KR101960060B1 - Method and apparatus for user authentication - Google Patents

Abstract

A user authentication method of a user terminal accessing a web server, the method comprising: when a user terminal accesses the web server for service use, a keystroke pattern information collection module installed to operate on a web page provided, Collecting log information including a keyup for inputting an ID and a password, a timestamp corresponding to a keydown event, an attribute value of a keycode, and a key on a login screen on the UI, and transmitting the collected log information to a keystroke pattern extracting unit of the web server; Extracting keystroke pattern information from the log information in the keystroke pattern information extracting unit; Generating a keystroke pattern characteristic value from the keystroke pattern information; Calculating a matching ratio by comparing the keystroke characteristic values with a common keystroke pattern per user stored in the keystroke database; And a user authentication judging step of judging whether the user is a person by the matching ratio; A user authentication method is provided.

Description

[0001] METHOD AND APPARATUS FOR USER AUTHENTICATION [0002]

The present invention relates to a user authentication method and apparatus for a terminal connected to a web server.

The importance and value of identifying and authenticating users in the Internet environment targeting an unspecified majority are increasing.

Web site operators need to know the characteristics of the users visiting the website and the patterns of access in order to block the access of malicious black accesses on the network.

Conventionally, a web site operator has used a method of connecting a terminal identification agent program such as ActiveX to a user terminal in order to identify the access IP of such an access terminal.

Such terminal identification agent programs may be vulnerable to security because it has a function of temporarily releasing the security of the PC in order to plant a specific function in the user's PC and may be vulnerable to the main infection of the zombie PC malicious code such as distributed denial of service It is evaluated as easy to use as a route.

Conventionally, in order to receive a service from a web site, a user has unintentionally installed a terminal identification agent requested by a web site provider. However, as a security policy for preventing personal information from leaking from a user terminal has been strengthened, It is gradually being rejected or reluctant to install the agent for a while.

Also, in the service providing system, in order to identify a user and provide a service, a user authentication process is performed to verify whether the user is a true user by verifying authentication information mediated by an ID and a password.

This user authentication process is performed by comparing the ID and the password inputted by the user with the ID and the password registered in the database of the authentication system. However, this method has a problem in security because ID and password are easily misused by users or information is leaked by artificial hacking of hackers.

In order to solve this problem, a method of extracting a behavior pattern of a user based on a user's keystroke input through an input means such as a keyboard or a keypad and using the extracted behavior pattern for user authentication has been proposed. In this method, when a user inputs authentication information such as his / her ID and a password through a keyboard or a keypad, he / she acquires pattern data for pressing each key input unit provided on the keyboard or keypad and uses the pattern data for user authentication. The keystroke pattern in which the user enters his or her authentication information is due to the fact that it reflects the unique behavior of the user.

In order to perform user authentication based on the keystrokes, a keystroke module agent is installed in a user terminal to extract a keyboard input pattern or a sensor capable of sensing a pressure according to a keyboard input to extract a keyboard pattern Technologies are being studied.

However, there is a tendency to avoid an installation environment of an agent for authentication depending on a user, and a service providing operator needs a method of identifying and authenticating a user without using the agent program for user identification.

In addition, if a malicious user breaks into a service provider's network and spreads viruses to damage the system or leak personal information, the problem such as damage that may be caused by the malicious user becomes serious, It is also difficult to track who made the connection.

Therefore, a web site operator needs to accurately authenticate a user, and a method is also needed to identify and manage connected terminals without using an agent program for terminal identification.

A technique for installing a keystroke extraction module corresponding to the background art of the present invention in a terminal and authenticating a user using the keystroke extraction module is disclosed in Korean Patent Registration No. KR 10-0847532 B1.

Korean Patent Registration No. 10-0847532 (user terminal and authentication device used for user authentication using behavior pattern information of user)

In the present invention, when a user inputs authentication information through a user terminal to access a service providing server to receive a service, the service providing server extracts keyboard input pattern information from the authentication information in real time in the service providing server, And to provide an apparatus and method for efficiently authenticating a user.

Yet another object of the present invention is to provide a service providing server which extracts keyboard input pattern information from the authentication information in real time on a service providing server when a user inputs authentication information through a user terminal to receive a service, If the matching ratio is equal to or less than the authentication success area, the user terminal is additionally authenticated using only the access information without installing the separate terminal identification agent in the user terminal, And to provide a user authentication device and method that can accurately authenticate the user.

It is still another object of the present invention to provide a service providing server, in which when a user inputs authentication information through a user terminal and accesses a service providing server, a module for extracting a keyboard input pattern is not installed in the user terminal, And an apparatus and method for authenticating a user by extracting keyboard input pattern information from the information.

According to an aspect of the present invention, there is provided a method of authenticating a user terminal of a user terminal accessing the web server in a user authentication apparatus including a web server and a user authentication server, A keystroke pattern information collection module installed to operate in a provided web page displays a keyup for inputting an ID and a password on a login screen on a user interface (UI) of the web page, a timestamp corresponding to a keydown event, a keycode, And transmitting the collected log information to the keystroke pattern extracting unit of the web server; A keystroke pattern information extracting step of extracting keystroke pattern information from the log information in the keystroke pattern information extracting step; A keystroke pattern characteristic generation step of receiving the keystroke pattern information from the user authentication server and generating a keystroke pattern characteristic value from the keystroke pattern information; Calculating a matching ratio by comparing the keystroke characteristic values with a common keystroke pattern for each user stored in the keystroke database; And a user authentication determination step of determining whether the user is the user by the matching ratio in the user authentication server; Wherein the user authentication authentication region is divided into a user authentication success region, a user authentication hold region and a user authentication failure region according to the matching ratio, and in the user authentication success region, Providing a service according to a result of additionally performing a terminal verification method for providing a log failure screen in the authentication failure area and verifying whether the terminal is the user terminal of the connected terminal in the authentication suspension area A user authentication method is provided.

In addition, the matching ratio is a ratio of the number of keystroke characteristic values of the user requiring authentication to the number of keystroke common patterns equally satisfied in comparison with the keystroke common pattern.

The keystroke pattern information collection module may further include: setting a key for extracting from a login screen on the user interface; Storing log information on keyup and keydown events according to a key input on a user interface of the web page in userInputs of the web page; And transmitting the stored log information to the keystroke pattern extracting unit according to a login completion signal; And the program is programmed to include:

The keystroke common pattern for each user may include a keystroke pattern information collection module generation step for collecting log information about keystroke data inputted when an authenticated user accesses the web server and inputs an ID and a password ; The keystroke pattern information collection module transmits log information including timestamp, keycode, and key attribute values to the keystroke pattern extraction unit according to the input of the authenticated user's id and password; Extracting keystroke pattern information from the log information of the authenticated user by the keystroke pattern information extracting unit; From the keystroke pattern characteristic of the authenticated user, a keystroke pattern characteristic for generating a first characteristic value for the input duration and a second characteristic value for the input interval time between the key codes, step; And generating a second characteristic contrast value pattern in which a first characteristic contrast value pattern for each input key duration is compared with an input interval time between the respective key codes, And generates a common keystroke common pattern.

The matching authentication ratio is greater than or equal to 93%, and the matching ratio is greater than or equal to 66%. In the authentication failure region, the matching ratio is greater than or equal to 66% Of the total area.

The user authentication server further includes a terminal verification unit, wherein the terminal verification method comprises: collecting browser information from the user terminal when the user terminal attempts to access the web server; The terminal verification unit combining the collected browser information to generate a verification key; Wherein the verification key includes all information about the browser language of the connected user terminal, the screen color depth, the screen width size, the screen portrait size, the time zone offset of the used system, the local storage support of the browser, and the browser platform type The hash value is combined with a Sha25 function, which is a Secure Hash Algorithm, to generate a hash value, and if it is determined that the first user terminal is connected for the first time, Generating a unique terminal identification key; The terminal verification unit combining the terminal identification key and the verification key to generate a unique integrated identification key unique to the user terminal; And inserting the integrated identification key into the local area of the user terminal; Wherein the local area is a region including Cookie, Local Storage, Flash Persistent Storage (LSO) and WebSQL of the user terminal, IP information for the user terminal, the integrated identification key, the terminal identification key, And storing the browser information in a verification DB. When a user terminal that requires verification of the user terminal is reconnected to the web server, the terminal verification unit receives the integrated identification key and the user identification information from the user terminal, Extracts the browser information, compares the extracted information with the IP information stored in the verification DB, the integrated identification key, the terminal identification key, and the verification key, and verifies the same with the user terminal stored in the verification DB .

According to another aspect of the present invention, there is provided a user authentication apparatus including a web server and a user authentication server, the web server comprising: a web page unit for providing a web page to a user terminal to be connected; From a keystroke pattern information collection module for collecting log information including a keyup for input of an ID and a password, a timestamp corresponding to a keydown event, and an attribute value of a keycode and a key on a login screen on the user interface (UI) A keystroke pattern information extracting unit for extracting keystroke pattern information by receiving log information; And a service providing unit for providing a service to a user according to a user authentication result in the user authentication server; Wherein the user authentication server includes a keystroke authentication unit and a terminal verification unit, and the keystroke authentication unit includes a keystroke pattern extracting unit for extracting a keystroke characteristic value from the keystroke pattern information extracted by the keystroke pattern information extracting unit, A characteristic generating unit; A user-specific keystroke cavity pattern learning unit for generating and learning a common pattern value from characteristic values of keystrokes per user generated by the keystroke characteristic generation unit; A matching ratio determination unit for comparing a characteristic value of a key stroke for authentication generated in the key stroke characteristic generation unit with a common pattern value learned in the user-specific key stroke common pattern learning unit; The matching ratio judging unit compares the matching ratio with a set value to determine whether the user is requesting a service, and whether the terminal is verified by the terminal verifying unit. A user authentication unit for determining authentication with respect to providing; And a keystroke database unit for storing and managing the keystroke pattern information, the characteristic values of the keystrokes per user and the common patterns for each user. Wherein the user authentication unit classifies the user authentication success region, the authentication authentication hold region, and the authentication failure region according to the matching ratio, provides a service requested by the user in the authentication success region, And a terminal verification method for verifying whether the user terminal of the connected terminal is the user terminal of the connected terminal in the user authentication holding area.

The access terminal verification unit collects browser information from the user terminal and inserts and extracts a unique integrated identification key in a region including Cookie, LocalStorage, Flash Persistent Storage (LSO), and WebSQL of the connected user terminal A terminal information management unit; A terminal identification key generating unit for generating a terminal identification key unique to the user terminal; A verification key generation unit for generating a verification key by combining browser information of the user terminal to verify the environment change of the user terminal and forgery of the terminal identification key; An integrated identification key generation unit for generating the integrated identification key by combining the terminal identification key and the verification key; A terminal identification determiner for verifying and identifying the user terminal by comparing the integrated identification key and the verification key information extracted from the user terminal with the stored IP information, the integrated identification key, the terminal identification key, and the verification key information; And a verification DB for storing the IP, the terminal identification key, the verification key, and the collection information of the user terminal; Wherein the verification key generation unit identifies the connected terminal using the browser information of the user terminal, wherein the verification key generation unit generates the verification key using the browser language of the connected user terminal, the screen color depth, The hash value of the combined information including the size, the screen vertical size, the time zone offset of the used system, the browser's local storage support, and the browser platform type is shaded by the Secure Hash Algorithm function Sha25 to generate the verification key .

In an embodiment of the present invention, a keyboard input pattern extracting module is not installed in the user terminal, and the service providing server naturally collects the keyboard input pattern information from the authentication information so that the user can not recognize the user, It is possible to provide an apparatus and method for authentication.

According to an embodiment of the present invention, when the matching ratio is equal to or greater than a predetermined value, the user can quickly and efficiently perform user authentication for accessing another user by stealing an ID and a password by a simple process based on a key stroke pattern contrast have.

Also, when the matching ratio is less than a predetermined value, the service can be blocked by discriminating a case where another person steals an ID and a password to access by a simple process based on the key stroke pattern contrast.

When a user inputs authentication information through a user terminal and accesses a service providing server in order to receive a service, the service providing server extracts keyboard input pattern information from the authentication information in real time on the service providing server, When the matching ratio is equal to or less than the authentication success area, the user terminal is additionally authenticated using only the connection information without installing the separate terminal identification agent on the user terminal, thereby authenticating the user accurately And to provide a method and apparatus for authenticating a user.

Further, by performing additional authentication only when the matching ratio is within a certain range, the user can be efficiently authenticated by eliminating the hassle of the user due to the log failure.

The terminal verification unit according to an embodiment of the present invention can identify and verify a connected user terminal using only connection information without installing a separate terminal identification agent program for the terminal connected to the web server.

According to an embodiment of the present invention, the terminal verification unit can accurately identify and identify the user terminal based on the collected IP, the terminal identification key, the verification key, and the browser collection information for the connected user terminal.

According to the embodiment of the present invention, not only the user terminal is identified by the integrated identification key inserted into the local area at the time of access, but also by verifying and verifying the user terminal by comparing the collected various browser information, And a user terminal.

Also, the terminal verification unit can accurately identify and identify the user terminal even if the IP address and the browser environment of the user terminal change.

1 is a schematic diagram of a user authentication apparatus according to an embodiment of the present invention.
FIG. 2 illustrates a method for a key stroke common pattern learning step of a user in an authentication apparatus according to an exemplary embodiment of the present invention.
FIG. 3 illustrates an example of a keystroke pattern information collection module program for collecting keystroke log information when an ID is input according to an embodiment of the present invention.
FIG. 4 illustrates data in which timestamp information is returned according to an embodiment of the present invention. Referring to FIG.
FIG. 5 illustrates a login screen formed on a user interface (UI) in a web page according to an embodiment of the present invention.
FIG. 6 is a graph showing matching ratios for keystrokes inputted by the user himself and another user in the authentication apparatus according to the embodiment of the present invention.
FIG. 7 illustrates a user authentication method using a keystroke pattern in an authentication apparatus according to an embodiment of the present invention.
FIG. 8 illustrates a step of determining a user authentication according to an embodiment of the present invention.
FIG. 9 is a flowchart briefly showing a procedure for a terminal identification method for identifying a connected user terminal in the terminal identification network system 1 according to an embodiment of the present invention.
FIG. 10 is a flowchart illustrating a procedure of performing an integrated identification key recovery step (330) by the terminal verification unit according to an embodiment of the present invention.
11 is a flowchart illustrating a second verification step of the UE verification unit according to an embodiment of the present invention.

The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise.

In the present application, when a component is referred to as "comprising ", it means that it can include other components as well, without excluding other components unless specifically stated otherwise. Also, throughout the specification, the term "on" means to be located above or below the object portion, and does not necessarily mean that the object is located on the upper side with respect to the gravitational direction.

A method of extracting a behavior pattern of a user based on a user's keystroke input through an input means such as a keyboard or a keypad and using the extracted behavior pattern for user authentication is a method in which the user inputs his or her ID and password The pattern data for pressing each key input unit provided on the keyboard or the keypad when the authentication information is input is acquired and used for user authentication. The pattern of the keystrokes, in which the user inputs his / her authentication information, And that it reflects its characteristics.

When a user inputs authentication information such as an ID and a password and inputs a login, the user transmits the ID and the password in units of one packet, and the service providing server can recognize only the character characteristics of the ID and the password, It is difficult to extract keystroke information.

Therefore, conventionally, in order to perform user authentication based on such keystrokes, keystroke extraction module agents are installed in a user terminal to extract keyboard input patterns and extract them to a service providing server.

However, when the user avoids the installation environment of the agent for authentication, there is a need for a method of identifying and authenticating the user without using the agent program for user identification.

In an embodiment of the present invention, when a user inputs authentication information through a user terminal and accesses a service providing server in order to receive a service, the user does not install a module or an agent for extracting a keyboard input pattern in the user terminal, And the providing server extracts the keyboard input pattern information from the authentication information to authenticate the user.

In an embodiment of the present invention, in order to naturally collect information from a web server so that the user can not recognize the information, and analyze the information on the basis of the collected information, a Javascript capable of supporting a cross platform And a keystroke collection module is installed.

1 is a schematic diagram of a user authentication apparatus according to an embodiment of the present invention.

A user authentication apparatus according to an embodiment of the present invention includes a user terminal 10, a web server 100, and a user authentication server 200.

The user terminal 10 according to an exemplary embodiment of the present invention includes a terminal having all browsers supporting a web standard including a PC and a mobile device.

The user terminal 10 can access the service providing web server 100 through a network communication network.

A web server 100 according to an embodiment of the present invention includes a web page unit 110 for providing a web page to a user terminal 10 to be accessed, a login screen on a user interface (UI) And a key for extracting keystroke pattern information from the keystroke pattern information collecting module, which is received from the keystroke pattern information collecting module and is operable to collect log information including keyup for the input of the keystroke, A stroke pattern information extracting unit 120, and a service providing unit 130 for providing a service to a user according to a user authentication result in the user authentication server 200.

The web server 100 includes a terminal identification linker 125. The terminal verification unit included in the user authentication server 200 is connected to the service providing web server 100 through a terminal identification linker 201 by wire or wireless.

The user authentication server 200 according to an embodiment of the present invention includes a keystroke authentication unit, a terminal verification unit, and a user authentication unit.

The keystroke authentication unit of the user authentication server 200 according to an exemplary embodiment of the present invention may include a key extraction unit 120 for extracting a keystroke feature value from keystroke pattern information extracted by the keystroke pattern information extraction unit 120, A user-specific keystroke cavity pattern learning unit 240 for generating and learning a common pattern value from feature values of keystrokes per user generated by the keystroke characteristic generation unit 210, , The feature value of the key stroke for authentication generated in the key stroke characteristic generation unit 210 is compared with the common pattern learned in the user-specific key stroke joint pattern learning unit 240 to calculate the matching ratio And a matching ratio determination unit 220.

 The user authentication unit 230 compares the matching ratio calculated by the matching ratio determination unit 220 with a predetermined value to determine authentication for providing a service to a user requesting service provision, It is determined whether the terminal is a terminal that has been verified.

The keystroke authentication unit of the user authentication server 200 stores the keystroke pattern information extracted from the keystroke pattern information extracting unit 120, the feature values of the keystrokes per user and common pattern values (Not shown).

The terminal verification unit 266 collects browser information from the connected user terminal 10, inserts and extracts a unique integrated identification key for the connected user terminal 10, A terminal identification key generating unit 262 for generating a unique terminal identification key, a verification key generated by combining browser information of the connected user terminal to verify the environment change of the connected user terminal 10 and forgery of the terminal identification key An integrated identification key generation unit 264 for generating an integrated identification key inserted in a local area of the user terminal 10 by combining the terminal identification key and the verification key, 10, which verifies and identifies the user terminal 10 by comparing the integrated identification key and the verification key information with the stored IP information, the integrated identification key, the terminal identification key, And a determination unit 265 and storing the IP, the terminal recognizes the key, the verification key and the collected information of the connected user terminal 10, verification DB (266).

FIG. 2 illustrates a method for a key stroke common pattern learning step of a user in an authentication apparatus according to an exemplary embodiment of the present invention.

Referring to FIG. 2, a keystroke pattern information collection module generation step 510 is performed in which a user accesses a web page and inputs ID and password to a web page, and collects input keystroke data.

A user in the learning stage according to an embodiment of the present invention is performed by a user who has been authenticated or authenticated by another path.

In the keystroke pattern information collection module generation step 510 according to an embodiment of the present invention, a key stroke pattern information collection module programmed using Javascript capable of multi-platform support is displayed on a web page unit 110 Respectively.

The keystroke pattern information collection module generation step 510 includes setting a key for extracting from the login screen on the user interface of the web page.

For example, in the ID Extraction screen, the set keys are numbers 0 to 9, lower case alphabets (a to z), Shift, Enter, Tab.

Storing log information on keyup and keydown events according to key input on the user interface of the web page in userInputs of the web page; And transmitting the stored log information to the keystroke pattern extraction unit 120 according to a login completion signal; .

FIG. 3 illustrates an example of a keystroke pattern information collection module program for collecting keystroke log information when an ID is input according to an embodiment of the present invention.

Referring to FIG. 3, the portion programmed with $ ("input.userid"). On ("keyup keydown", function (e) ... through an if statement means that the key is pressed or torn in the input tag In addition, this program means that if any key is pressed, it works by running the corresponding source below. UPCom.checkInputKeyCode () is a function to filter out anything other than the allowed key.

In one embodiment of the present invention, the keys allowed to be collected are numbers 0 to 9, lower case alphabets (a to z), Shift, Enter, Tab. The keys allowed to be collected may further include other types of keys, such as special characters, as needed.

Anything other than the allowed key will be returned as null, and if it is null, the log will be called "faulty value" and the input.userid to input the key and userInputs keystroke data will be initialized.

If the key is within the allowable range, the key is returned to create the data.

The timestamp means the event occurrence time, the keycode is the event occurred key (ex. a = 65), the type is keyup or keydown, and key means the pressed key value. userInputs.push (obj) should be used to store the result.

In one embodiment of the present invention, the Date (). ValueOf () function is used to obtain a desired time value, which converts the time since the window has been started to milliseconds, that is, milliseconds .

keyup, and keydown events are treated as asynchronism, and the state of the key event can be examined and processed at the time of the call.

For example, the event state at the time of key down returns obj.type = "keydown" value. At the time of key up, the event state returns obj.type = "keyup" value.

In one embodiment of the present invention, key events are executed in keydown-keyup order. You can see which key was keydown or keyup from the timestamp, keycode, and key attribute values that were executed.

FIG. 4 illustrates an example of data in which timestamp information is returned according to an embodiment of the present invention.

Next, when the user terminal 10 accesses the web server 100 in order to receive the service, a web page providing step 520 for providing a web page for user authentication is performed.

FIG. 5 illustrates a login screen formed on a user interface (UI) in a web page according to an embodiment of the present invention.

In the web page providing step 520, log information (timestamp, keycode, and key attribute values) according to keyup and keydown event is stored in the userInputs of the web page according to the input of the id and the password in the login screen on the user interface (UI) And is transmitted to the keystroke pattern extracting unit 120 at the login completion process.

The keystroke pattern information extracting unit 120 extracts keystroke pattern information from the keystroke log information of the authenticated user transmitted from the keystroke pattern information collecting module (step 430).

For example, when you press two codes A and B, you can press (A, DOWN, TIME 1), (A, UP, TIME 2), (B, DOWN, TIME 3) Collect two groups of values.

Here, it is possible to obtain the time during which the A code is being held through the operation of time 2 - time 1. Also, the time during which the B code is pressed can be obtained through the operation of time 4 - time 3.

If we rearrange this, when inputting each n key codes,

_{(keycode 1 down, keycode 1 _down_event_time} ), (keycode 1 up, keycode 1 _up_event_time), (keycode 2 down, keycode 2 _down_event_time), (keycode 2 up, keycode 2 _up_event_time), ... (keycode n, down, keycode _{n _down_event_time), (keycode n,} up, keycode n _up_event_time)

Can be extracted.

Next, a keystroke pattern characteristic generation step 540 for generating a keystroke pattern characteristic from the keystroke values extracted in the keystroke pattern information extraction step 430 is performed.

From the above example, we obtain the time that holds each keycode and create a new feature_1.

The generation fuction of feature_1 according to an embodiment of the present invention is defined as follows.

f_feature_1 (n) = keycode _n _up_event_time - keycode _n _down_event_time

Then, only the time points of pressing each keycode are collected, and a time difference of pressing the key code is obtained to generate a new feature_2.

The generation fuction of feature_2 according to an embodiment of the present invention is defined as follows.

f_feature_2 (n) = _n keycode _down_event_time (time _{3) - keycode n-1 _down_event_time} ( Time 1) (n> 1)

In this case, when keycode n is input, n is generated for feature_1, and n-1 is generated for feature_2.

That is, in the keystroke pattern characteristic generation step 540, a first characteristic value for the input duration and a second characteristic value for the input interval time between the key codes are generated for each key code from the keystroke pattern characteristic do.

Next, an authenticated user's keystroke common pattern learning step 550 is performed.

In the keystroke common pattern learning step 550, values of f_feature_1 (n) generated in feature_1 are first compared with each other.

At this time, the number to be compared is _n C ₂ .

For example, assuming that four keys A, B, C, and D are input and the value of each feature_1 is 1, 2, 3, 4,

A, B, A <C, A <D, B <C, B <D, C <D can be obtained.

Assuming that the values of feature_1 of A, B, C, and D are 1, 3, 2, and 4 when A, B, C,

In this case, we can get the results of A <B, A <C, A <D, B> C, B <D, C <

A common pattern of A <B, A <C, A <D, B <D, C <D can be obtained from five out of six cases.

In addition, the pattern can be obtained as described above using the value of feature_2.

At this time, the number to be compared is _n-1 C ₂ .

Assuming that the values of AB (B_down_event_time - A_down_event_time), BC, and CD are 1, 2, and 3, results AB <BC, AB <CD, BC <CD can be obtained.

Assuming that the second input f_feature_2 value is 1, 3, 2, the result of AB <BC, AB <CD, BC> CD can be obtained.

In the case of feature_2, a common pattern of AB <BC, AB <CD can be obtained.

In this way, ABCD 4 character words are input twice, and feature1 and feature_2 are generated to obtain 6 patterns.

That is, according to an embodiment of the present invention, the first characteristics versus value pattern, which compares input durations of each key code with respect to the identified ID and password, and a second characteristic contrast Value pattern is generated, and then it is repeatedly learned many times to generate a common contrast value pattern (hereinafter referred to as a common pattern).

According to an embodiment of the present invention, when the user inputs the identified ID and password N times and extracts the common pattern as described above, when the user logs in by inputting the ID and password for authentication, the matching ratio An authentication algorithm capable of performing identity verification can be implemented.

In one embodiment of the present invention, the matching ratio is defined as 100% when 100 common patterns are the same for 100 common patterns.

For example, if the common pattern is 100, if the number of keystrokes that require authentication is equal to 91, the matching ratio is calculated as 91%.

FIG. 6 is a graph showing matching ratios for keystrokes inputted by the user himself and another user in the authentication apparatus according to the embodiment of the present invention.

FIG. 6 illustrates a result of a total of 3.998 experiments by constructing a population of 35 persons in an authentication apparatus according to an embodiment of the present invention and exchanging an arbitrary ID and password from a user.

FIG. 6 shows graphs in the order of the highest matching ratio, and the vertical size of the lower bar shows the reliability of the probability of being a person.

Table 1 shows the error status of the identity verification for the matching ratio in the upper part of the reliability in FIG.

Table 2 shows the error status of the identity verification of the matching ratio in the confidence sub-portion of FIG.

According to an exemplary embodiment of the present invention, a population test of authentication with various populations is performed. As a result, after at least 10 training sessions have been performed, the probability of a person being within a matching ratio of 93% It is analyzed that it can authenticate the user without error because it has 99.6% reliability.

Also, if the matching ratio is less than 66%, it can be judged that the person is not the person because the person has the reliability of 0.5%.

Therefore, in the embodiment of the present invention, when the matching ratio (x) is 93% or more, user authentication is performed in a simple process through contrast with the above-described keystroke common pattern, Can be efficiently performed.

In the embodiment of the present invention, when the matching ratio x is 93% or more, it is determined that the authentication is successful by setting it as a successful authentication area.

The authentication success area can be set in the range of 90 to 95% of the matching ratio according to the cumulative learning and reliability of the common pattern.

If the matching ratio is less than 66%, it is analyzed as a case where a person other than himself / herself is stolen and accessed. Therefore, it is determined that authentication is impossible and authentication is impossible.

Or the authentication failure area can be changed and set in the range of 65 to 70% in accordance with the cumulative learning and reliability of the common pattern.

In the case where the matching ratio is less than 93% and equal to or more than 66%, that is, in the area between the authentication success area and the authentication failure area, the case where the connection attempt is the user identity may be included. If the authentication is unsuccessful in the case of the person himself / herself, the process of inputting the ID and the password again is repeated. Since the user's complaint becomes high, it is necessary to check the identity of the person by an additional procedure.

According to an embodiment of the present invention, when the matching ratio is in a region between the authentication success area and the authentication failure area, the authentication ratio is divided into the authentication authentication hold area and the second authentication method for identifying the user, .

The second authentication method for identity verification according to an embodiment of the present invention may include a method of confirming whether the connected terminal is the terminal of the user or a third step of identifying the terminal by the third path.

FIG. 7 illustrates a user authentication method using a keystroke pattern in an authentication apparatus according to an embodiment of the present invention.

First, when accessing the web server 100 in order for the user terminal 10 to receive a service, an authentication web page providing step 610 for providing a web page for user authentication is performed.

In the authentication web page providing step 610, the keystroke pattern information collection module installed to operate in the web page displays a keyup for inputting an id and a password on a login screen on a user interface (UI), log information according to a keydown event And the attribute values of keycode and key) in userInputs of the web page, and is transmitted to the keystroke pattern extracting unit 120 of the web server 100 by the login completion signal.

Next, the keystroke pattern information extracting unit 120 extracts the keystroke pattern information from the log information based on the ID and the password input by the user who is requested to be authenticated and transmitted from the keystroke pattern information collection module installed on the web page Quot; keystroke pattern information extraction step of user authentication information &quot; 620 is performed.

The keystroke pattern information extraction step 620 of the user authentication information may be performed in the same manner as the keystroke pattern information extraction step 430 described above.

Hereinafter, the keystroke pattern generating unit 210 of the user authentication server 200 receives the keystroke pattern information and generates a keystroke pattern characteristic from the keystroke values of the extracted keystroke pattern information A generation step 640 is performed.

The keystroke pattern characteristic generation step 640 generates a first characteristic value for the input duration for each key code and a second characteristic value for the input interval time between the key codes from the keystroke pattern characteristic, May be performed in the same manner as the keystroke pattern characteristic generation step 430 by the described authenticated user.

Next, a matching ratio calculation step 640 (step 640) for calculating values of the key stroke pattern characteristic values generated in the key stroke pattern characteristic generation step 640, in comparison with the common key stroke common patterns stored in the key stroke database 250, ) Is performed.

In the matching ratio calculating step 640, the ratio of the number of keystrokes that require authentication to the number of keystroke common patterns that satisfy the same is calculated as a matching ratio.

Next, a user authentication determination step 650 is performed to determine whether the user is the user based on the matching ratio calculated in the matching ratio calculation step 640.

FIG. 8 illustrates a step of determining a user authentication according to an embodiment of the present invention.

Referring to FIG. 8, in step 710, if the matching ratio x is 93% or more, the authentication success is determined to be successful.

If the keystroke matching ratio x is not 93% or more in step 710, if the matching ratio is less than 93% in step 720, and if the matching ratio is 66% or more, the authentication verification step is performed as the second authentication means Thereby performing the identity verification procedure.

If the matching ratio is less than 66%, it is set as the authentication failure area and it is determined that the authentication is not possible (Log Fail).

In the service providing step 660, when it is determined that the authentication is successful, and the terminal verification step is performed, the requested service is provided for the connection attempt in which the authentication of the user terminal is completed. to provide,

The terminal verification according to an embodiment of the present invention is performed by the following method.

According to an embodiment of the present invention, the terminal verification unit grants a unique encrypted terminal identification key for distinguishing each connected authenticated specific user terminal when first connected, in order to identify the connected user terminal 10.

For example, the terminal identification key according to an embodiment of the present invention is a 36-digit key composed of a hexadecimal number in the form of a universally unique identifier (UUID) and a hyphen (-) in the terminal identification key generation unit 262, .

Terminal recognition key formation example) 4b8fa7e3-746c-4bc6-aed5-dfd8bbdc36a0

The terminal information management unit 266 of the terminal verification unit collects browser information and IP information provided for the user terminal 10 to receive a web page from the web server 100 through the web browser.

In addition, the verification key generation unit 263 of the terminal verification unit according to an embodiment of the present invention generates a verification key to verify the environment change of the connected user terminal 10 and the forgery and falsification of the terminal recognition key.

The verification key may be formed by a combination of eigenvalues for the browser information of the user terminal 10. [

The verification key according to an exemplary embodiment of the present invention can be used internally by the terminal verification unit to determine a change of a used browser, a modulation of a terminal recognition key, and the like.

According to one embodiment of the present invention, the verification key generation unit 263 of the terminal verification unit hashs the information values obtained by combining the collected browser information values in the following order with the Sha25 function, which is the Secure Hash Algorithm, It can be created with 64 digits.

Also, the reference information and the order of listing may be changed according to the policy information setting.

I. Browser language

II. Screen color depth

III. Screen size

IV. Screen vertical size

V. Time zone offset of the used system

VI. Availability of browser's local storage

VII. Browser platform type (Win32, WinCE, MacIntel, Linux i686, etc.)

VIII. Canvas Fingerprint (one of the browser fingerprint technologies using Html5 Canvas object)

For example, the browser information collected by the terminal information management unit 266 may include UserAgent, Vendor, Vendor SubID, BuildID, CookieEnable, AppName, AppCodeName, AppVersion, AppMinorVersion, product, Java Enabled, localStorage, Language, and System Language.

It can also include Platfrom, OS CPU, Language, TimeZone, and Fonts in the system area.

In the screen field, MaxWidth, AvailableWidth, MaxHeight, AvailableHeight, Top, Left, Outer Width, Outer Height, Inner Width, Inner Height, Document Width, Document Height, ColorDepth, PixelDepth, Pixel Ratio, Font Smoothing, BufferDepth, DeviceXDPI, , LogicalXDPI, LogicalYDPI, SystemXDPI, SystemYDPI, and UpdateInterval.

Pluginsdmf can also be included in the plug-ins field.

In the network field, NATIP, UseProxy, and Proxy IP may be included.

In the Personality field, the terminal identification key, the verification key, and the verification key Exist, cheat, canvasFingerprint, cKeyExist, and flashAvailable may be included.

According to one embodiment of the present invention, the terminal verification unit generates the collection information in the JSON format, encrypts the information in the AES 256, and stores the encrypted information.

According to an embodiment of the present invention, the integrated identification key generation unit 264 of the terminal verification unit 264 registers the verification key in the terminal recognition key when the authenticated user first accesses the terminal to identify and verify the connected user terminal 10 and the terminal information manager 266 inserts and manages the integrated identification key generated in the local area of the connected user terminal 10. [

The integrated identification key according to an exemplary embodiment of the present invention is a combination of a terminal identification key and a verification key through an algorithm, and the terminal verification unit can be used for verification by separating the terminal identification key and the verification key again.

According to an embodiment of the present invention, the local area of the user terminal 10 in which the integrated identification key is inserted may be one or more supportable storage spaces such as Cookie, Local Storage, Flash Persistent Storage (LSO), and WebSQL.

Alternatively, the integrated identification key may be inserted into a supportable storage space such as Cookie, Local Storage, Flash Persistent Storage (LSO), and WebSQL of the user terminal 10 according to an embodiment of the present invention.

The method for identifying the user terminal 10 according to an embodiment of the present invention is such that when the user terminal 10 attempts to access the service providing web server 100, And collects browser information from the user terminal 10. [

The terminal verification unit 10 generates a verification key by combining the collected browser information and generates a unique terminal identification key for distinguishing the user terminal 10 when it is determined that the user terminal 10 is connected for the first time .

Next, the terminal verification unit 10 generates an integrated identification key unique to the user terminal 10 by combining the terminal identification key and the verification key, inserts the unique identification key into the local area of the user terminal 10, identifies the user terminal 10 The integrated identification key, the terminal identification key, the verification key, and the browser information for the user terminal 10 to be stored in the verification DB.

When the user terminal 10 reconnects to the service providing web server 100, the terminal verification unit 10 extracts the integrated identification key and the browser information from the user terminal 10, And the browser information and IP information stored in the verification DB 266, the integrated identification key, the terminal identification key, and the verification key to identify and verify the user terminal 10.

FIG. 9 is a flowchart briefly showing a procedure for a terminal identification method for identifying a connected user terminal in the terminal identification network system 1 according to an embodiment of the present invention.

Referring to FIG. 9, in step 310, when the user terminal 10 attempts to access the service providing web server 100, the terminal verification unit connected to the terminal identification linker 125 in step 320 receives the local area And inquires whether an existing integrated identification key exists.

According to an embodiment of the present invention, the terminal information management unit 266 of the terminal verification unit searches for Cookie, Local Storage, Flash Persistent Storage (LSO), and WebSQL in the local area in order to inquire whether an integrated identification key exists .

In operation 320, when the integrated verification key exists in the local area of the user terminal 10, the terminal verification unit classifies the access history as having a history of access and extracts the integrated identification key.

In step 340, the terminal verification unit collects new browser information from the connected user terminal 10, combines the collected browser information to generate a new verification key (step 340), and performs a verification step 350 do.

In the verification step 350, the terminal verification unit extracts the existing old verification key information corresponding to the integrated identification key from the verification DB 265, and determines whether the new verification key and the old old verification key information are identical.

In the same case, it is classified as a specific user terminal stored in the verification DB 265, the connected user terminal 10 has already been connected and the current connection environment is not changed.

Next, the IP information collected for the user terminal 10 collected in step 360 is recorded, and the user terminal 10 is connected to the service providing web page of the service providing web server 100 to provide the requested web page Connect.

According to an embodiment of the present invention, the terminal verification unit collects a NAT IP when an agent program such as a plug-in or an AF flash module is already installed in the user terminal 10, Collect the previous Web IP.

The immediately preceding Web IP is the same as the NAT IP in the case of not passing through the proxy server but the proxy IP in the case of connecting via the proxy server.

If it is determined in step 320 that the integrated identification key does not exist in the local area of the user terminal 10, the terminal verification unit proceeds to the integrated identification key recovery step 330. [

FIG. 10 is a flowchart illustrating a procedure of performing an integrated identification key recovery step (330) by the terminal verification unit according to an embodiment of the present invention.

10, in step 331, the terminal verification unit collects browser information from the user terminal 10 connected to the service providing web server 100, extracts a new verification key for the connected user terminal 10 from the browser information, .

Next, in step 332, the UE verification unit determines whether the same information as the new verification key generated in step 331 exists in the verification DB 266.

The terminal verification unit judges that the connected user terminal 10 is not the terminal of the existing connected user but the other terminal that is connected first if the same information as the generated new verification key is not present in the verification DB 266, In step 333, a terminal identification key for the connected user terminal is generated.

Then, in step 334, the terminal verification unit generates an integrated identification key by combining the new verification key and the terminal identification key, and verifies the terminal identification key, the new verification key, and the integrated identification key generated for the terminal of the connected user Save to DB.

On the other hand, if it is determined in step 332 that the same information as the new verification key is present in the verification DB 266, the terminal verification unit may determine that the connected user terminal 10 has already accessed the integrated identification Key is deleted, and in step 336, the oldest one of the old terminal recognition key lists matched with the new verification key is returned from the verification DB 266 and is restored.

In step 337, the terminal verification unit generates a new integrated identification key by combining the new verification key and the recovered old terminal identification key, and stores the new integrated identification key in the verification DB 266.

In step 338, the terminal verification unit inserts the new integrated identification key generated in step 337 or step 334 so as to be included in the local area of the user terminal 10.

After step 338, the terminal verification unit performs a step of connecting to the web page of the service providing web server so that the IP information about the user terminal 10 accessed in the same manner as in step 360 is recorded and provided as a required web page.

Returning to FIG. 9, if it is determined that the old verification key information stored in the verification DB 266 is not identical to the new verification key in the verification step 350, the second verification step is performed .

11 is a flowchart illustrating a second terminal verification step performed by the terminal verification unit according to an embodiment of the present invention.

In the second terminal verification step, the terminal verification unit inquires of the verification DB 266 whether a terminal identification key identical to the terminal identification key included in the integrated identification key of the user terminal 10 exists (operation 400).

If there is an old terminal identification key identical to the terminal identification key included in the integrated identification key of the user terminal 10 in the verification DB 266 in step 400, We classify the browser environment as changed.

In step 420, the terminal verification unit generates a new integrated identification key by combining the new verification key and the old terminal identification key, and transmits the new integrated identification key to the verification DB 266. In step 420, 266).

Next, the generated new integrated identification key is inserted into the local area of the user terminal 10 so as to be upgraded (430).

Next, the IP information of the connected user terminal 10 is recorded in the same manner as in step 360, and a step of connecting to the web server 100 to provide the requested web page is performed.

On the other hand, if it is determined in step 400 that there is no old terminal recognition key identical to the terminal identification key included in the integrated identification key of the user terminal 10 in the terminal verification unit verification DB 266, 10 is changed to the existing one or the terminal recognition key is copied by another person. In step 401, the terminal verification unit generates a new terminal identification key unique to the connected user terminal 10.

In step 402, a new unified identification key is generated by combining the new verification key and the new terminal identification key, and the new integrated identification key is stored in the verification DB 266.

In this case, the terminal verification unit can separately manage according to the anomalous indication policy.

The verification DB 266 records and records the change histories of the verification key list, the terminal identification key list, and the collection information for each user terminal in a table.

The terminal identification determiner 265 of the terminal verification unit can analyze the changed history and connection pattern from the verification DB 266 to establish an abnormality notification judgment policy and determine whether the connected user terminal is malicious access.

Next, in step 430, the new integrated identification key is upgraded to be included in the local area of the user terminal 10 and inserted.

According to an embodiment of the present invention, a keyboard input pattern information and a keyboard input pattern information can be naturally prevented from being recognized by a service providing server without installing an agent program for terminal identification or an agent for keyboard input pattern extraction to a user terminal accessing a web site. It is possible to provide an apparatus and method for authenticating a user of a user using only connection information.

According to an embodiment of the present invention, the terminal verification unit can accurately identify and identify the user terminal based on the collected IP, the terminal identification key, the verification key, and the browser collection information for the connected user terminal.

The terminal identification unit of the terminal verification unit according to an embodiment of the present invention determines the access pattern trend and disables connection of the web page when it is judged that access is made in a spoofed access pattern, .

In an embodiment of the present invention, a keyboard input pattern extracting module is not installed in the user terminal, and the service providing server naturally collects the keyboard input pattern information from the authentication information so that the user can not recognize the user, It is possible to provide an apparatus and method for authentication.

According to an embodiment of the present invention, when the matching ratio is equal to or greater than a predetermined value, the user can quickly and efficiently perform user authentication for accessing another user by stealing an ID and a password by a simple process based on a key stroke pattern contrast have.

Also, when the matching ratio is less than a predetermined value, the service can be blocked by discriminating a case where another person steals an ID and a password to access by a simple process based on the key stroke pattern contrast.

Further, by performing additional authentication only when the matching ratio is within a certain range, the user can be efficiently authenticated by eliminating the hassle of the user due to the log failure.

10: User terminal
100: Web server
110: Web page part
120: Keystroke pattern information extracting unit
125: terminal identification linker
130: Service Offering
200: user authentication server
210: Keystroke characteristic generating unit
220: matching ratio determining unit
240: Keystone joint pattern learning unit for each user
230: User authentication unit
250: Keystroke pattern information database unit
260: Terminal information manager
262 terminal recognition key generation unit
263: verification key generation unit
264: Integrated Identification Key Generation Unit
265: terminal identification determination unit
266: Validation DB

Claims (8)

A user authentication method of a user terminal accessing the web server in a user authentication apparatus including a web server and a user authentication server,
The user authentication method includes:
The user authentication server extracts the keyboard input pattern information using only the connection information including the login authentication information and performs authentication for the user without installing the keyboard input pattern extracting module or the terminal identification agent in the user terminal , &Lt; / RTI &gt;
The user authentication method includes:
Wherein the keystroke pattern information collection module is generated in a web page so that the user terminal is operated on a web page when accessing the web server for use of the service, Collecting log information including a keyup for inputting an ID and a password, a timestamp corresponding to a keydown event, an attribute value of a keycode, and a key on a login screen on the UI, and transmitting the collected log information to a keystroke pattern extracting unit of the web server;
A keystroke pattern information extracting step of extracting keystroke pattern information from the log information in the keystroke pattern extracting step;
A keystroke pattern characteristic generation step of receiving the keystroke pattern information from the user authentication server and generating a keystroke pattern characteristic value from the keystroke pattern information;
Calculating a matching ratio by comparing the keystroke pattern characteristic values with a common keystroke pattern for each user stored in the keystroke database; And
A user authentication determination step of determining whether the user is the user by the matching ratio in the user authentication server; , Wherein:
In the user authentication determination step,
The authentication success area, the authentication area, and the authentication failure area are classified according to the matching ratio. The user authentication success area provides a service requested by the user. The authentication failure area provides a log failure screen And a terminal verification method for verifying whether the terminal is the user terminal of the connected terminal in the authentication suspension area,
Wherein the matching ratio is a ratio of the number of keystroke pattern characteristic values of a user requiring the authentication to the number of keystroke pattern matching values equally satisfying the keystroke common pattern and the matching authentication ratio is an area having the matching ratio of 93% , The authentication authentication permission area is an area where the matching ratio is less than 93% and not less than 66%, and the authentication failure area is an area where the matching ratio is less than 66%
A terminal verification method for verifying whether a user terminal is a terminal of a user is characterized in that a terminal verification unit included in the user authentication server collects and verifies browser information from the user terminal,
Wherein the requested service is provided for a connection attempt determined to be a successful region in the authentication determination step and a connection attempt of the terminal of the user's terminal is completed in the terminal verification step in the reserved area.
delete The method according to claim 1,
Wherein the keystroke pattern information collection module comprises:
Setting a key for extracting from a login screen on the user interface;
Storing log information on keyup and keydown events according to a key input on a user interface of the web page in userInputs of the web page; And
Transmitting the stored log information to the keystroke pattern extraction unit according to a login completion signal; The user authentication method comprising:
The method according to claim 1,
The user-specific keystroke common pattern may include:
Generating a keystroke pattern information collection module capable of collecting log information on input keystroke data when an authenticated user accesses the web server and inputs an ID and a password;
The keystroke pattern information collection module transmits log information including timestamp, keycode, and key attribute values to the keystroke pattern extraction unit according to the input of the authenticated user's id and password;
A keystroke pattern information extracting step of extracting keystroke pattern information from log information of the authenticated user in the keystroke pattern extracting step;
From the keystroke pattern characteristic of the authenticated user, a keystroke pattern characteristic for generating a first characteristic value for the input duration and a second characteristic value for the input interval time between the key codes, step; And
A second characteristic contrast value pattern in which a first characteristic contrast value pattern in which input durations of the key codes are respectively compared with an input interval time between the respective key codes is generated, And generating a keystroke common pattern.
delete The method according to claim 1,
The user authentication server further includes a terminal verification unit,
The terminal verification method includes:
Collecting browser information from the user terminal when the user terminal attempts to access the web server;
The terminal verification unit combining the collected browser information to generate a verification key;
Wherein the verification key includes all information about the browser language of the connected user terminal, the screen color depth, the screen width size, the screen portrait size, the time zone offset of the used system, the local storage support of the browser, and the browser platform type The hash value is combined with the Sha25 function, which is a Secure Hash Algorithm, and is generated.
Generating a unique terminal identification key for identifying the first user terminal when the terminal verification unit determines that the first user terminal is connected for the first time;
The terminal verification unit combining the terminal identification key and the verification key to generate a unique integrated identification key unique to the user terminal; And
Inserting the integrated identification key into the local area of the user terminal; Wherein the local area is a region including Cookie, Local Storage, Flash Persistent Storage (LSO), and WebSQL of the user terminal,
Storing the IP information, the integrated identification key, the terminal identification key, the verification key, and the browser information for the user terminal in a verification DB,
The terminal verification unit extracts the integrated identification key and the browser information from the user terminal when the user terminal that requires verification of the user terminal is reconnected to the web server, Comparing the stored IP information, the integrated identification key, the terminal identification key, and the verification key, and verifying the user information with the user terminal stored in the verification DB.
A user authentication apparatus including a web server and a user authentication server,
The user authentication apparatus extracts keyboard input pattern information using only connection information including login authentication information and performs authentication for a user without installing a keyboard input pattern extracting module or a terminal identification agent in the user terminal .
Wherein the user authentication apparatus comprises:
Wherein the web server comprises: a web page unit for providing a web page to a connecting user terminal;
A keystroke pattern information collection module for collecting log information including a keyup for inputting an ID and a password, a timestamp corresponding to a keydown event, and an attribute value of keycode and key on a login screen on the user interface (UI) of the web page A keystroke pattern information extracting unit for extracting keystroke pattern information by receiving the log information from the keystroke pattern information collecting module; And
A service providing unit for providing a service to a user according to a user authentication result in the user authentication server; / RTI &gt;
Wherein the user authentication server includes a keystroke authentication unit and a terminal verification unit,
Wherein the keystroke authentication unit comprises: a keystroke property generation unit that extracts a keystroke characteristic value from the keystroke pattern information extracted by the keystroke pattern information extraction unit;
A user-specific keystroke cavity pattern learning unit for generating and learning a common pattern value from characteristic values of keystrokes per user generated by the keystroke characteristic generation unit;
A matching ratio determination unit for comparing a characteristic value of a key stroke for authentication generated in the key stroke characteristic generation unit with a common pattern value learned in the user-specific key stroke common pattern learning unit;
The matching ratio judging unit compares the matching ratio with a set value to determine whether the user is requesting a service, and whether the terminal is verified by the terminal verifying unit. A user authentication unit for determining authentication with respect to providing; And
A keystroke database unit for storing and managing the keystroke pattern information, the characteristic value of the keystroke per user and the common pattern for each user; , &Lt; / RTI &
Wherein the user authentication unit classifies the user authentication success area, the authentication authentication hold area, and the authentication failure area according to the matching ratio, provides a service requested by the user in the authentication success area, Further comprising a terminal verification step of verifying whether the user terminal of the connected terminal is the terminal of the user in the self authentication hold area,
Wherein the matching ratio is a ratio of a number of keystroke characteristic values of a user requiring authentication to a number satisfying the keystroke common pattern equally, and the matching authentication ratio is an area having the matching ratio of 93% or more, Wherein the authentication authentication permission area is an area where the matching ratio is less than 93% and not less than 66%, and the authentication failure area is an area where the matching ratio is less than 66%
A terminal verification method for verifying whether a user terminal is a terminal of a user is characterized in that a terminal verification unit included in the user authentication server collects and verifies browser information from the user terminal,
Wherein the service providing unit provides the requested service to the access attempt when the authentication process of the terminal of the user is completed by the terminal verification step in the case of the successful region and the terminal verification in the reserved region.
8. The method of claim 7,
The terminal verification unit,
A terminal information management unit for collecting browser information from the user terminal and inserting and extracting a unique integrated identification key in an area including Cookie, LocalStorage, Flash Persistent Storage (LSO), and WebSQL of the connected user terminal;
A terminal identification key generating unit for generating a terminal identification key unique to the user terminal;
A verification key generation unit for generating a verification key by combining browser information of the user terminal to verify the environment change of the user terminal and forgery of the terminal identification key;
An integrated identification key generation unit for generating the integrated identification key by combining the terminal identification key and the verification key;
A terminal identification determiner for verifying and identifying the user terminal by comparing the integrated identification key and the verification key information extracted from the user terminal with the stored IP information, the integrated identification key, the terminal identification key, and the verification key information; And
A verification DB for storing the IP, the terminal identification key, the verification key and the collection information of the user terminal; , Wherein the first,
And identifies and identifies the connected terminal using the browser information of the user terminal,
The verification key generation unit may include information on the browser language, the screen color depth, the screen size, the screen size, the time zone offset of the used system, the local storage support of the browser, and the browser platform type of the connected user terminal And generates the verification key by hashing the combined information value into a Sha25 function which is a Secure Hash Algorithm.

Images