Abstract
Given our increasing reliance on computing devices, the security of such devices becomes ever more important. In this work, we are interested in exploiting user behaviour as a means of reducing the potential for masquerade attacks, which occur when an intruder manages to breach the system and act as an authorised user. This could be possible by using stolen passwords or by taking advantage of unlocked, unattended devices. Once the attacker has passed the authentication step, they may have full access to that machine including any private data and software. Continuous identification can be used as an effective way to prevent such attacks, where the identity of the user is checked continuously throughout the session. In addition to security purposes, a reliable dynamic identification system would be of interest for user profiling and recommendation. In this paper, we present a method for user identification which relies on modeling the behaviours of a user when interacting with the graphical user interface of a computing device. A publicly-available logging tool has been developed specifically to passively capture human-computer interactions. Two experiments have been conducted to evaluate the model, and the results show the effectiveness and reliability of the method for the dynamic user identification.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ahmed, A.A.E., Traore, I.: A new biometric technology based on mouse dynamics. IEEE Trans. Dependable Secur. Comput. 4(3), 165–179 (2007)
Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. James P. Anderson Co. (2002)
Bergadano, F., Gunetti, D., Picardi, C.: User authentication through keystroke dynamics. ACM Trans. Inf. Syst. Secur. 5(4), 367–397 (2002)
Boies, S.J.: User behaviour on an interactive computer system. IBM Syst. J. 13, 2–18 (1974)
Boser, B.E., Guyon, I.M., Vapnik, V.N.: A training algorithm for optimal margin classifiers. In: Proceedings of the Fifth Annual Workshop on Computational Learning Theory, COLT 1992, pp. 144–152. ACM, New York (1992)
Carmagnola, F., Cena, F.: User identification for cross-system personalisation. Inf. Sci. 179(1–2), 16–32 (2009)
Curtin, M., Villani, M., Ngo, G., Simone, J., Fort, H.S., Cha, S.: Keystroke biometric recognition on long-text input: a feasibility study. In: International Workshop on Scientific Computing and Computational Statistics (2006)
Garg, A., Rahalkar, R., Upadhyaya, S., Kwiaty, K.: Profiling users in GUI based systems for masquerade detection. In: 2006 IEEE Information Assurance Workshop, pp. 48–54 (2006)
Goldring, T.: User profiling for intrusion detection in windows NT. Comput. Sci. Stat. 35 (2003)
Gunetti, D., Picardi, C.: Keystroke analysis of free text. ACM Trans. Inf. Syst. Secur. 8(3), 312–347 (2005)
Hinbarji, Z., Albatal, R., Gurrin, C.: Dynamic user authentication based on mouse movements curves. In: He, X., Luo, S., Tao, D., Xu, C., Yang, J., Hasan, M.A. (eds.) MMM 2015. LNCS, vol. 8936, pp. 111–122. Springer, Heidelberg (2015). doi:10.1007/978-3-319-14442-9_10
Hinbarji, Z., Albatal, R., O’Connor, N.E., Gurrin, C.: LoggerMan, a comprehensive logging and visualization tool to capture computer usage. In: Tian, Q., Sebe, N., Qi, G.-J., Huet, B., Hong, R., Liu, X. (eds.) MMM 2016. LNCS, vol. 9517, pp. 342–347. Springer, Heidelberg (2016). doi:10.1007/978-3-319-27674-8_31
Kaufman, K.A., Cervone, G., Michalski, R.S.: An application of symbolic learning to intrusion detection: preliminary results from the LUS methodology. Reports of the Machine Learning and Inference Laboratory, MLI 03-2, George Mason University, Fairfax, VA (2003)
Lane, T., Brodley., C.: An application of machine learning to anomaly detection. In: Proceedings of the 20th National Information Systems Security Conference, pp. 366–377 (1997)
Maxion, R., Townsend, T.: Masquerade detection using truncated command lines. In: Proceedings of the International Conference on Dependable Systems and Networks, DSN 2002, pp. 219–228 (2002)
Pannell, G., Ashman, H.: Anomaly detection over user profiles for intrusion detection (2010)
Ryan, J., Jang Lin, M., Miikkulainen, R.: Intrusion detection with neural networks. In: Advances in Neural Information Processing Systems, pp. 943–949. MIT Press (1998)
Schonlau, M., Dumouchel, W., Ju, W.-H., Karr, A.F., Theusan, M., Vardi, Y.: Computer intrusion: detecting masquerades. Stat. Sci. 16(1), 58–74 (2001)
Dao, V., Vemuri, R., Templeton, S.: Profiling users in the UNIX OS environment. In: International ICSC Conference on Intelligent Systems and Applications (2000)
Yeung, Y.D., Ding, Y.: Host-based intrusion detection using dynamic and static behavioral models. Pattern Recogn. 36, 229–243 (2003)
Acknowledgments
This publication has emanated from research conducted with the financial support of Science Foundation Ireland (SFI) under grant number SFI/12/RC/2289.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Hinbarji, Z., Albatal, R., Gurrin, C. (2017). User Identification by Observing Interactions with GUIs. In: Amsaleg, L., Guðmundsson, G., Gurrin, C., Jónsson, B., Satoh, S. (eds) MultiMedia Modeling. MMM 2017. Lecture Notes in Computer Science(), vol 10132. Springer, Cham. https://doi.org/10.1007/978-3-319-51811-4_44
Download citation
DOI: https://doi.org/10.1007/978-3-319-51811-4_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51810-7
Online ISBN: 978-3-319-51811-4
eBook Packages: Computer ScienceComputer Science (R0)