Continuous Authentication using Stylometry

Description

Static authentication, where user identity is checked once at login time, can be circumvented no matter how strong the authentication mechanism is. Through attacks such as man-in-the-middle and its variants, an authenticated session can be hijacked later after the initial login process has been completed. In the last decade, continuous authentication (CA) using biometrics has emerged as a possible remedy against session hijacking. CA consists of testing the authenticity of the user repeatedly throughout the authenticated session as data becomes available. CA is expected to be carried out unobtrusively, due to its repetitive nature, which means that the authentication information must be collectible without any active involvement of the user and without using any special purpose hardware devices (e.g. biometric readers). Stylometry analysis, which consists of checking whether a target document was written or not by a specific individual, could potentially be used for CA. Although stylometric techniques can achieve high accuracy rates for long documents, it is still challenging to identify an author for short documents, in particular when dealing with large author populations.


In this dissertation, we propose a new framework for continuous authentication using authorship verification based on the writing style. Authorship verification can be checked using stylometric techniques through the analysis of linguistic styles and writing characteristics of the authors. Different from traditional authorship verification that focuses on long texts, we tackle the use of short messages. Shorter authentication delay (i.e. smaller data sample) is essential to reduce the window size of the re-authentication period in CA. We validate our method using different block sizes, including 140, 280, and 500 characters, and investigate shallow and deep learning architectures for machine learning classification. Experimental evaluation of the proposed authorship verification approach based on the Enron emails dataset with 76 authors yields an Equal Error Rate (EER) of 8.21% and Twitter dataset with 100 authors yields an EER of 10.08%. The evaluation of the approach using relatively smaller forgery samples with 10 authors yields an EER of 5.48%. / Graduate

Links & Downloads

1. http://hdl.handle.net/1828/6098
2. Brocardo, Marcelo Luiz; Traore, Issa; Woungang, Isaac. Authorship Veri- fication of E-mail and Tweet Messages Applied for Continuous Au- thentication. Journal of Computer and System Sciences, Elsevier, Available online 29 December 2014, ISSN 0022-0000.
3. Brocardo, Marcelo Luiz; Traore, Issa; Saad, Sherif; Woungang, Isaac. Verify- ing Online User Identity using Stylometric Analysis for Short Mes- sages. Journal of Networks 9, no. 12 (2014): 3347-3355.
4. Brocardo, Marcelo Luiz; Traore, Issa. Continuous Authentication using Micro-Messages. Twelfth Annual International Conference on Privacy, Secu- rity and Trust (PST 2014), Toronto, Canada, July 23-24, 2014.
5. Brocardo, Marcelo Luiz; Traore, Issa; Woungang, Isaac. Toward a Frame- work for Continuous Authentication using Stylometry. The 28th IEEE International Conference on Advanced Information Networking and Applica- tions (AINA-2014), Victoria, Canada, May 13, 2014.
6. Brocardo, Marcelo Luiz; Traore, Issa; Saad, Sherif; Woungang, Isaac. Author- ship Verification for Short Messages Using Stylometry. Proc. of the IEEE Intl. Conference on Computer, Information and Telecommunication Sys- tems (CITS 2013), Piraeus-Athens, Greece, May 7-8, 2013 (Best paper award).

Tags

Continuous authentication

Stylometry

Deep Belief Network

short message verification

Additional Fields

Identifer	oai:union.ndltd.org:uvic.ca/oai:dspace.library.uvic.ca:1828/6098
Date	30 April 2015
Creators	Brocardo, Marcelo Luiz
Contributors	Traore, Issa
Source Sets	University of Victoria
Language	English, English
Detected Language	English
Type	Thesis
Rights	Available to the World Wide Web