WO2017075913A1 - Mouse behaviors based authentication method - Google Patents

Mouse behaviors based authentication method Download PDF

Info

Publication number
WO2017075913A1
WO2017075913A1 PCT/CN2016/070993 CN2016070993W WO2017075913A1 WO 2017075913 A1 WO2017075913 A1 WO 2017075913A1 CN 2016070993 W CN2016070993 W CN 2016070993W WO 2017075913 A1 WO2017075913 A1 WO 2017075913A1
Authority
WO
WIPO (PCT)
Prior art keywords
mouse
authentication method
user
based authentication
behavior
Prior art date
Application number
PCT/CN2016/070993
Other languages
French (fr)
Chinese (zh)
Inventor
蒋昌俊
闫春钢
陈闳中
丁志军
马磊
Original Assignee
同济大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 同济大学 filed Critical 同济大学
Publication of WO2017075913A1 publication Critical patent/WO2017075913A1/en
Priority to AU2018100677A priority Critical patent/AU2018100677A4/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the invention relates to a security technology, in particular to a mouse behavior based authentication method.
  • an object of the present invention is to provide a mouse behavior based authentication method for solving the security problem existing in the prior art dynamic soft keyboard technology.
  • the present invention provides a mouse behavior-based authentication method
  • the mouse-based authentication method includes: collecting mouse behavior data during a process of inputting a password by using a dynamic soft keyboard by a preset user; The mouse behavior data is calculated and processed to obtain the feature value, and the feature selection algorithm is used to select the optimal feature vector; the optimal feature vector is processed by the preset model to determine the user behavior mode of the user.
  • the mouse-based authentication method further includes: receiving mouse behavior data during a password input process using a dynamic soft keyboard, and performing user identity classification authentication on the received mouse behavior data according to the user behavior mode.
  • the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior mode includes: combining the user behavior pattern, and processing the received mouse behavior data by using a K majority vote method, Thereby determining whether to pass the certification.
  • the dynamic soft keyboard comprises a randomly generated out-of-order keyboard.
  • the feature selection algorithm includes an L-to-R selection algorithm.
  • the feature value includes at least one of a keystroke entry speed, a keystroke departure speed, and a keying time.
  • the feature value further includes a moving speed, an acceleration, and a moving angle value.
  • the preset model includes a support vector machine model.
  • processing the optimal feature vector by using a preset model, and determining a specific implementation of the user behavior mode includes: normalizing the optimal feature vector; and uniformly, the optimal feature vector Divided into a plurality of sets of subset data, for each set of subset data, the subset data is used as a verification set, and other subset data is used as a training set to obtain a model parameter and a classifier performance index respectively;
  • the model parameters corresponding to the maximum values in the classifier performance indicators determine the user behavior pattern.
  • the mouse behavior-based authentication method of the present invention has the following beneficial effects: user identity authentication when the mouse action is a non-fixed track can be realized.
  • new feature value keystroke entry speed, keystroke departure speed, keystroke time, etc. are used to refine the traditional feature values and improve the authentication accuracy.
  • the technical solution of the present invention is particularly suitable for use in a dynamic soft keyboard application scenario as an auxiliary means of a traditional username/password authentication mechanism.
  • FIG. 1 is a flow chart showing an embodiment of a mouse behavior based authentication method according to the present invention.
  • FIG. 2 is a flow chart showing another embodiment of the mouse behavior based authentication method of the present invention.
  • the invention provides a mouse behavior based authentication method, which is particularly suitable for use in a dynamic soft keyboard application scenario.
  • the mouse-based authentication method includes:
  • step S1 the mouse behavior data in the process of inputting the password by the preset user using the dynamic soft keyboard is collected.
  • the user-created dynamic soft keyboard is used to collect and store data generated by the mouse during the user input password operation when the user enters the password.
  • the existing open source software RUI tool is used to record the user's action data, and the recorded data tuple format is ⁇ t, x, y, action-type>.
  • the data format is shown in the following table:
  • the dynamic soft keyboard includes a randomly generated out-of-order keyboard. The use of randomly generated out-of-order keyboards can improve the security of authentication.
  • step S2 the mouse behavior data is calculated and processed to obtain feature values, and the feature selection algorithm is used to select the best feature vector.
  • the eigenvectors are composed of eigenvalues
  • keystroke behavior refers to the behavior of a user operating a mouse to click a character key on a soft keyboard.
  • the key-seeking behavior refers to the behavior of the user operating the mouse to find a character key on the soft keyboard.
  • eigenvalues such as entry speed, exit speed, and key-to-key time ratio are defined, which are supplemented by traditional eigenvalues (such as average speed, acceleration, deviation distance, etc.).
  • the entry speed is recorded as V in , which is defined as the speed at which the mouse enters a button before the keystroke begins.
  • the exit speed is recorded as V out , defined as the speed at which the mouse leaves the key after the keystroke is over.
  • Both the entry speed and the exit speed are calculated using the position information and duration of the 3 sample points before/after the click, and the duration is 3 sample periods. Since the duration is small, the mouse trajectory within the time interval can be approximated as a straight line for processing.
  • the feature value includes at least one of a keystroke entry speed, a keystroke departure speed, and a keying time.
  • the feature values may also include moving speed, acceleration, moving angle values, and the like.
  • the eigenvalues shown in the following table can be obtained by simple mathematical calculations.
  • the extraction of eigenvalues can be combined with the CDF cumulative function distribution and the incremental L-R feature selection method.
  • the feature vector dimension is not as good as possible.
  • the feature vector class without strong discrimination not only increases the detection workload, but also increases the false positive rate.
  • there is a CDF cumulative function distribution which is used to describe the probability distribution of a real random variable, that is, the probability that the random variable is less than or equal to a certain value.
  • the feature selection algorithm includes an L-to-R selection algorithm.
  • Add L to the R selection algorithm (LRS, Plus-L Minus-R Selection), there are two forms: ⁇ 1> algorithm starts from the empty set, first adds L features in each round, then removes R features from it, so that the evaluation function The value is optimal. (L>R). ⁇ 2> The algorithm starts from the complete set, and removes R features in each round, then adds L features to make the evaluation function value optimal. (L ⁇ R).
  • Algorithm evaluation The addition of L to R selection algorithm combines the idea of sequence forward selection and sequence backward selection. The choice of L and R is the key of the algorithm.
  • the interval range of fixed L and R is [1, 8], and the values of L and R are determined within the range, and we enumerate the LR value, evaluation
  • the function compares the classification accuracy with the classification accuracy, and finally selects the best feature vector.
  • the best feature vector includes 9 types of feature values, which are 17-dimensional feature vectors.
  • the composition of the feature vector is shown in the following table:
  • CT Click Time is the user click interval 2 CT max/min/mean/sd CT maximum/minimum/average/standard deviation 3 ST Search Time is the user's key-seeking time 4 ST max/min/median/sd CT maximum / minimum / median / standard deviation 5 Rto Repeat character key time ratio 6 T Total duration 7 v in /v out Entry speed at the time of keystroke, exit speed at the end of the keystroke 8 v in /v out(mean/sd) Average/standard deviation of v in /v out 9 Deviation Moving offset value
  • Step S3 processing the best feature vector by using a preset model to determine a user behavior mode of the user.
  • the optimal feature vector has a plurality of feature values.
  • Processing the optimal feature vector by using a preset model, and determining the specific implementation of the user behavior mode comprises: normalizing the optimal feature vector; uniformly dividing the optimal feature vector into multiple groups Subset data, for each set of subset data, using the subset data as a verification set, and other subset data as a training set, respectively obtaining a model parameter and a classifier performance indicator; according to the plurality of classifier performance indicators The model parameters corresponding to the maximum value in the determination of the user behavior pattern.
  • the preset model includes a support vector machine model.
  • Support Vector Machine is a supervised learning model commonly used for pattern recognition, classification, and regression analysis.
  • the user's mouse behavior characteristics are processed using the SVM support vector machine model. Including: normalizing the feature vector first, and normalizing the data to the [0,1] interval.
  • the 5-CV cross-validation is used to select the penalty parameter c and the kernel function parameter g in the SVM algorithm to improve the classifier authentication accuracy.
  • the original training set is divided into 5 groups, each subset is made into a verification set, and the remaining 4 subsets are used as a training set to obtain 5 models, and the average of the classification accuracy of the final verification set is verified by 5 models.
  • the specific process of building a user behavior pattern is as follows:
  • the label Label ⁇ L 1 , L 2 , ..., L p ⁇ , L i ⁇ ⁇ +1, -1 ⁇ is known.
  • the kernel function parameter range g ⁇ [2 ⁇ (-10), 2 ⁇ 10].
  • the feature vector set is evenly divided into 5 groups, and the following steps are repeated: one subset data is selected as the verification set, and the other 4 groups are used as the training set.
  • the average of the five classification accuracy corresponding to (c j , g j ) is taken as the classifier performance index Acc j under this parameter.
  • c j and g j respectively take ⁇ 2 ⁇ (- 10), 2 ⁇ (-8),...,2 ⁇ 8,2 ⁇ 10 ⁇ , for each pair (c j , g j ):
  • Data' is divided into 5 groups, each D i ' is a subset S i Take any S i as the verification set and the rest as the training set, and get the average performance index Acc j of the corresponding parameter SVM classifier.
  • max ⁇ Acc j ⁇ is selected, and the corresponding (c j , g j ) is the parameter value of the required SVM.
  • the mouse-based authentication method further includes: step S4, receiving mouse behavior data during a password input process using a dynamic soft keyboard, and receiving the mouse according to the user behavior mode.
  • Behavior data is used for user identity classification authentication.
  • the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior mode includes: combining the received user behavior data with the K majority vote method to perform the received mouse behavior data. Process to determine if it passes the certification.
  • the rule for classifying by majority vote is defined as: receiving mouse behavior data during the process of inputting a password using a dynamic soft keyboard, as the data to be tested, using the SVM classifier obtained by the above mode construction process for each
  • the sample data is tested x times, and the classifier determines that it is a positive label more than k ⁇ x times (0.5 ⁇ k ⁇ 1), then the sample is marked as a positive label, otherwise the label is a negative sample, which is called a k majority vote method.
  • the range of k is (0.5, 1), and the increment interval is 0.05, that is, k is ⁇ 0.55, 0.60, ..., 0.95, 1.00 ⁇ for authentication, and finally the best k value is obtained.
  • the authentication is as follows:
  • the accuracy of the technical solution authentication can reach 97.33% on average.
  • the majority of the votes are used for authentication, and the test data is used to verify the FAR and FRR values.
  • FRR Federal Rejection Rate
  • FAR Federal Rejection Rate
  • FAR Federal Rejection Rate
  • FAR Federal Rejection Rate
  • FAR False Acceptance Rate
  • FRR is commonly known as the rejection rate.
  • the standard name is FNMR (False Non-Match Rate). No match rate). It can be understood in a common sense as the probability that "the fingerprints that should match each other successfully should be regarded as fingerprints that cannot be matched”.
  • FAR is generally called the false rate, and its standard name is FMR (False Match Rate).
  • FMR is the most important parameter used to evaluate the performance of fingerprint recognition algorithms. It can be commonly understood as the probability of "putting a fingerprint that should not be matched as a matching fingerprint.”
  • a comparison is made between the use of new feature values (including a series of new feature values such as entry speed, exit speed, key-to-key ratio, etc.) and the use of new feature values. The results show that the FAR and FRR values decrease after adding new eigenvalues, which means that the authentication effect is improved.
  • the mouse behavior-based authentication method of the present invention can implement user identity authentication when the mouse action is a non-fixed track.
  • new feature value keystroke entry speed, keystroke departure speed, keystroke time, etc. are used to refine the traditional feature values and improve the authentication accuracy.
  • the technical solution of the present invention is particularly suitable for use in a dynamic soft keyboard application scenario as an auxiliary means of a traditional username/password authentication mechanism. Therefore, the present invention effectively overcomes various shortcomings in the prior art and has high industrial utilization value.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)

Abstract

The present invention provides an authentication method based on mouse behaviors. The mouse-based authentication method comprises: collecting the mouse behavior data generated in the process of inputting passwords by the preset user by using the dynamic soft keyboard; calculating with the mouse behavior data to obtain the eigenvalue and selecting the optimal eigenvector by the feature selection algorithm; processing the optimal eigenvector using a preset model to determine a user behavior pattern of the user. The mouse-based authentication method further comprises: receiving the mouse behavior data generated in the process of inputting the passwords by using the dynamic soft keyboard, and performing user identification classifying authentication for the received mouse behavior data according to the user behavior pattern. The technical solution of the present invention is especially suitable for use under the dynamic soft keyboard application scenario as an auxiliary means for the traditional user name/password authentication mechanism.

Description

一种基于鼠标行为的认证方法A mouse behavior based authentication method 技术领域Technical field
本发明涉及一种安全技术,特别是涉及一种基于鼠标行为的认证方法。The invention relates to a security technology, in particular to a mouse behavior based authentication method.
背景技术Background technique
随着电子商务的普及,网上银行和在线电子支付等方式逐渐被网民接受和喜爱。但这些支付平台的安全性不容乐观,身份盗用现象频繁发生,可信问题广受关注,安全的身份认证成为保证电子交易安全的基本前提。为了防止密码被盗,有些网上银行以及电子商务支付平台采用了安全控件、硬件辅助、动态软键盘等技术方法。其中,所谓的软键盘并不是在键盘上的,而是在“屏幕”上,软键盘是通过软件模拟键盘通过鼠标点击输入字符,是为了防止木马记录键盘输入的密码,一般在一些银行的网站上要求输入帐号和密码的地方容易看到。动态软键盘可以抵御键盘记录器、间谍软件、恶意机器注册等攻击;但它无法阻止有截图功能的木马,以及肩窥行为等。With the popularity of e-commerce, online banking and online electronic payment are gradually accepted and loved by netizens. However, the security of these payment platforms is not optimistic, identity theft phenomenon occurs frequently, and credibility issues are widely concerned. Secure identity authentication has become the basic premise for ensuring the security of electronic transactions. In order to prevent password theft, some online banking and e-commerce payment platforms use technical methods such as security controls, hardware assistance, and dynamic soft keyboards. Among them, the so-called soft keyboard is not on the keyboard, but on the "screen", the soft keyboard is a character input through the software simulation keyboard through the mouse click, in order to prevent the password input by the Trojan record keyboard, generally in some bank websites The place where you need to enter your account number and password is easy to see. The dynamic soft keyboard protects against attacks such as keyloggers, spyware, and malicious machine registration; however, it does not prevent Trojans with screenshots and shoulder-slung behavior.
鉴于此,如何通过动态软键盘来提高身份认证的安全性就成了本领域技术人员亟待解决的问题。In view of this, how to improve the security of identity authentication through a dynamic soft keyboard has become an urgent problem to be solved by those skilled in the art.
发明内容Summary of the invention
鉴于以上所述现有技术的缺点,本发明的目的在于提供一种基于鼠标行为的认证方法,用于解决现有技术中动态软键盘技术存在的安全问题。In view of the above disadvantages of the prior art, an object of the present invention is to provide a mouse behavior based authentication method for solving the security problem existing in the prior art dynamic soft keyboard technology.
为实现上述目的及其他相关目的,本发明提供一种基于鼠标行为的认证方法,所述基于鼠标的认证方法包括:采集预设用户使用动态软键盘输入密码过程中的鼠标行为数据;对所述鼠标行为数据进行计算处理得到特征值,并利用特征选择算法选出最佳特征向量;采用预设模型对所述最佳特征向量进行处理,确定所述用户的用户行为模式。To achieve the above and other related purposes, the present invention provides a mouse behavior-based authentication method, the mouse-based authentication method includes: collecting mouse behavior data during a process of inputting a password by using a dynamic soft keyboard by a preset user; The mouse behavior data is calculated and processed to obtain the feature value, and the feature selection algorithm is used to select the optimal feature vector; the optimal feature vector is processed by the preset model to determine the user behavior mode of the user.
可选地,所述基于鼠标的认证方法还包括:接收使用动态软键盘输入密码过程中的鼠标行为数据,根据所述用户行为模式对所接收的鼠标行为数据进行用户身份分类认证。Optionally, the mouse-based authentication method further includes: receiving mouse behavior data during a password input process using a dynamic soft keyboard, and performing user identity classification authentication on the received mouse behavior data according to the user behavior mode.
可选地,根据所述用户行为模式对所接收的鼠标行为数据进行用户身份分类认证的具体实现包括:结合所述用户行为模式,采用K多数票决法对所接收的鼠标行为数据进行处理,从而确定是否通过认证。Optionally, the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior mode includes: combining the user behavior pattern, and processing the received mouse behavior data by using a K majority vote method, Thereby determining whether to pass the certification.
可选地,所述动态软键盘包括随机产生的乱序键盘。Optionally, the dynamic soft keyboard comprises a randomly generated out-of-order keyboard.
可选地,所述特征选择算法包括增L去R选择算法。 Optionally, the feature selection algorithm includes an L-to-R selection algorithm.
可选地,所述特征值包括击键进入速度、击键离开速度、寻键时间中的至少一种。Optionally, the feature value includes at least one of a keystroke entry speed, a keystroke departure speed, and a keying time.
可选地,所述特征值还包括移动速度、加速度、移动角度值。Optionally, the feature value further includes a moving speed, an acceleration, and a moving angle value.
可选地,所述预设模型包括支持向量机模型。Optionally, the preset model includes a support vector machine model.
可选地,采用预设模型对所述最佳特征向量进行处理,确定所述用户行为模式的具体实现包括:对所述最佳特征向量进行归一化处理;将所述最佳特征向量均匀的分成多组子集数据,针对每一组子集数据,将所述子集数据作为验证集,其他子集数据作为训练集,分别得到一个模型参数和分类器性能指标;根据所得到的多个分类器性能指标中的最大值所对应的模型参数确定所述用户行为模式。Optionally, processing the optimal feature vector by using a preset model, and determining a specific implementation of the user behavior mode includes: normalizing the optimal feature vector; and uniformly, the optimal feature vector Divided into a plurality of sets of subset data, for each set of subset data, the subset data is used as a verification set, and other subset data is used as a training set to obtain a model parameter and a classifier performance index respectively; The model parameters corresponding to the maximum values in the classifier performance indicators determine the user behavior pattern.
如上所述,本发明的一种基于鼠标行为的认证方法,具有以下有益效果:能实现鼠标动作为非固定轨迹时的用户身份认证。在构建和认证过程中使用了新特征值击键进入速度、击键离开速度、寻键时间等,对传统特征值进行了细化,提高了认证准确度。本发明的技术方案尤其适用于动态软键盘应用场景中,作为传统用户名/密码认证机制的辅助手段。As described above, the mouse behavior-based authentication method of the present invention has the following beneficial effects: user identity authentication when the mouse action is a non-fixed track can be realized. In the process of construction and certification, new feature value keystroke entry speed, keystroke departure speed, keystroke time, etc. are used to refine the traditional feature values and improve the authentication accuracy. The technical solution of the present invention is particularly suitable for use in a dynamic soft keyboard application scenario as an auxiliary means of a traditional username/password authentication mechanism.
附图说明DRAWINGS
图1显示为本发明的基于鼠标行为的认证方法的一实施例的流程示意图。FIG. 1 is a flow chart showing an embodiment of a mouse behavior based authentication method according to the present invention.
图2显示为本发明的基于鼠标行为的认证方法的另一实施例的流程示意图。2 is a flow chart showing another embodiment of the mouse behavior based authentication method of the present invention.
元件标号说明Component label description
S1~S4               步骤S1 ~ S4 steps
具体实施方式detailed description
以下通过特定的具体实例说明本发明的实施方式,本领域技术人员可由本说明书所揭露的内容轻易地了解本发明的其他优点与功效。本发明还可以通过另外不同的具体实施方式加以实施或应用,本说明书中的各项细节也可以基于不同观点与应用,在没有背离本发明的精神下进行各种修饰或改变。The embodiments of the present invention are described below by way of specific examples, and those skilled in the art can readily understand other advantages and effects of the present invention from the disclosure of the present disclosure. The present invention may be embodied or applied in various other specific embodiments, and various modifications and changes can be made without departing from the spirit and scope of the invention.
需要说明的是,本实施例中所提供的图示仅以示意方式说明本发明的基本构想,遂图式中仅显示与本发明中有关的组件而非按照实际实施时的组件数目、形状及尺寸绘制,其实际实施时各组件的型态、数量及比例可为一种随意的改变,且其组件布局型态也可能更为复杂。It should be noted that the illustrations provided in the present embodiment merely illustrate the basic concept of the present invention in a schematic manner, and only the components related to the present invention are shown in the drawings, instead of the number and shape of components in actual implementation. Dimensional drawing, the actual type of implementation of each component's type, number and proportion can be a random change, and its component layout can be more complicated.
本发明提供一种基于鼠标行为的认证方法,特别适用于动态软键盘应用场景中。在一个实施例中,如图1所示,所述基于鼠标的认证方法包括: The invention provides a mouse behavior based authentication method, which is particularly suitable for use in a dynamic soft keyboard application scenario. In one embodiment, as shown in FIG. 1, the mouse-based authentication method includes:
步骤S1,采集预设用户使用动态软键盘输入密码过程中的鼠标行为数据。在一个实施例中,利用设计好的动态软键盘,在用户录入密码时收集和存储用户输密码操作中使用鼠标产生的数据。例如,利用现有的开源软件RUI工具,记录用户的动作数据,记录的数据元组格式为<t,x,y,action-type>。数据格式如下表所示:In step S1, the mouse behavior data in the process of inputting the password by the preset user using the dynamic soft keyboard is collected. In one embodiment, the user-created dynamic soft keyboard is used to collect and store data generated by the mouse during the user input password operation when the user enters the password. For example, the existing open source software RUI tool is used to record the user's action data, and the recorded data tuple format is <t, x, y, action-type>. The data format is shown in the following table:
Figure PCTCN2016070993-appb-000001
Figure PCTCN2016070993-appb-000001
对于不符合规则的记录元组,以及数据大小明显异常的记录元组,则可以删除,不作为鼠标行为数据使用。所述动态软键盘包括随机产生的乱序键盘。采用随机产生的乱序键盘,可以提高认证的安全性。For a record tuple that does not conform to the rule, and a record tuple whose data size is obviously abnormal, it can be deleted and not used as mouse behavior data. The dynamic soft keyboard includes a randomly generated out-of-order keyboard. The use of randomly generated out-of-order keyboards can improve the security of authentication.
步骤S2,对所述鼠标行为数据进行计算处理得到特征值,并利用特征选择算法选出最佳特征向量。对于特征向量(特征向量由特征值构成)的设计,考虑到动态软键盘应用场景,分析鼠标数据特点,发现用户操作鼠标寻找目标键和离开目标键的这两个动作构成了主要的行为轨迹,因此定义了击键和寻键两类行为。击键行为,指用户操作鼠标在软键盘上单击某个字符键的行为。寻键行为,指用户操作鼠标在软键盘上寻找某个字符键的行为。在此基础上,定义了进入速度、离开速度、寻键时间比等一系列新特征值,作为传统特征值(如平均速度,加速度,偏离距离等)的补充。进入速度记为Vin,定义为击键开始前鼠标进入某按键的速度。离开速度记为Vout,定义为击键结束后鼠标离开该键的速度。进入速度和离开速度均利用单击前/后3个采样点位置信息和持续时间计算得出,持续时间为3个采样周期。由于持续时间很小,可以将该时间间隔内的鼠标轨迹近似为直线后进行处理。另外,考虑到键入序列中存在相同的字符片段,因此定义相同字符寻键时间比Rto,寻找相同的字符片段中同一个字符的时间的比值。由于人记忆能力的影响,该值大多数都小于1。在一个实施例中,可选地,所述特征值包括击键进入速度、击键离开速度、寻键时间中的至少一种。所述特征值还可以包括移动速度、加速度、移动角度值等。在一个实施例中,经过简单的数学计算可以得到如下表所示的特征值。In step S2, the mouse behavior data is calculated and processed to obtain feature values, and the feature selection algorithm is used to select the best feature vector. For the design of eigenvectors (the eigenvectors are composed of eigenvalues), considering the dynamic soft keyboard application scenario, analyzing the characteristics of the mouse data, it is found that the two actions of the user to operate the mouse to find the target key and leave the target key constitute the main behavior trajectory. Therefore, two types of behaviors such as keystrokes and keystrokes are defined. Keystroke behavior refers to the behavior of a user operating a mouse to click a character key on a soft keyboard. The key-seeking behavior refers to the behavior of the user operating the mouse to find a character key on the soft keyboard. On this basis, a series of new eigenvalues such as entry speed, exit speed, and key-to-key time ratio are defined, which are supplemented by traditional eigenvalues (such as average speed, acceleration, deviation distance, etc.). The entry speed is recorded as V in , which is defined as the speed at which the mouse enters a button before the keystroke begins. The exit speed is recorded as V out , defined as the speed at which the mouse leaves the key after the keystroke is over. Both the entry speed and the exit speed are calculated using the position information and duration of the 3 sample points before/after the click, and the duration is 3 sample periods. Since the duration is small, the mouse trajectory within the time interval can be approximated as a straight line for processing. In addition, considering that the same character segment exists in the key-in sequence, the ratio of the same character key-finding time to Rto is found, and the time of the same character in the same character segment is found. Most of this value is less than one due to the influence of human memory. In one embodiment, optionally, the feature value includes at least one of a keystroke entry speed, a keystroke departure speed, and a keying time. The feature values may also include moving speed, acceleration, moving angle values, and the like. In one embodiment, the eigenvalues shown in the following table can be obtained by simple mathematical calculations.
Figure PCTCN2016070993-appb-000002
Figure PCTCN2016070993-appb-000002
Figure PCTCN2016070993-appb-000003
Figure PCTCN2016070993-appb-000003
特征值的提取,可以综合CDF累计函数分布和增L去R特征选择法。特征向量维数不是越多越好,没有较强区分度的特征向量类别不仅增加了检测工作量,同时也可能使误判率提高。在统计概率学上,有CDF累积函数分布,用来描述一个实数随机变量的概率分布,即随机变量小于或者等于某个数值的概率。通过利用MATLAB工具统计出累计函数分布,直观地比较各特征值的可分性和稳定性,挑选出分布较为分散,即CDF曲线重合率低的特征值。The extraction of eigenvalues can be combined with the CDF cumulative function distribution and the incremental L-R feature selection method. The feature vector dimension is not as good as possible. The feature vector class without strong discrimination not only increases the detection workload, but also increases the false positive rate. In statistical probability, there is a CDF cumulative function distribution, which is used to describe the probability distribution of a real random variable, that is, the probability that the random variable is less than or equal to a certain value. By using the MATLAB tool to calculate the cumulative function distribution, visually compare the separability and stability of each eigenvalue, and select the eigenvalues with relatively scattered distribution, that is, the CDF curve coincidence rate is low.
在一个实施例中,所述特征选择算法包括增L去R选择算法。增L去R选择算法(LRS,Plus-L Minus-R Selection),有两种形式:<1>算法从空集开始,每轮先加入L个特征,然后从中去除R个特征,使得评价函数值最优。(L>R)。<2>算法从全集开始,每轮先去除R个特征,然后加入L个特征,使得评价函数值最优。(L<R)。算法评价:增L去R选择算法结合了序列前向选择与序列后向选择思想,L与R的选择是算法的关键。在一个实施例中个,考虑到所有特征总维数不大,固定L和R的区间范围为[1,8],在该范围内确定L和R的值,我们枚举出L-R值,评价函数取分类准确度进行比较使用分类准确度进行评价,最终选出最佳的特征向量,该最佳特征向量包括9类特征值,为17维特征向量。所述特征向量的组成如下表所示:In one embodiment, the feature selection algorithm includes an L-to-R selection algorithm. Add L to the R selection algorithm (LRS, Plus-L Minus-R Selection), there are two forms: <1> algorithm starts from the empty set, first adds L features in each round, then removes R features from it, so that the evaluation function The value is optimal. (L>R). <2> The algorithm starts from the complete set, and removes R features in each round, then adds L features to make the evaluation function value optimal. (L<R). Algorithm evaluation: The addition of L to R selection algorithm combines the idea of sequence forward selection and sequence backward selection. The choice of L and R is the key of the algorithm. In one embodiment, considering that the total dimension of all features is not large, the interval range of fixed L and R is [1, 8], and the values of L and R are determined within the range, and we enumerate the LR value, evaluation The function compares the classification accuracy with the classification accuracy, and finally selects the best feature vector. The best feature vector includes 9 types of feature values, which are 17-dimensional feature vectors. The composition of the feature vector is shown in the following table:
编号Numbering 特征值Eigenvalues 含义meaning
11 CTCT Click Time即用户单击时间间隔Click Time is the user click interval
22 CTmax/min/mean/sd CT max/min/mean/sd CT的最大/最小值/平均值/标准差CT maximum/minimum/average/standard deviation
33 STST Search Time即用户的寻键时间Search Time is the user's key-seeking time
44 STmax/min/median/sd ST max/min/median/sd CT的最大/最小值/中位值/标准差CT maximum / minimum / median / standard deviation
55 RtoRto 重复字符寻键时间比Repeat character key time ratio
66 TT 总持续时间Total duration
77 vin/vout v in /v out 击键时的进入速度,击键结束的离开速度Entry speed at the time of keystroke, exit speed at the end of the keystroke
88 vin/vout(mean/sd) v in /v out(mean/sd) vin/vout的平均值/标准差Average/standard deviation of v in /v out
99 DeviationDeviation 移动偏移值Moving offset value
步骤S3,采用预设模型对所述最佳特征向量进行处理,确定所述用户的用户行为模式。具体地,所述最佳特征向量有多个特征值组成。采用预设模型对所述最佳特征向量进行处理,确定所述用户行为模式的具体实现包括:对所述最佳特征向量进行归一化处理;将所述最佳特征向量均匀的分成多组子集数据,针对每一组子集数据,将所述子集数据作为验证集,其他子集数据作为训练集,分别得到一个模型参数和分类器性能指标;根据所述多个分类器性能指标中的最大值所对应的模型参数确定所述用户行为模式。在一个实施例中,所述预设模型包括支持向量机模型。支持向量机SVM(Support Vector Machine)是一个有监督的学习模型,通常用来进行模式识别、分类、以及回归分析。利用SVM支持向量机模型对用户的鼠标行为特征进行处理。包括:先归一化处理特征向量,将数据规整到[0,1]区间。为了避免过学习和欠学习状态的发生,利用5-CV交叉验证选择SVM算法里的惩罚参数c和核函数参数g,提高分类器认证准确度。具体地,将原始训练集分成5组,将每个子集分别作一次验证集,用其余的4个子集作训练集,得到5个模型,用5个模型最终验证集的分类准确率的平均数作为此5-CV交叉验证下分类器的性能指标。用户行为模式构建的具体过程如下:Step S3: processing the best feature vector by using a preset model to determine a user behavior mode of the user. Specifically, the optimal feature vector has a plurality of feature values. Processing the optimal feature vector by using a preset model, and determining the specific implementation of the user behavior mode comprises: normalizing the optimal feature vector; uniformly dividing the optimal feature vector into multiple groups Subset data, for each set of subset data, using the subset data as a verification set, and other subset data as a training set, respectively obtaining a model parameter and a classifier performance indicator; according to the plurality of classifier performance indicators The model parameters corresponding to the maximum value in the determination of the user behavior pattern. In one embodiment, the preset model includes a support vector machine model. Support Vector Machine (SVM) is a supervised learning model commonly used for pattern recognition, classification, and regression analysis. The user's mouse behavior characteristics are processed using the SVM support vector machine model. Including: normalizing the feature vector first, and normalizing the data to the [0,1] interval. In order to avoid the over-learning and under-learning state, the 5-CV cross-validation is used to select the penalty parameter c and the kernel function parameter g in the SVM algorithm to improve the classifier authentication accuracy. Specifically, the original training set is divided into 5 groups, each subset is made into a verification set, and the remaining 4 subsets are used as a training set to obtain 5 models, and the average of the classification accuracy of the final verification set is verified by 5 models. As a performance indicator of this 5-CV cross-validation classifier. The specific process of building a user behavior pattern is as follows:
输入:所采集的预设用户使用动态软键盘输入密码过程中的鼠标行为数据Data={D1,D2,……,Dp},Di=<di1,di2,……,din>,i:1~p;其中p为采集的样本数目,n为特征向量维数,即表明一个特征向量由n个特征值组成。已知标签Label={L1,L2,……,Lp},Li∈{+1,-1}。惩罚参数范围c∈[2^(-10),2^10],核函数参数范围g∈[2^(-10),2^10]。Input: Mouse behavior data during the process of entering the password by the preset user using the dynamic soft keyboard Data={D 1 , D 2 , . . . , D p }, D i =<d i1 ,d i2 ,...,d In >,i:1~p; where p is the number of samples collected and n is the eigenvector dimension, which means that one eigenvector is composed of n eigenvalues. The label Label = {L 1 , L 2 , ..., L p }, L i ∈ {+1, -1} is known. The penalty parameter range c∈[2^(-10), 2^10], the kernel function parameter range g∈[2^(-10), 2^10].
输出:最佳惩罚参数bestc,最佳核函数参数bestg。Output: best penalty parameter bestc, best kernel function parameter bestg.
步骤:step:
1)利用公式f:x→y=(x-xmin)/(xmax-xmin),对特征向量集进行[0,1]归一化处理。其中,xmin=min(x),xmax=max(x)。1) Using the formula f: x → y = (xx min ) / (x max - x min ), the feature vector set is normalized by [0, 1]. Where x min =min(x), x max =max(x).
2)使用RBF核函数。2) Use the RBF kernel function.
3)将特征向量集均匀分为5组,重复如下步骤:选一个子集数据做验证集,其余4组做训练集,在c、g给定范围中,取间隔值step=2,得到每个(cj,gj)对应的5个分类准确度的平均数作为此参数下的分类器性能指标Accj3) The feature vector set is evenly divided into 5 groups, and the following steps are repeated: one subset data is selected as the verification set, and the other 4 groups are used as the training set. In the given range of c and g, the interval value is step=2, and each is obtained. The average of the five classification accuracy corresponding to (c j , g j ) is taken as the classifier performance index Acc j under this parameter.
4)选出最大的Acck=max{Accj},则bestc=ck,bestg=gk4) Select the largest Acc k =max{Acc j }, then bestc=c k , bestg=g k .
举例如下:为便于描述,简化特征向量为3维,如Data={D1,D2,…,D5},5个样本分别为D1=<1.1,2.2,3.0>,D2=<1.0,2.1,3.2>,D3=<1.2,2.0,3.1>,D4=<2.0,2.9,4.0>,D5=<1.9,3.0,3.8>,Label={L1,L2,…,L5},L1=+1,L1=+1,L1=+1,L1=-1,L1=-1。利用归一化处理得到Data’={D1’,D2’,…,D5’},D1’=<0.1,0.2,0>,D2’=<0,0.1,0.2>,D3’=<0.2,0,0.1>,D4’=<1,0.9, 1>,D5’=<0.9,1,0.8>。根据给定范围c∈[2^(-10),2^10],g∈[2^(-10),2^10],step=2,cj和gj分别取{2^(-10),2^(-8),…,2^8,2^10},对于每对(cj,gj):Data’分为5组,每个Di’为一个子集Si,取任一Si为验证集,其余为训练集,得到对应参数SVM分类器的平均性能指标Accj。最后选出max{Accj},相应的(cj,gj)即为要求的SVM的参数值。For example, for convenience of description, the simplified feature vector is 3D, such as Data={D 1 , D 2 ,..., D 5 }, and 5 samples are D 1 =<1.1, 2.2, 3.0>, D 2 =< 1.0, 2.1, 3.2>, D 3 = <1.2, 2.0, 3.1>, D 4 = <2.0, 2.9, 4.0>, D 5 = <1.9, 3.0, 3.8>, Label={L 1 , L 2 ,... , L 5 }, L 1 = +1, L 1 = +1, L 1 = +1, L 1 = -1, L 1 = -1. Using normalization, we get Data'={D 1 ', D 2 ',..., D 5 '}, D 1 '=<0.1,0.2,0>, D 2 '=<0,0.1,0.2>,D 3 '=<0.2,0,0.1>, D 4 '=<1,0.9, 1>, D 5 '=<0.9,1,0.8>. According to the given range c∈[2^(-10), 2^10], g∈[2^(-10), 2^10], step=2, c j and g j respectively take {2^(- 10), 2^(-8),...,2^8,2^10}, for each pair (c j , g j ): Data' is divided into 5 groups, each D i ' is a subset S i Take any S i as the verification set and the rest as the training set, and get the average performance index Acc j of the corresponding parameter SVM classifier. Finally, max{Acc j } is selected, and the corresponding (c j , g j ) is the parameter value of the required SVM.
在一个实施例中,如图2所示,所述基于鼠标的认证方法还包括:步骤S4,接收使用动态软键盘输入密码过程中的鼠标行为数据,根据所述用户行为模式对所接收的鼠标行为数据进行用户身份分类认证。在一个实施例中,根据所述用户行为模式对所接收的鼠标行为数据进行用户身份分类认证的具体实现包括:结合所述用户行为模式,采用K多数票决法对所接收的鼠标行为数据进行处理,从而确定是否通过认证。在一个实施例中,利用多数票决法进行分类的规则定义为:接收使用动态软键盘输入密码过程中的鼠标行为数据,作为待测试数据,利用上文模式构建过程得到的SVM分类器对每个样本数据测试x次,分类器判定其为正标签的次数超出k×x次(0.5<k≤1),则样本被标记为正标签,否则标记为负样本,称为k多数票决法。在实验中,k取值范围为(0.5,1],令递增间隔值为0.05,即分别取k为{0.55,0.60,…,0.95,1.00}进行认证,从而最终获得最佳k值。在一个实施例中,认证的具体如下:In an embodiment, as shown in FIG. 2, the mouse-based authentication method further includes: step S4, receiving mouse behavior data during a password input process using a dynamic soft keyboard, and receiving the mouse according to the user behavior mode. Behavior data is used for user identity classification authentication. In one embodiment, the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior mode includes: combining the received user behavior data with the K majority vote method to perform the received mouse behavior data. Process to determine if it passes the certification. In one embodiment, the rule for classifying by majority vote is defined as: receiving mouse behavior data during the process of inputting a password using a dynamic soft keyboard, as the data to be tested, using the SVM classifier obtained by the above mode construction process for each The sample data is tested x times, and the classifier determines that it is a positive label more than k×x times (0.5<k≤1), then the sample is marked as a positive label, otherwise the label is a negative sample, which is called a k majority vote method. . In the experiment, the range of k is (0.5, 1), and the increment interval is 0.05, that is, k is {0.55, 0.60, ..., 0.95, 1.00} for authentication, and finally the best k value is obtained. In one embodiment, the authentication is as follows:
接收使用动态软键盘的一个或多个鼠标行为数据,并获得相应的最佳特征向量TestData={TD1,TD2,……,TDq},其中TDi=<tdi1,tdi2,……,tdin>;其中q为鼠标行为数据的数目,n为特征向量维数(即特征值的数量)。SVM分类器参数<bestc,bestg>;多数票决法的参数k。最终获得各个鼠标行为数据的认证结果Predicted_label={PL1,PL2,……,PLp},PLi∈{+1,-1}。Receiving one or more mouse behavior data using a dynamic soft keyboard, and obtaining a corresponding optimal feature vector TestData={TD 1 , TD 2 , . . . , TD q }, where TD i =<td i1 , td i2 ,... ..., td in >; where q is the number of mouse behavior data and n is the feature vector dimension (ie the number of feature values). SVM classifier parameter <bestc, bestg>; parameter k of the majority vote. Finally, the authentication result of each mouse behavior data is obtained Predicted_label={PL 1 , PL 2 , . . . , PL p }, PL i ∈{+1,-1}.
步骤:step:
1)令正负标签计数器初始为0,分别记作:Num+1=0,Num-1=0.1) Let the positive and negative label counters be initially 0, which are respectively recorded as: Num +1 =0, Num -1 =0.
2)利用x个训练好的SVM分类器<bestc,bestg>,分别测试样本数据x次:每次测试中,将特征向量TestData作为SVM分类器的输入,若分类器的输出PLi=+1,则Num+1++;若PLi=-1,则Num-1++。2) Using x trained SVM classifiers <bestc, bestg>, respectively test the sample data x times: in each test, the feature vector TestData is used as the input of the SVM classifier, if the output of the classifier is PL i = +1 , then Num +1 ++; if PL i = -1, then Num -1 ++.
3)判断正负标签计数器值:若Num+1≥k×x,则PLi最终值为+1,说明相应的鼠标行为数据通过该用户的认证,标记为正标签;否则PLi最终值为-1,说明相应的鼠标行为数据不能通过该用户的认证,标记为负样本。3) Judging the positive and negative label counter value: If Num +1 ≥ k×x, the final value of PL i is +1, indicating that the corresponding mouse behavior data is marked as a positive label by the user's authentication; otherwise, the final value of PL i is -1, indicating that the corresponding mouse behavior data cannot be authenticated by the user and is marked as a negative sample.
在一个实施例中,通过对本发明的技术方案的反复测试,表明该技术方案认证的准确度平均可以达到97.33%。使用k多数票决法进行认证,利用测试数据验证得到FAR、FRR值,通常FRR(False Rejection Rate)和FAR(False Acceptance Rate)是用来评估识别算法性能的两个主要参数。FRR通俗叫法是拒真率的意思,标准称谓是FNMR(False Non-Match Rate 不匹配率)。可以通俗的理解为“把应该相互匹配成功的指纹当成不能匹配的指纹”的概率。FAR一般称为认假率,其标准称谓是FMR(False Match Rate错误匹配率)。FMR是用来评估指纹识别算法性能的最重要参数。可以通俗的理解为“把不应该匹配的指纹当成匹配的指纹”的概率。在一个实施例中,对使用新特征值(包括进入速度、离开速度、寻键时间比等一系列新特征值)和不使用新特征值的认证效果进行对比。结果表明,加入新特征值后,FAR和FRR值均有下降,即表明认证效果都得到提高。In an embodiment, through repeated testing of the technical solution of the present invention, it is shown that the accuracy of the technical solution authentication can reach 97.33% on average. The majority of the votes are used for authentication, and the test data is used to verify the FAR and FRR values. Generally, the FRR (False Rejection Rate) and the FAR (False Acceptance Rate) are two main parameters used to evaluate the performance of the recognition algorithm. FRR is commonly known as the rejection rate. The standard name is FNMR (False Non-Match Rate). No match rate). It can be understood in a common sense as the probability that "the fingerprints that should match each other successfully should be regarded as fingerprints that cannot be matched". FAR is generally called the false rate, and its standard name is FMR (False Match Rate). FMR is the most important parameter used to evaluate the performance of fingerprint recognition algorithms. It can be commonly understood as the probability of "putting a fingerprint that should not be matched as a matching fingerprint." In one embodiment, a comparison is made between the use of new feature values (including a series of new feature values such as entry speed, exit speed, key-to-key ratio, etc.) and the use of new feature values. The results show that the FAR and FRR values decrease after adding new eigenvalues, which means that the authentication effect is improved.
综上所述,本发明的一种基于鼠标行为的认证方法能实现鼠标动作为非固定轨迹时的用户身份认证。在构建和认证过程中使用了新特征值击键进入速度、击键离开速度、寻键时间等,对传统特征值进行了细化,提高了认证准确度。本发明的技术方案尤其适用于动态软键盘应用场景中,作为传统用户名/密码认证机制的辅助手段。所以,本发明有效克服了现有技术中的种种缺点而具高度产业利用价值。In summary, the mouse behavior-based authentication method of the present invention can implement user identity authentication when the mouse action is a non-fixed track. In the process of construction and certification, new feature value keystroke entry speed, keystroke departure speed, keystroke time, etc. are used to refine the traditional feature values and improve the authentication accuracy. The technical solution of the present invention is particularly suitable for use in a dynamic soft keyboard application scenario as an auxiliary means of a traditional username/password authentication mechanism. Therefore, the present invention effectively overcomes various shortcomings in the prior art and has high industrial utilization value.
上述实施例仅例示性说明本发明的原理及其功效,而非用于限制本发明。任何熟悉此技术的人士皆可在不违背本发明的精神及范畴下,对上述实施例进行修饰或改变。因此,举凡所属技术领域中具有通常知识者在未脱离本发明所揭示的精神与技术思想下所完成的一切等效修饰或改变,仍应由本发明的权利要求所涵盖。 The above-described embodiments are merely illustrative of the principles of the invention and its effects, and are not intended to limit the invention. Modifications or variations of the above-described embodiments may be made by those skilled in the art without departing from the spirit and scope of the invention. Therefore, all equivalent modifications or changes made by those skilled in the art without departing from the spirit and scope of the invention will be covered by the appended claims.

Claims (9)

  1. 一种基于鼠标行为的认证方法,其特征在于,所述基于鼠标的认证方法包括:A mouse behavior based authentication method, characterized in that the mouse-based authentication method comprises:
    采集预设用户使用动态软键盘输入密码过程中的鼠标行为数据;Collecting mouse behavior data during the process of inputting a password by a preset user using a dynamic soft keyboard;
    对所述鼠标行为数据进行计算处理得到特征值,并利用特征选择算法选出最佳特征向量;Performing calculation processing on the mouse behavior data to obtain feature values, and selecting a best feature vector by using a feature selection algorithm;
    采用预设模型对所述最佳特征向量进行处理,确定所述用户的用户行为模式。The best feature vector is processed by using a preset model to determine a user behavior pattern of the user.
  2. 根据权利要求1所述的基于鼠标行为的认证方法,其特征在于:所述基于鼠标的认证方法还包括:接收使用动态软键盘输入密码过程中的鼠标行为数据,根据所述用户行为模式对所接收的鼠标行为数据进行用户身份分类认证。The mouse behavior-based authentication method according to claim 1, wherein the mouse-based authentication method further comprises: receiving mouse behavior data during a process of inputting a password by using a dynamic soft keyboard, according to the user behavior mode Received mouse behavior data for user identity classification authentication.
  3. 根据权利要求2所述的基于鼠标行为的认证方法,其特征在于:根据所述用户行为模式对所接收的鼠标行为数据进行用户身份分类认证的具体实现包括:结合所述用户行为模式,采用K多数票决法对所接收的鼠标行为数据进行处理,从而确定是否通过认证。The mouse behavior-based authentication method according to claim 2, wherein the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior pattern comprises: combining the user behavior pattern with K Most ticket resolutions process the received mouse behavior data to determine whether or not to pass the authentication.
  4. 根据权利要求1或2所述的基于鼠标行为的认证方法,其特征在于:所述特征值包括击键进入速度、击键离开速度、寻键时间中的至少一种。The mouse behavior-based authentication method according to claim 1 or 2, wherein the feature value comprises at least one of a keystroke entry speed, a keystroke departure speed, and a key-seeking time.
  5. 根据权利要求4所述的基于鼠标行为的认证方法,其特征在于:所述特征值还包括移动速度、加速度、移动角度值。The mouse behavior-based authentication method according to claim 4, wherein the feature value further comprises a moving speed, an acceleration, and a moving angle value.
  6. 根据权利要求1或2所述的基于鼠标行为的认证方法,其特征在于:所述动态软键盘包括随机产生的乱序键盘。The mouse behavior-based authentication method according to claim 1 or 2, wherein the dynamic soft keyboard comprises a randomly generated out-of-order keyboard.
  7. 根据权利要求1或2所述的基于鼠标行为的认证方法,其特征在于:所述特征选择算法包括增L去R选择算法。The mouse behavior-based authentication method according to claim 1 or 2, wherein the feature selection algorithm comprises an L-to-R selection algorithm.
  8. 根据权利要求1或2所述的基于鼠标行为的认证方法,其特征在于:所述预设模型包括支持向量机模型。The mouse behavior-based authentication method according to claim 1 or 2, wherein the preset model comprises a support vector machine model.
  9. 根据权利要求8所述的基于鼠标行为的认证方法,其特征在于:采用预设模型对所述最佳 特征向量进行处理,确定所述用户行为模式的具体实现包括:对所述最佳特征向量进行归一化处理;将所述最佳特征向量均匀的分成多组子集数据,针对每一组子集数据,将所述子集数据作为验证集,其他子集数据作为训练集,分别得到一个模型参数和分类器性能指标;根据所得到的多个分类器性能指标中的最大值所对应的模型参数确定所述用户行为模式。 The mouse behavior-based authentication method according to claim 8, wherein the optimal model is used for the best The feature vector is processed, and the specific implementation of determining the user behavior mode comprises: normalizing the optimal feature vector; uniformly dividing the optimal feature vector into multiple sets of subset data, for each group The data is collected, the subset data is used as a verification set, and the other subset data is used as a training set to obtain a model parameter and a classifier performance index respectively; according to the obtained maximum value of the plurality of classifier performance indicators The parameters determine the user behavior pattern.
PCT/CN2016/070993 2015-11-05 2016-01-15 Mouse behaviors based authentication method WO2017075913A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2018100677A AU2018100677A4 (en) 2015-11-05 2018-05-18 Mouse behaviors based authentication method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510749698.1A CN105389486B (en) 2015-11-05 2015-11-05 A kind of authentication method based on mouse behavior
CN201510749698.1 2015-11-05

Related Child Applications (1)

Application Number Title Priority Date Filing Date
AU2018100677A Division AU2018100677A4 (en) 2015-11-05 2018-05-18 Mouse behaviors based authentication method

Publications (1)

Publication Number Publication Date
WO2017075913A1 true WO2017075913A1 (en) 2017-05-11

Family

ID=55421766

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/070993 WO2017075913A1 (en) 2015-11-05 2016-01-15 Mouse behaviors based authentication method

Country Status (2)

Country Link
CN (1) CN105389486B (en)
WO (1) WO2017075913A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287664A (en) * 2019-07-01 2019-09-27 贵州大学 A kind of identity identifying method being characterized selection based on multirow

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930703A (en) * 2016-07-07 2016-09-07 四川农业大学 Mouse and keyboard double-index type composite security identity identification system
CN107122641B (en) * 2017-04-25 2020-06-16 杭州义盾信息技术有限公司 Intelligent equipment owner identification method and intelligent equipment owner identification device based on use habit
CN107609590B (en) * 2017-09-12 2020-09-04 山东师范大学 Multi-scale mouse track feature extraction method, device and system
CN107766852A (en) * 2017-12-06 2018-03-06 电子科技大学 A kind of man-machine mouse track detection method based on convolutional neural networks
CN110119602B (en) * 2018-02-06 2021-06-11 百度在线网络技术(北京)有限公司 Man-machine recognition method, device, server, client and storage medium
CN109447099B (en) * 2018-08-28 2022-01-07 西安理工大学 PCA (principal component analysis) dimension reduction-based multi-classifier fusion method
CN110502883B (en) * 2019-08-23 2022-08-19 四川长虹电器股份有限公司 PCA-based keystroke behavior anomaly detection method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1957355A (en) * 2004-04-01 2007-05-02 道夫·雅各布森 Mouse performance identification
KR101451782B1 (en) * 2013-06-18 2014-10-16 국방과학연구소 User verification system via mouse movement pattern and method thereof

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100561397C (en) * 2004-07-08 2009-11-18 腾讯科技(深圳)有限公司 A kind of method and system of secure log
CN201035502Y (en) * 2006-12-28 2008-03-12 上海麦柯信息技术有限公司 Safety accidental dynamic soft keyboard
CN102867159B (en) * 2011-07-05 2015-04-01 腾讯科技(深圳)有限公司 Method, system, client and server for inputting password by soft keyboard
CN104517097A (en) * 2014-09-24 2015-04-15 浙江大学 Kinect-based moving human body posture recognition method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1957355A (en) * 2004-04-01 2007-05-02 道夫·雅各布森 Mouse performance identification
KR101451782B1 (en) * 2013-06-18 2014-10-16 국방과학연구소 User verification system via mouse movement pattern and method thereof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHEN, CHAO ET AL.: "User Authentication and Monitoring Based on Mouse Behavioral Features", JOURNAL ON COMMUNICATIONS, vol. 31, no. 7, 31 July 2010 (2010-07-31), pages 69 - 73, ISSN: 1000-436X *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287664A (en) * 2019-07-01 2019-09-27 贵州大学 A kind of identity identifying method being characterized selection based on multirow

Also Published As

Publication number Publication date
CN105389486A (en) 2016-03-09
CN105389486B (en) 2018-07-06

Similar Documents

Publication Publication Date Title
WO2017075913A1 (en) Mouse behaviors based authentication method
Yang et al. BehaveSense: Continuous authentication for security-sensitive mobile apps using behavioral biometrics
US10671735B2 (en) Framework for security strength and performance analysis of machine learning based biometric systems
US10467394B2 (en) Pointing device biometrics for continuous user authentication
TWI689942B (en) Man-machine recognition method and device, and method and device for collecting behavior characteristic data
Traore et al. Combining mouse and keystroke dynamics biometrics for risk-based authentication in web environments
US9589120B2 (en) Behavior based authentication for touch screen devices
CN107437074B (en) Identity authentication method and device
JP2018526719A (en) Apparatus and computer-implemented method for fingerprint-based authentication
US20120098750A1 (en) Method for subject classification using a pattern recognition input device
WO2018082011A1 (en) Living fingerprint recognition method and device
US11062120B2 (en) High speed reference point independent database filtering for fingerprint identification
Teh et al. Recognizing your touch: Towards strengthening mobile device authentication via touch dynamics integration
Siddiqui et al. Continuous User Authentication Using Mouse Dynamics, Machine Learning, and Minecraft
CN111625789B (en) User identification method based on multi-core learning fusion of mouse and keyboard behavior characteristics
Siddiqui et al. Continuous authentication using mouse movements, machine learning, and Minecraft
Traore et al. Dynamic sample size detection in learning command line sequence for continuous authentication
Sturgess et al. Watchauth: User authentication and intent recognition in mobile payments using a smartwatch
Wang et al. Towards DTW-based unlock scheme using handwritten graphics on smartphones
Burgbacher et al. A behavioral biometric challenge and response approach to user authentication on smartphones
Baynath et al. Implementation of a Secure Keystroke Dynamics using Ant colony optimisation
AU2018100677A4 (en) Mouse behaviors based authentication method
Elliott et al. Expanding the human-biometric sensor interaction model to identity claim scenarios
Matsubara et al. Screen unlocking by spontaneous flick reactions with one-class classification approaches
Zhang et al. Implicit identity authentication mechanism based on smartphone touch dynamics

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16861186

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 18.10.2018)

122 Ep: pct application non-entry in european phase

Ref document number: 16861186

Country of ref document: EP

Kind code of ref document: A1