Abstract
Exploring novel security layers in academia and industry is always a concern due to the types of malware developing currently. Adding a widely applicable security layer into existing ones in terms of verification can be achieved by profiling users by their behaviors. A great candidate may be mouse dynamics. The nature of behavioral biometry based on mouse dynamics contains less sensitive data and still can perform well enough. We present a verification model based on assigning legality scores to individual mouse actions and aggregate these scores to assign a legality probability to the whole session while investigating frequency domain features of movement sequences. How the combinational schemes can improve the performance of the overall system is also investigated. The publicly known Balabit Dataset which contains 10 users’ training and test sessions is used for evaluation. The classifiers are trained with only training sessions and evaluated on test sessions. After extensive several experiments, equal error rate with a value of 7.46% and area under the receiver operating characteristic curve with a value of 96.47% are achieved.
Similar content being viewed by others
Availability of data and material
Extended Balabit Mouse Dynamics Challenge Dataset is available on https://github.com/metegenez/Mouse-Dynamics-Challenge.
References
Ahmed, A.A.E., Traore, I.: A new biometric technology based on mouse dynamics. IEEE Trans. Dependable Secur. Comput. 4(3), 165–179 (2007)
Antal, M., Egyed-Zsigmond, E.: Intrusion detection using mouse dynamics. IET Biom. 8, 285–294 (2019)
Chen, T., Guestrin, C.: Xgboost: A scalable tree boosting system. In: Proceedings of the 22nd ACM Sigkdd International Conference on Knowledge Discovery and Data Mining, pp. 785–794. ACM (2016)
Chong, P., Tan, Y.X.M., Guarnizo, J., Elovici, Y., Binder A.: Mouse authentication without the temporal aspect—What does a 2d-CNN learn? In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 15–21. IEEE (2018)
Chong, P., Elovici, Y., Binder, A.: User authentication based on mouse dynamics using deep neural networks: a comprehensive study. IEEE Trans. Inf. Forensics Secur. 15, 1086–1101 (2019)
Feher, C., Elovici, Y., Moskovitch, R., Rokach, L., Schclar, A.: User identity verification via mouse dynamics. Inf. Sci. 201, 19–36 (2012)
Friedman, J.H.: Stochastic gradient boosting. Comput. Stat. Data Anal. 38(4), 367–378 (2002)
Fülöp, Á., Kovács, L., Kurics, T., Windhager-Pokol, E.: Balabit mouse dynamics challenge data set (2016). Accessed on May (2017)
Gamboa, H., Fred, A.: A behavioral biometric system based on human–computer interaction. In: Biometric Technology for Human Identification, International Society for Optics and Photonics, vol. 5404, pp. 381–393 (2004)
Hinbarji, Z., Albatal, R., Gurrin, C.: Dynamic user authentication based on mouse movements curves. In: International Conference on Multimedia Modeling, pp. 111–122. Springer (2015)
Jorgensen, Z., Yu, T.: On mouse dynamics as a behavioral biometric for authentication. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 476–482 (2011)
Lomb, N.R.: Least-squares frequency analysis of unequally spaced data. Astrophys. Space Sci. 39(2), 447–462 (1976)
Press, W.H., Rybicki, G.B.: Fast algorithm for spectral analysis of unevenly sampled data. Astrophys. J. 338, 277–280 (1989)
Satopää, V., Ungar, L.: Combining and extremizing real-valued forecasts (2015). arXiv preprint arXiv:1506.06405
Scargle, J.D.: Studies in astronomical time series analysis. II-Statistical aspects of spectral analysis of unevenly spaced data. Astrophys. J. 263, 835–853 (1982)
VanderPlas, J.T., Ivezic, Ž.: Periodograms for multiband astronomical time series. Astrophys. J. 812(1), 18 (2015)
Wainer, J.: Comparison of 14 different families of classification algorithms on 115 binary datasets (2016). arXiv preprint arXiv:1606.00930
Zheng, N., Paloski, A., Wang, H.: An efficient user verification system via mouse movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 139–150 (2011)
Zheng, N., Paloski, A., Wang, H.: An efficient user verification system using angle-based mouse movement biometrics. ACM Trans. Inf. Syst. Secur. (TISSEC) 18(3), 1–27 (2016)
Funding
This work is supported by the Scientific and Technological Research Council of Turkey (TUBITAK), under Cloud-Based Privileged Access Management System Project, Project No. 117R030.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
Author Metehan Yildirim declares that she has no conflict of interest. Author Emin Anarim declares that he has no conflict of interest.
Ethical approval
This article does not contain any studies with human participants performed by any of the authors.
Code availability
The scripts for this paper are available on https://github.com/metegenez.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Yildirim, M., Anarim, E. Mitigating insider threat by profiling users based on mouse usage pattern: ensemble learning and frequency domain analysis. Int. J. Inf. Secur. 21, 239–251 (2022). https://doi.org/10.1007/s10207-021-00544-9
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-021-00544-9