multiple is previously set as the reference value and the value differs within the reference value when the user inputs the authentication input action information, the user can be authenticated as the same person. If the predetermined multiple is too large, the risk of authenticating the same person is greater than the same person, and if the predetermined multiple is too small, the risk of judging that the same person is not the same person is increased.
3 is a configuration diagram of the first embodiment according to the present invention.
3 is a configuration diagram of a terminal 100 (for example, a terminal computer such as a desktop PC) used by a user and includes a
In the authentication method of the present invention, when the user inputs the reference input action information and stores the reference input action information as the reference input action information, the user does not input only once, but inputs a predetermined number of times a predetermined number of times. .
The
At this time, the information stored in the
When the user desires authentication, the user inputs input action information through the
When comparing the reference input action information and the authentication input action information, an interval between the time of pressing and pressing the keyboard, the interval between the time of pressing the mouse button and the time of pressing, the position of the mouse point, do.
The method of comparing the positions of the mouse points can be determined based on whether the X and Y coordinates of the mouse pointer of the authentication input action information are within a predetermined range.
For example, the difference between the X coordinate of the mouse pointer of the authentication input action information and the average value of the X coordinate of the mouse pointer of the reference input action information is obtained by multiplying the standard deviation of the X coordinate of the mouse pointer of the reference input action information by a predetermined reference value , It can be judged that it is not the same person.
If the difference between the Y coordinate of the mouse pointer of the authentication input action information and the average value of the Y coordinate of the mouse pointer of the reference input action information is larger than the value obtained by multiplying the standard deviation of the Y coordinate of the mouse pointer of the reference input action information by a predetermined reference value , It can be judged that it is not the same person.
The method of comparing the pressing time of the mouse button can be determined based on whether or not the time of depression of the mouse button of the authentication input action is within a predetermined range.
For example, when a password is set as shown in FIG. 2 and the user inputs a password with the mouse 5 times, the average value and standard deviation of the time of depression of the mouse button when the mouse pointer is in the area 1, Average value and standard deviation of the time of depression of the mouse button when the mouse pointer is in the number field, average and standard deviation of the time of depression of the mouse button when the mouse pointer is in the number 5 area, Can be obtained.
In this case, if the difference between the mouse button press time of the first area of the authentication input action information and the average value of the mouse button press time of the first area of the reference input action information is smaller than the standard deviation of the mouse button press time of the first area of the reference input action information If it is larger than the value obtained by multiplying the reference value, it can be judged that it is not the same person.
If the difference between the mouse button press time of the second area of the authentication input action information and the average value of the mouse button press time of the second area of the reference input action information is smaller than the standard deviation of the mouse button press time of the second area of the reference input action information If it is larger than the value obtained by multiplying the reference value, it can be judged that it is not the same person.
The average value and the standard deviation can be obtained for the interval between the pressing time and the pressing time of the keyboard, the moving speed of the mouse, and the like.
Also, specific values may be weighted when comparing multiple values.
For example, if the standard deviation of a particular value is the smallest as a result of analysis of the reference input behavior information of a particular user, the user tends to input the input value constantly, . That is, it is possible to improve the accuracy of judgment by giving a high weight to a value having a small standard deviation among a plurality of values of the reference input action information to judge whether or not they are the same.
Therefore, the authentication method in the terminal having the configuration diagram of FIG. 3 may include the following steps.
(1) The first step: the control unit stores the input action information input by the user through the keyboard and the mouse as the reference input action information in the storage unit a predetermined number of times
(2) Step 2: when the user wants to authenticate, the control unit stores the input action information inputted by the user through the keyboard and the mouse in the storage unit as the authentication input action information
(3) third step: the control unit compares the reference input action information and the authentication input action information to determine whether the user is the same
When the reference pattern input and the authentication pattern input are stored in the storage unit, the interval between the time of pressing and pressing the keyboard, the interval between the time of pressing the mouse button and the time of pressing, the position of the mouse point, , It is possible to determine whether the user is the same by comparing the interval between the pressing time of the keyboard and the pressing time in the third step, the interval between the pressing time of the mouse button and the pressing time, the position of the mouse point and the moving speed of the mouse .
A distance between the pressing time of the keyboard and the pressing time, an interval between the pressing time of the mouse button and the pressing time, the position of the mouse point, and the moving speed of the mouse are compared to determine whether the user is the same, An average value and a standard deviation of an interval between the keyboard pressing time and the pressing time of the reference inputting action, the interval between the time of pressing the mouse button and the pressing time, the position of the mouse point and the moving speed of the mouse, Can be used to determine whether the user is the same.
In order for the method to be implemented in a terminal (e.g., a terminal computer such as a desktop PC), a computer program implementing the method must be installed in the terminal.
In the configuration diagram of FIG. 3, the authentication process is performed in the terminal, but the authentication may not be performed in the terminal but may be performed in the server (authentication server).
4 is a configuration diagram of a second embodiment according to the present invention.
5, the terminal 200 includes a
The terminal 200 and the
The terminal 200 transmits the input action information input by the user to the
(1) The first step: the terminal control unit of the terminal transmits the input action information input by the user through the keyboard and the mouse to the authentication server a predetermined number of times
(2) the second step: the server control unit of the authentication server stores the received input action information as reference input action information in the server storage unit
(3) Step 3: When the user wants to authenticate, the terminal control unit of the terminal transmits to the authentication server the input action information inputted by the user through the keyboard and the mouse
(4) Step 4: The server control unit of the authentication server stores the received input action information as authentication input action information in the server storage unit
(5) Step 5: The server controller compares the reference pattern input with the authentication pattern input to determine whether the user is the same
When the reference input action information and the authentication input action information are stored in the server storage unit, an interval between the time of pressing the keyboard and the time of pressing the button, an interval between the time of pressing the mouse button and the time of pressing the mouse, In the fifth step, the interval between the pressing time and the pressing time of the keyboard, the interval between the pressing time of the mouse button and the pressing time, the position of the mouse point, and the moving speed of the mouse are compared, It can be judged.
The process of determining whether the mouse input password is identical before comparing the interval between the time of pressing the mouse button and the time of pressing, the position of the mouse point, and the moving speed of the mouse in the user authentication method may naturally be included. For example, when the mouse input password of FIG. 2 is 1258 and the mouse input of the authentication input action information is not 1258, the interval between the time of pressing the mouse button and the pressing time, the position of the mouse point, It is judged that it is not necessary and is not the same person.
In the above embodiment, in addition to comparing keyboard input information, numeric passwords (passwords) are input through a numeric screen as shown in FIG. 2 when comparing mouse input information, but a character password (password) may be input.
5 is an example of a screen for inputting a character password using a mouse.
Also, when comparing the mouse input information, it is possible to compare the moving speed of the mouse pointer, the directional change, the curvature, and the like to determine whether they are the same or not.
When storing the mouse input information, the information can be periodically collected and stored. For example, the position of the mouse pointer can be collected according to a designated frequency (for example, 20 Hz), and a window timer technique can be used in this process. At this time, the collected mouse point positions can be stored in the linked list {LinkedList (Queue)}. Then, the distance from the previous position can be calculated and stored together with the mouse point position at every collection period.
An example of collection storage and initialization is as follows.
(1) Mouse input detection uses hooking technology and window message function.
(2) Detect the click (WM_LBUTTONDOWN) of the mouse and pass the currently stored linked list (LinkedList) together with the click position to the pattern quantization function.
(3) Initialize the linked list (LinkedList).
An example of speed pattern quantification will be described as follows.
(1) LinkedList The average speed of the entire (one click) is obtained.
(2) Define a linked list (LinkedList) as a case.
(3) The time of one case is measured through LinkedList Size / Frequency {Hz} = Time {Time (s)}.
(4) The sum of distances stored in each node of the linked list is calculated.
(5) Calculate the average speed of the case by dividing the sum of the dists by the time.
(6) Using the above method, the standard deviation of maximum, minimum, and speed are used as data.
An example of directional change degree pattern quantification will be described as follows.
(1) Measures a directional change degree of adjacent nodes stored in a linked list.
(2) Directionality is defined as the direction vector of two consecutive nodes (Nodes).
(3) Directional gradient is measured based on the inner product of a defined direction vector.
(4) Using the new list (List) based on (2) and (3), the data of the highest, average, minimum and directional standard deviations are used as data.
An example of accuracy pattern quantification is as follows.
(1) Measure the distance between the center coordinates and the click coordinates of the key value range of the virtual keyboard inputted at the time of clicking (end of one case).
An example of the curvature digitization of the copper wire will be described as follows.
(1) Define the curvature of the copper wire as the distance between the entire copper wire and the first and last coordinates of the mouse.
(2) The sum of the dists (dist) of each node (Node) of the linked list (LinkedList) is calculated.
(3) Calculate the straight line distance between the mouse pointer position of the head node of the linked list and the mouse pointer position of the rear node.
(4) Utilizing the difference between the two calculated values as data.
An example of storing the digitized data will be described as follows.
(1) Digitization data stored at the time of account creation functions to collect and store digitized data.
(2) Each numerical data has an average, error range (positive direction, negative direction).
An example of the comparison of the digitized data will be described as follows.
(1) Digitized data The comparison time is performed in the login function, and the pattern data stored by ID is compared with the data collected in the login process.
(2) It is executed when the existing ID / PW authentication process has passed.
(3) Evaluate whether the collected data in the log-in process falls within the error range of the stored data or out of the error range.
(4) Each numerical data has a weight, which is defined as scoring.
(5) Scoring regards data with small authentication errors as important data, evaluates errors strictly, evaluates data with large authentication errors as less important data, and makes a loose evaluation of errors.
The authentication method of the present invention can be used not only when logging in from a terminal computer but also in various fields. For example, it can be used to enhance the authentication of users in various fields such as Internet banking transactions and PINTECH.
100: terminal
110:
120:
130: keyboard
140: Mouse
200: terminal
210:
220: Keyboard
230: Mouse
240:
300: authentication server
310:
320: server storage unit
330: server communication section
Claims (7)
A first step of storing the input action information input by the user through the keyboard and the mouse as reference input action information in the storage unit by the control unit a predetermined number of times;
A second step of, when the user wishes to authenticate, storing the input action information input by the user through the keyboard and mouse as authentication input action information in the storage unit;
A third step of comparing the reference input action information and the authentication input action information to determine whether the user is the same;
Lt; / RTI >
In the first step, the number of times the user inputs the input action information through the keyboard and the mouse is five,
The keyboard input information, the moving speed of the mouse pointer, the degree of directional change, and the curvature when the reference input action information and the authentication input action information are stored in the storage unit, Speed, directional change degree, and curvature to determine whether the user is the same,
Wherein the keyboard input information includes an interval between a time of pressing the keyboard and a time,
The moving speed of the mouse pointer is a value obtained by dividing the moving distance by the moving time,
The directionality of the directional variability is a direction vector of consecutive nodes,
The curvature is defined as a straight line distance between the first and second coordinates of the entire mouse,
When the keyboard input information and the moving speed of the mouse pointer are compared with each other to determine whether the user is the same, the keyboard input information of the reference input action inputted a predetermined number of times, the average value and the standard deviation of the moving speed of the mouse pointer are obtained, And determining whether the user is the same using the standard deviation and the standard deviation.
A first step in which a terminal control unit of the terminal transmits input activity information input by a user through a keyboard and a mouse to the authentication server a predetermined number of times;
A second step in which the server control unit of the authentication server stores the received input action information as reference input action information in a server storage unit;
A third step for the terminal control unit of the terminal to transmit the input action information input by the user through the keyboard and the mouse to the authentication server when the user desires authentication;
A fourth step of the server control unit of the authentication server storing the received input action information as authentication input action information in the server storage unit;
A fifth step of the server control unit comparing the reference pattern input and the authentication pattern input to determine whether the user is the same;
Lt; / RTI >
The keyboard input information, the moving speed of the mouse pointer, the directional change degree, and the curvature when storing the reference input action information and the authentication input action information in the server storage unit, The moving speed, the directional change degree, and the curvature are compared to judge whether the user is the same or not,
Wherein the keyboard input information includes an interval between a time of pressing the keyboard and a time,
The moving speed of the mouse pointer is a value obtained by dividing the moving distance by the moving time,
The directionality of the directional variability is a direction vector of consecutive nodes,
The curvature is defined as a straight line distance between the first and second coordinates of the entire mouse,
When the keyboard input information and the moving speed of the mouse pointer are compared with each other to determine whether the user is the same, the keyboard input information of the reference input action inputted a predetermined number of times, the average value and the standard deviation of the moving speed of the mouse pointer are obtained, And determining whether the user is the same using the standard deviation and the standard deviation.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160145294A KR101860319B1 (en) | 2016-11-02 | 2016-11-02 | Authentication method using user's keyboard and mouse input behavior pattern and storing medium storing authentication program using the method thereof |
PCT/KR2017/012024 WO2018084503A1 (en) | 2016-11-02 | 2017-10-27 | Verification method using keyboard and mouse input behavior pattern of user, and recording medium recorded with program for implementing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160145294A KR101860319B1 (en) | 2016-11-02 | 2016-11-02 | Authentication method using user's keyboard and mouse input behavior pattern and storing medium storing authentication program using the method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20180048121A KR20180048121A (en) | 2018-05-10 |
KR101860319B1 true KR101860319B1 (en) | 2018-05-23 |
Family
ID=62076195
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160145294A KR101860319B1 (en) | 2016-11-02 | 2016-11-02 | Authentication method using user's keyboard and mouse input behavior pattern and storing medium storing authentication program using the method thereof |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR101860319B1 (en) |
WO (1) | WO2018084503A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102561237B1 (en) * | 2019-05-27 | 2023-07-28 | 이익준 | System for account transfer authentication |
CN111541695A (en) * | 2020-04-24 | 2020-08-14 | 太仓红码软件技术有限公司 | Firewall system based on operation authentication |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101403398B1 (en) * | 2012-12-27 | 2014-06-03 | 한국과학기술원 | User verification apparatus via document reading pattern and method thereof |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100923179B1 (en) * | 2007-08-16 | 2009-10-22 | 재단법인서울대학교산학협력재단 | Method and system for detecting account sharing based on behavior patterns |
KR20110121251A (en) * | 2010-04-30 | 2011-11-07 | 금오공과대학교 산학협력단 | Method and device for authenticating user using user's gesture |
KR101303843B1 (en) * | 2011-07-06 | 2013-09-16 | 브랜든 와이. 김 | Gesture Password System and Method thereof |
KR20150130687A (en) * | 2014-05-14 | 2015-11-24 | 주식회사 지니틱스 | Method for recognizing user gesture using vector-based pattern matching |
-
2016
- 2016-11-02 KR KR1020160145294A patent/KR101860319B1/en active IP Right Grant
-
2017
- 2017-10-27 WO PCT/KR2017/012024 patent/WO2018084503A1/en active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101403398B1 (en) * | 2012-12-27 | 2014-06-03 | 한국과학기술원 | User verification apparatus via document reading pattern and method thereof |
Also Published As
Publication number | Publication date |
---|---|
KR20180048121A (en) | 2018-05-10 |
WO2018084503A1 (en) | 2018-05-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Buschek et al. | Improving accuracy, applicability and usability of keystroke biometrics on mobile touchscreen devices | |
CN105980973B (en) | User authentication gesture | |
US8161530B2 (en) | Behaviormetrics application system for electronic transaction authorization | |
KR100923179B1 (en) | Method and system for detecting account sharing based on behavior patterns | |
US8051468B2 (en) | User authentication system | |
WO2016049983A1 (en) | User keyboard key-pressing behavior mode modeling and analysis system, and identity recognition method thereof | |
Kim et al. | Freely typed keystroke dynamics-based user authentication for mobile devices based on heterogeneous features | |
US20050008148A1 (en) | Mouse performance identification | |
US20080235788A1 (en) | Haptic-based graphical password | |
US20180046792A1 (en) | Identifying one or more users based on typing pattern and/or behavior | |
US20130326604A1 (en) | Rhythm-based authentication | |
US9348510B2 (en) | Comparing users handwriting for detecting and remediating unauthorized shared access | |
CN104778387B (en) | Cross-platform identity authorization system and method based on man-machine interaction behavior | |
CN106778151B (en) | Handwriting-based user identity recognition method and device | |
Mahadi et al. | A survey of machine learning techniques for behavioral-based biometric user authentication | |
KR101860319B1 (en) | Authentication method using user's keyboard and mouse input behavior pattern and storing medium storing authentication program using the method thereof | |
US7706574B1 (en) | Identifying and protecting composed and transmitted messages utilizing keystroke dynamics | |
Alariki et al. | TOUCH GESTURE AUTHENTICATION FRAMEWORK FOR TOUCH SCREEN MOBILE DEVICES. | |
Lee et al. | Vulnerability analysis challenges of the mouse data based on machine learning for image-based user authentication | |
EP2490149A1 (en) | System for verifying user identity via mouse dynamics | |
JP6924770B2 (en) | Dynamic movement tracking infrastructure for spatially divided segments Signature authentication system and method | |
Li et al. | Wrist in motion: A seamless context-aware continuous authentication framework using your clickings and typings | |
Rahman et al. | Movement pattern based authentication for smart mobile devices | |
JP6276890B1 (en) | Signature verification system | |
Dafer et al. | Evaluation of keystroke dynamics authentication systems: Analysis of physical and touch screen keyboards |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |