WO2017075913A1 - Procédé d'authentification basé sur des comportements de souris - Google Patents

Procédé d'authentification basé sur des comportements de souris Download PDF

Info

Publication number
WO2017075913A1
WO2017075913A1 PCT/CN2016/070993 CN2016070993W WO2017075913A1 WO 2017075913 A1 WO2017075913 A1 WO 2017075913A1 CN 2016070993 W CN2016070993 W CN 2016070993W WO 2017075913 A1 WO2017075913 A1 WO 2017075913A1
Authority
WO
WIPO (PCT)
Prior art keywords
mouse
authentication method
user
based authentication
behavior
Prior art date
Application number
PCT/CN2016/070993
Other languages
English (en)
Chinese (zh)
Inventor
蒋昌俊
闫春钢
陈闳中
丁志军
马磊
Original Assignee
同济大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 同济大学 filed Critical 同济大学
Publication of WO2017075913A1 publication Critical patent/WO2017075913A1/fr
Priority to AU2018100677A priority Critical patent/AU2018100677A4/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • the invention relates to a security technology, in particular to a mouse behavior based authentication method.
  • an object of the present invention is to provide a mouse behavior based authentication method for solving the security problem existing in the prior art dynamic soft keyboard technology.
  • the present invention provides a mouse behavior-based authentication method
  • the mouse-based authentication method includes: collecting mouse behavior data during a process of inputting a password by using a dynamic soft keyboard by a preset user; The mouse behavior data is calculated and processed to obtain the feature value, and the feature selection algorithm is used to select the optimal feature vector; the optimal feature vector is processed by the preset model to determine the user behavior mode of the user.
  • the mouse-based authentication method further includes: receiving mouse behavior data during a password input process using a dynamic soft keyboard, and performing user identity classification authentication on the received mouse behavior data according to the user behavior mode.
  • the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior mode includes: combining the user behavior pattern, and processing the received mouse behavior data by using a K majority vote method, Thereby determining whether to pass the certification.
  • the dynamic soft keyboard comprises a randomly generated out-of-order keyboard.
  • the feature selection algorithm includes an L-to-R selection algorithm.
  • the feature value includes at least one of a keystroke entry speed, a keystroke departure speed, and a keying time.
  • the feature value further includes a moving speed, an acceleration, and a moving angle value.
  • the preset model includes a support vector machine model.
  • processing the optimal feature vector by using a preset model, and determining a specific implementation of the user behavior mode includes: normalizing the optimal feature vector; and uniformly, the optimal feature vector Divided into a plurality of sets of subset data, for each set of subset data, the subset data is used as a verification set, and other subset data is used as a training set to obtain a model parameter and a classifier performance index respectively;
  • the model parameters corresponding to the maximum values in the classifier performance indicators determine the user behavior pattern.
  • the mouse behavior-based authentication method of the present invention has the following beneficial effects: user identity authentication when the mouse action is a non-fixed track can be realized.
  • new feature value keystroke entry speed, keystroke departure speed, keystroke time, etc. are used to refine the traditional feature values and improve the authentication accuracy.
  • the technical solution of the present invention is particularly suitable for use in a dynamic soft keyboard application scenario as an auxiliary means of a traditional username/password authentication mechanism.
  • FIG. 1 is a flow chart showing an embodiment of a mouse behavior based authentication method according to the present invention.
  • FIG. 2 is a flow chart showing another embodiment of the mouse behavior based authentication method of the present invention.
  • the invention provides a mouse behavior based authentication method, which is particularly suitable for use in a dynamic soft keyboard application scenario.
  • the mouse-based authentication method includes:
  • step S1 the mouse behavior data in the process of inputting the password by the preset user using the dynamic soft keyboard is collected.
  • the user-created dynamic soft keyboard is used to collect and store data generated by the mouse during the user input password operation when the user enters the password.
  • the existing open source software RUI tool is used to record the user's action data, and the recorded data tuple format is ⁇ t, x, y, action-type>.
  • the data format is shown in the following table:
  • the dynamic soft keyboard includes a randomly generated out-of-order keyboard. The use of randomly generated out-of-order keyboards can improve the security of authentication.
  • step S2 the mouse behavior data is calculated and processed to obtain feature values, and the feature selection algorithm is used to select the best feature vector.
  • the eigenvectors are composed of eigenvalues
  • keystroke behavior refers to the behavior of a user operating a mouse to click a character key on a soft keyboard.
  • the key-seeking behavior refers to the behavior of the user operating the mouse to find a character key on the soft keyboard.
  • eigenvalues such as entry speed, exit speed, and key-to-key time ratio are defined, which are supplemented by traditional eigenvalues (such as average speed, acceleration, deviation distance, etc.).
  • the entry speed is recorded as V in , which is defined as the speed at which the mouse enters a button before the keystroke begins.
  • the exit speed is recorded as V out , defined as the speed at which the mouse leaves the key after the keystroke is over.
  • Both the entry speed and the exit speed are calculated using the position information and duration of the 3 sample points before/after the click, and the duration is 3 sample periods. Since the duration is small, the mouse trajectory within the time interval can be approximated as a straight line for processing.
  • the feature value includes at least one of a keystroke entry speed, a keystroke departure speed, and a keying time.
  • the feature values may also include moving speed, acceleration, moving angle values, and the like.
  • the eigenvalues shown in the following table can be obtained by simple mathematical calculations.
  • the extraction of eigenvalues can be combined with the CDF cumulative function distribution and the incremental L-R feature selection method.
  • the feature vector dimension is not as good as possible.
  • the feature vector class without strong discrimination not only increases the detection workload, but also increases the false positive rate.
  • there is a CDF cumulative function distribution which is used to describe the probability distribution of a real random variable, that is, the probability that the random variable is less than or equal to a certain value.
  • the feature selection algorithm includes an L-to-R selection algorithm.
  • Add L to the R selection algorithm (LRS, Plus-L Minus-R Selection), there are two forms: ⁇ 1> algorithm starts from the empty set, first adds L features in each round, then removes R features from it, so that the evaluation function The value is optimal. (L>R). ⁇ 2> The algorithm starts from the complete set, and removes R features in each round, then adds L features to make the evaluation function value optimal. (L ⁇ R).
  • Algorithm evaluation The addition of L to R selection algorithm combines the idea of sequence forward selection and sequence backward selection. The choice of L and R is the key of the algorithm.
  • the interval range of fixed L and R is [1, 8], and the values of L and R are determined within the range, and we enumerate the LR value, evaluation
  • the function compares the classification accuracy with the classification accuracy, and finally selects the best feature vector.
  • the best feature vector includes 9 types of feature values, which are 17-dimensional feature vectors.
  • the composition of the feature vector is shown in the following table:
  • CT Click Time is the user click interval 2 CT max/min/mean/sd CT maximum/minimum/average/standard deviation 3 ST Search Time is the user's key-seeking time 4 ST max/min/median/sd CT maximum / minimum / median / standard deviation 5 Rto Repeat character key time ratio 6 T Total duration 7 v in /v out Entry speed at the time of keystroke, exit speed at the end of the keystroke 8 v in /v out(mean/sd) Average/standard deviation of v in /v out 9 Deviation Moving offset value
  • Step S3 processing the best feature vector by using a preset model to determine a user behavior mode of the user.
  • the optimal feature vector has a plurality of feature values.
  • Processing the optimal feature vector by using a preset model, and determining the specific implementation of the user behavior mode comprises: normalizing the optimal feature vector; uniformly dividing the optimal feature vector into multiple groups Subset data, for each set of subset data, using the subset data as a verification set, and other subset data as a training set, respectively obtaining a model parameter and a classifier performance indicator; according to the plurality of classifier performance indicators The model parameters corresponding to the maximum value in the determination of the user behavior pattern.
  • the preset model includes a support vector machine model.
  • Support Vector Machine is a supervised learning model commonly used for pattern recognition, classification, and regression analysis.
  • the user's mouse behavior characteristics are processed using the SVM support vector machine model. Including: normalizing the feature vector first, and normalizing the data to the [0,1] interval.
  • the 5-CV cross-validation is used to select the penalty parameter c and the kernel function parameter g in the SVM algorithm to improve the classifier authentication accuracy.
  • the original training set is divided into 5 groups, each subset is made into a verification set, and the remaining 4 subsets are used as a training set to obtain 5 models, and the average of the classification accuracy of the final verification set is verified by 5 models.
  • the specific process of building a user behavior pattern is as follows:
  • the label Label ⁇ L 1 , L 2 , ..., L p ⁇ , L i ⁇ ⁇ +1, -1 ⁇ is known.
  • the kernel function parameter range g ⁇ [2 ⁇ (-10), 2 ⁇ 10].
  • the feature vector set is evenly divided into 5 groups, and the following steps are repeated: one subset data is selected as the verification set, and the other 4 groups are used as the training set.
  • the average of the five classification accuracy corresponding to (c j , g j ) is taken as the classifier performance index Acc j under this parameter.
  • c j and g j respectively take ⁇ 2 ⁇ (- 10), 2 ⁇ (-8),...,2 ⁇ 8,2 ⁇ 10 ⁇ , for each pair (c j , g j ):
  • Data' is divided into 5 groups, each D i ' is a subset S i Take any S i as the verification set and the rest as the training set, and get the average performance index Acc j of the corresponding parameter SVM classifier.
  • max ⁇ Acc j ⁇ is selected, and the corresponding (c j , g j ) is the parameter value of the required SVM.
  • the mouse-based authentication method further includes: step S4, receiving mouse behavior data during a password input process using a dynamic soft keyboard, and receiving the mouse according to the user behavior mode.
  • Behavior data is used for user identity classification authentication.
  • the specific implementation of performing user identity classification and authentication on the received mouse behavior data according to the user behavior mode includes: combining the received user behavior data with the K majority vote method to perform the received mouse behavior data. Process to determine if it passes the certification.
  • the rule for classifying by majority vote is defined as: receiving mouse behavior data during the process of inputting a password using a dynamic soft keyboard, as the data to be tested, using the SVM classifier obtained by the above mode construction process for each
  • the sample data is tested x times, and the classifier determines that it is a positive label more than k ⁇ x times (0.5 ⁇ k ⁇ 1), then the sample is marked as a positive label, otherwise the label is a negative sample, which is called a k majority vote method.
  • the range of k is (0.5, 1), and the increment interval is 0.05, that is, k is ⁇ 0.55, 0.60, ..., 0.95, 1.00 ⁇ for authentication, and finally the best k value is obtained.
  • the authentication is as follows:
  • the accuracy of the technical solution authentication can reach 97.33% on average.
  • the majority of the votes are used for authentication, and the test data is used to verify the FAR and FRR values.
  • FRR Federal Rejection Rate
  • FAR Federal Rejection Rate
  • FAR Federal Rejection Rate
  • FAR Federal Rejection Rate
  • FAR False Acceptance Rate
  • FRR is commonly known as the rejection rate.
  • the standard name is FNMR (False Non-Match Rate). No match rate). It can be understood in a common sense as the probability that "the fingerprints that should match each other successfully should be regarded as fingerprints that cannot be matched”.
  • FAR is generally called the false rate, and its standard name is FMR (False Match Rate).
  • FMR is the most important parameter used to evaluate the performance of fingerprint recognition algorithms. It can be commonly understood as the probability of "putting a fingerprint that should not be matched as a matching fingerprint.”
  • a comparison is made between the use of new feature values (including a series of new feature values such as entry speed, exit speed, key-to-key ratio, etc.) and the use of new feature values. The results show that the FAR and FRR values decrease after adding new eigenvalues, which means that the authentication effect is improved.
  • the mouse behavior-based authentication method of the present invention can implement user identity authentication when the mouse action is a non-fixed track.
  • new feature value keystroke entry speed, keystroke departure speed, keystroke time, etc. are used to refine the traditional feature values and improve the authentication accuracy.
  • the technical solution of the present invention is particularly suitable for use in a dynamic soft keyboard application scenario as an auxiliary means of a traditional username/password authentication mechanism. Therefore, the present invention effectively overcomes various shortcomings in the prior art and has high industrial utilization value.

Abstract

La présente invention concerne un procédé d'authentification basé sur des comportements de souris. Le procédé d'authentification basé sur souris consiste : à collecter les données de comportement de souris générées dans le processus de saisie de mots de passe par l'utilisateur prédéfini à l'aide du clavier logiciel dynamique ; à effectuer un calcul utilisant les données de comportement de souris pour obtenir la valeur propre et à sélectionner le vecteur propre optimal par l'algorithme de sélection de caractéristique ; à traiter le vecteur propre optimal à l'aide d'un modèle prédéfini pour déterminer un modèle de comportement d'utilisateur de l'utilisateur. Le procédé d'authentification basé sur souris consiste en outre à : recevoir les données de comportement de souris générées dans le processus de saisie de mots de passe à l'aide du clavier logiciel dynamique, et effectuer une authentification de classification d'identification d'utilisateur pour les données de comportement de souris reçues en fonction du modèle de comportement d'utilisateur. La solution technique de la présente invention est particulièrement appropriée pour être utilisée dans le scénario d'application de clavier logiciel dynamique comme moyen auxiliaire pour le mécanisme d'authentification par nom d'utilisateur/mot de passe classique.
PCT/CN2016/070993 2015-11-05 2016-01-15 Procédé d'authentification basé sur des comportements de souris WO2017075913A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2018100677A AU2018100677A4 (en) 2015-11-05 2018-05-18 Mouse behaviors based authentication method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510749698.1A CN105389486B (zh) 2015-11-05 2015-11-05 一种基于鼠标行为的认证方法
CN201510749698.1 2015-11-05

Related Child Applications (1)

Application Number Title Priority Date Filing Date
AU2018100677A Division AU2018100677A4 (en) 2015-11-05 2018-05-18 Mouse behaviors based authentication method

Publications (1)

Publication Number Publication Date
WO2017075913A1 true WO2017075913A1 (fr) 2017-05-11

Family

ID=55421766

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/070993 WO2017075913A1 (fr) 2015-11-05 2016-01-15 Procédé d'authentification basé sur des comportements de souris

Country Status (2)

Country Link
CN (1) CN105389486B (fr)
WO (1) WO2017075913A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287664A (zh) * 2019-07-01 2019-09-27 贵州大学 一种基于多行为特征选择的身份认证方法

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930703A (zh) * 2016-07-07 2016-09-07 四川农业大学 鼠标键盘双指标复合安全身份认证系统
CN107122641B (zh) * 2017-04-25 2020-06-16 杭州义盾信息技术有限公司 基于使用习惯的智能设备机主识别方法及机主识别装置
CN107609590B (zh) * 2017-09-12 2020-09-04 山东师范大学 一种多尺度鼠标轨迹特征提取方法、装置和系统
CN107766852A (zh) * 2017-12-06 2018-03-06 电子科技大学 一种基于卷积神经网络的人机鼠标轨迹检测方法
CN110119602B (zh) * 2018-02-06 2021-06-11 百度在线网络技术(北京)有限公司 人机识别方法、装置、服务器、客户端及存储介质
CN109447099B (zh) * 2018-08-28 2022-01-07 西安理工大学 一种基于pca降维的多分类器融合方法
CN110502883B (zh) * 2019-08-23 2022-08-19 四川长虹电器股份有限公司 一种基于pca的击键行为异常检测方法

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1957355A (zh) * 2004-04-01 2007-05-02 道夫·雅各布森 鼠标工作识别
KR101451782B1 (ko) * 2013-06-18 2014-10-16 국방과학연구소 마우스 움직임 패턴 기반의 사용자 인증 시스템 및 그 방법

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100561397C (zh) * 2004-07-08 2009-11-18 腾讯科技(深圳)有限公司 一种安全登录的方法及系统
CN201035502Y (zh) * 2006-12-28 2008-03-12 上海麦柯信息技术有限公司 安全随机动态软键盘
CN102867159B (zh) * 2011-07-05 2015-04-01 腾讯科技(深圳)有限公司 通过软键盘实现密码输入的方法、系统、客户端及服务器
CN104517097A (zh) * 2014-09-24 2015-04-15 浙江大学 一种基于kinect的运动人体姿态识别方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1957355A (zh) * 2004-04-01 2007-05-02 道夫·雅各布森 鼠标工作识别
KR101451782B1 (ko) * 2013-06-18 2014-10-16 국방과학연구소 마우스 움직임 패턴 기반의 사용자 인증 시스템 및 그 방법

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHEN, CHAO ET AL.: "User Authentication and Monitoring Based on Mouse Behavioral Features", JOURNAL ON COMMUNICATIONS, vol. 31, no. 7, 31 July 2010 (2010-07-31), pages 69 - 73, ISSN: 1000-436X *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110287664A (zh) * 2019-07-01 2019-09-27 贵州大学 一种基于多行为特征选择的身份认证方法

Also Published As

Publication number Publication date
CN105389486A (zh) 2016-03-09
CN105389486B (zh) 2018-07-06

Similar Documents

Publication Publication Date Title
WO2017075913A1 (fr) Procédé d'authentification basé sur des comportements de souris
US10671735B2 (en) Framework for security strength and performance analysis of machine learning based biometric systems
US10467394B2 (en) Pointing device biometrics for continuous user authentication
TWI689942B (zh) 人機識別方法及裝置、行為特徵資料的採集方法及裝置
Traore et al. Combining mouse and keystroke dynamics biometrics for risk-based authentication in web environments
Karnan et al. Biometric personal authentication using keystroke dynamics: A review
US20170140138A1 (en) Behavior based authentication for touch screen devices
WO2017071126A1 (fr) Système de construction et d'analyse de type de comportement d'appui sur des touches d'un utilisateur d'écran tactile et son procédé de reconnaissance d'identité
CN107437074B (zh) 一种身份认证方法和装置
JP2018526719A (ja) 指紋に基づく認証のための装置及びコンピュータ実装方法
WO2018082011A1 (fr) Procédé et dispositif de reconnaissance d'empreintes digitales vivantes
US11062120B2 (en) High speed reference point independent database filtering for fingerprint identification
CN111625789B (zh) 基于多核学习融合鼠标和键盘行为特征的用户识别方法
Teh et al. Recognizing your touch: Towards strengthening mobile device authentication via touch dynamics integration
Siddiqui et al. Continuous User Authentication Using Mouse Dynamics, Machine Learning, and Minecraft
Siddiqui et al. Continuous authentication using mouse movements, machine learning, and Minecraft
Traore et al. Dynamic sample size detection in learning command line sequence for continuous authentication
Sturgess et al. Watchauth: User authentication and intent recognition in mobile payments using a smartwatch
Wang et al. Towards DTW-based unlock scheme using handwritten graphics on smartphones
Rahman et al. Identifying user authentication and most frequently used region based on mouse movement data: A machine learning approach
Burgbacher et al. A behavioral biometric challenge and response approach to user authentication on smartphones
Baynath et al. Implementation of a Secure Keystroke Dynamics using Ant colony optimisation
Alieksieiev et al. Studying of keystroke dynamics statistical properties for biometrie user authentication
AU2018100677A4 (en) Mouse behaviors based authentication method
Elliott et al. Expanding the human-biometric sensor interaction model to identity claim scenarios

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16861186

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 18.10.2018)

122 Ep: pct application non-entry in european phase

Ref document number: 16861186

Country of ref document: EP

Kind code of ref document: A1