Return to search

Intelligent online risk-based authentication using Bayesian network model

Risk-based authentication is an increasingly popular component in the security architecture deployed by many organizations in mitigating online identity threat. Risk-based authentication uses contextual and historical information extracted from online communications to build a risk profile for the user that can be used to make accordingly authentication and authorization decisions. Existing risk-based authentication systems rely on basic web communication information such as the source IP address or the velocity of transactions performed by a specific account, or originating from a certain IP address. Such information can easily be spoofed and as such put in question the robustness and reliability of the proposed systems. In this thesis, we propose in this work an online risk-based authentication system which provides more robust user identity information by combining mouse dynamics, keystroke dynamics biometrics, and user site actions in a multimodal framework. We propose a Bayesian network model for analyzing free keystrokes and mouse movements involved in web sessions. Experimental evaluation of our proposed model with 24 participants yields an Equal Error Rate of 6.91%. This is encouraging considering that we are dealing with free text and mouse movements and the fact that many web sessions tend to be short. / Graduate

Identiferoai:union.ndltd.org:uvic.ca/oai:dspace.library.uvic.ca:1828/3290
Date12 May 2011
CreatorsLai, Dao Yu
ContributorsTraore, Issa
Source SetsUniversity of Victoria
LanguageEnglish, English
Detected LanguageEnglish
TypeThesis
RightsAvailable to the World Wide Web

Page generated in 0.0021 seconds