research-article

An Efficient User Verification System Using Angle-Based Mouse Movement Biometrics

Authors:

Haining WangAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 18, Issue 3

Article No.: 11, Pages 1 - 27

https://doi.org/10.1145/2893185

Published: 14 April 2016 Publication History

Abstract

Biometric authentication verifies a user based on its inherent, unique characteristics—who you are. In addition to physiological biometrics, behavioral biometrics has proven very useful in authenticating a user. Mouse dynamics, with their unique patterns of mouse movements, is one such behavioral biometric. In this article, we present a user verification system using mouse dynamics, which is transparent to users and can be naturally applied for continuous reauthentication. The key feature of our system lies in using much more fine-grained (point-by-point) angle-based metrics of mouse movements for user verification. These new metrics are relatively unique from person to person and independent of a computing platform. Moreover, we utilize support vector machines (SVMs) for quick and accurate classification. Our technique is robust across different operating platforms, and no specialized hardware is required. The efficacy of our approach is validated through a series of experiments, which are based on three sets of user mouse movement data collected in controllable environments and in the field. Our experimental results show that the proposed system can verify a user in an accurate and timely manner, with minor induced system overhead.

References

[1]

A. A. E. Ahmed and I. Traore. 2005. Anomaly intrusion detection based on biometrics. In Proceedings of the 2005 IEEE Workshop on Information Assurance.

[2]

A. A. E. Ahmed and I. Traore. 2007. A new biometric technology based on mouse dynamics. IEEE Transactions on Dependable and Secure Computing 4, 3 (2007), 165--179.

Digital Library

[3]

L. Ballard, F. Monrose, and D. Lopresi. 2006. Biometric authentication revisited: Understanding the impact of wolves in sheep’s clothing. In Proceedings of USENIX Security Symposium 2006.

Digital Library

[4]

R. Biddle, S. Chiasson, and P. C. van Oorschot. 2012. Graphical passwords: Learning from the first twelve years. ACM Computing Survey 44, 4 (2012).

Digital Library

[5]

T. Buch, A. Cotoranu, E. Jeskey, F. Tihon, and M. Villani. 2008. An enhanced keystroke biometric system and associated studies. In Proceedings of Student-Faculty Research Day, CSIS. Pace University, 2008.

[6]

C.-C. Chang and C.-J. Lin. 2001. LIBSVM: A Library for Support Vector Machines. Software available at http://www.csie.ntu.edu.tw/&sim;cjlin/libsvm.

[7]

S. Chiasson, A. Forget, E. Stobert, P. C. van Oorschot, and R. Biddle. 2009. Multiple password interference in text passwords and click-based graphical passwords. In Proceedings of ACM Conference on Computer and Communications Security (CCS’09).

Digital Library

[8]

S. Chiasson, P. C. Van Oorschot, and R. Biddle. 2007. Graphical password authentication using cued click-points. In Proceedings of 12th European Symposium On Research In Computer Security (ESORICS’07). Springer-Verlag.

Digital Library

[9]

S. Chiasson, P. C. van Oorschot, and R. Biddle. 2006. A usability study and critique of two password managers. In Proceedings of USENIX Security Symposium 2006.

Digital Library

[10]

H. Dillen, J. G. Phillips, and J. W. Meehan. 2005. Kinematic analysis of cursor trajectories controlled with a touchpad. International Journal of Human-Computer Interaction 19, 2 (2005), 223--239.

[11]

DTREG. 2011. SVM - Support Vector Machines. Retrieved from http://www.dtreg.com/svm.htm.

[12]

D. Florencio and C. Herley. 2007. A large scale study of web password habits. In Proceedings of 16th International World Wide Web Conference (WWW'07).

Digital Library

[13]

H. Gamboa and A. Fred. 2004. A behavioral biometric system based on human-computer interaction. In Society of Photo-Optical Instrumentation Engineers Conference Series (SPIE’04), Vol. 5404. 381--392.

[14]

P. Gupta, S. Ravi, A. Raghunathan, and N. K. Jha. 2005. Efficient fingerprint-based user authentication for embedded systems. In Proceedings of the 42nd Annual Design Automation Conference (DAC’05). 244--247.

Digital Library

[15]

ISO/IEC 19795-1 2006. Information technology -- Biometric performance testing and reporting -- Part 1: Principles and framework. (2006).

[16]

ISO/IEC 24741 2007. Information technology -- Biometrics tutorial. (2007).

[17]

T. Joachims. 1998. Text categorization with support vector machines: Learning with many relevant features. In Proceedings of European Conference on Machine Learning. 137--142.

Digital Library

[18]

Z. Jorgensen and T. Yu. 2011. On mouse dynamics as a behavioral biometric for authentication. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11). 476--482.

Digital Library

[19]

K. Killourhy and R. Maxion. 2010. Why did my detector do that? Predicting keystroke-dynamics error rates. In Proceedings of 13th International Symposium on Recent Advances in Intrusion Detection (RAID'10). 256--276.

Digital Library

[20]

U. Kukreja, W. E. Stevenson, and F. E. Ritter. 2006. RUI: Recording user input from interfaces under windows and mac os x. Behavior Research Methods 38, 4 (2006), 656--659.

[21]

I. S. MacKenzie. 1992. Fitts’ law as a research and design tool in human-computer interaction. Human-Computer Interaction 7 (1992), 91--139.

Digital Library

[22]

C. Mallauran, J.-L. Dugelay, F. Perronnin, and C. Garcia. 2005. Online face detection and user authentication. In Proceedings of the 13th Annual ACM International Conference on Multimedia (MM’05). 219--220.

Digital Library

[23]

F. Monrose, M. K. Reiter, and S. Wetzel. 1999. Password hardening based on keystroke dynamics. In Proceedings of ACM Conference on Computer and Communications Security (CCS’99). 73--82.

Digital Library

[24]

F. Monrose and A. D. Rubin. 1997. Authentication via keystroke dynamics. In Proceedings of ACM Conference on Computer and Communications Security (CCS’97). 48--56.

Digital Library

[25]

Y. Nakkabi, I. Traore, and A. A. E. Ahmed. 2010. Improving mouse dynamics biometric performance using variance reduction via extractors with separate features. IEEE Transactions on Systems, Man, and Cybernetics 40, 6 (2010), 1345--1353.

Digital Library

[26]

C. Papageorgiou, M. Oren, and T. Poggio. 1998. A general framework for object detection. In Proceedings of the International Conference on Computer Vision.

Digital Library

[27]

A. Peacok, X. Ke, and M. Wilkerson. 2004. Typing patterns: A key to user identification. IEEE Security and Privacy 2, 5 (2004), 40--47.

Digital Library

[28]

J. G. Phillips and T. J. Triggs. 2001. Characteristics of cursor trajectories controlled by the computer mouse. Ergonomics 44 (2001), 527--536.

[29]

M. Pusara and C. E. Brodley. 2004. User re-authentication via mouse movements. In Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 1--8.

Digital Library

[30]

B. Ross, C. Jackson, N. Miyake, D. Boneh, and J. C. Mitchell. 2005. Stronger password authentication using browser extensions. In Proceedings of USENIX Security Symposium 2005.

Digital Library

[31]

D. A. Schulz. 2006. Mouse curve biometrics. In Proceedings of IEEE Biometric Consortium Conference 2006. 1--6.

[32]

C. Shen, Z. Cai, and X. Guan. 2012. Continuous authentication for mouse dynamics: A pattern-growth approach. In Proceedings of the 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’12). 1--12.

Digital Library

[33]

C. Shen, Z. Cai, X. Guan, Y. Du, and R. A. Maxion. 2013. User authentication through mouse dynamics. IEEE Transactions on Information Forensics and Security 8, 1 (2013), 16--30.

Digital Library

[34]

E. Stobert, A. Forget, S. Chiasson, P. van Oorschot, and R. Biddle. 2010. Exploring usability effects of increasing security in click-based graphical passwords. In Proceedings of Annual Computer Security Applications Conference (ACSAC’10).

Digital Library

[35]

S. Tong. 2001. Support vector machine active learning for image retrieval. In Proceedings of the 9th ACM International Conference on Multimedia 2001.

Digital Library

[36]

V. Vapnik. 1998. Statistical Learning Theory. Wiley.

[37]

V. N. Vladimir. 1995. The Nature of Statistical Learning Theory. Springer, Berline Heidelberg, New York.

Digital Library

[38]

J. L. Wayman, A. K. Jain, D. Maltoni, and D. Maio. 2010. Biometric Systems: Technology, Design and Performance Evaluation. Springer Publishing Company.

Digital Library

[39]

Y. Zhang, F. Monrose, and M. K. Reiter. 2010. The security of modern password expiration: An algorithmic framework and empirical analysis. In Proceedings of ACM Conference on Computer and Communications Security (CCS’10).

Digital Library

[40]

N. Zheng, A. Paloski, and H. Wang. 2011. An efficient user verification system via mouse movements. In Proceedings of ACM Conference on Computer and Communications Security (CCS’11). 139--150.

Digital Library

Cited By

Zhang ZYin HRao SYan XWang ZLiang WZhao YShan YZhang RLin YJiang J(2025)Identifying E-Commerce Fraud Through User Behavior Data: Observations and InsightsData Science and Engineering10.1007/s41019-024-00275-610:1(24-39)Online publication date: 15-Jan-2025
https://doi.org/10.1007/s41019-024-00275-6
Davydenko SKostyuchenko ENovikov S(2024)Evaluation of the Informativeness of Features in Datasets for Continuous VerificationОценивание информативности признаков в наборах данных для проведения продлённой аутентификацииInformatics and AutomationИнформатика и автоматизация10.15622/ia.23.1.323:1(65-100)Online publication date: 11-Jan-2024
https://doi.org/10.15622/ia.23.1.3
Khan SDevlen CManno MHou D(2024)Mouse Dynamics Behavioral Biometrics: A SurveyACM Computing Surveys10.1145/364031156:6(1-33)Online publication date: 24-Jan-2024
https://dl.acm.org/doi/10.1145/3640311
Show More Cited By

Index Terms

An Efficient User Verification System Using Angle-Based Mouse Movement Biometrics
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

An efficient user verification system via mouse movements
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

Biometric authentication verifies a user based on its inherent, unique characteristics --- who you are. In addition to physiological biometrics, behavioral biometrics has proven very useful in authenticating a user. Mouse dynamics, with their unique ...
A User Authentication and Identification Model Based on Mouse Dynamics
ICIE '17: Proceedings of the 6th International Conference on Information Engineering

Most1 existing researches on identity authentication based on Mouse Dynamics require strictly restriction on experimental environment, and can only verify the legitimacy of the user without the ability to specifically recognize the identity of the ...
User authentication method based on keystroke dynamics and mouse dynamics using HDA
Abstract
Biometric authentication has advantages over traditional authentication based on passwords or pin number (PIN) in that it is based on the user's inherent characteristics which is not easily stolen or lost. Keystroke dynamics and mouse dynamics are ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security

ACM Transactions on Information and System Security Volume 18, Issue 3

April 2016

69 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/2891450

Editor:
David Basin
ETH Zurich, Switzerland

Issue’s Table of Contents

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2016

Accepted: 01 February 2016

Revised: 01 February 2016

Received: 01 April 2014

Published in TISSEC Volume 18, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

45
Total Citations
View Citations
671
Total Downloads

Downloads (Last 12 months)25
Downloads (Last 6 weeks)3

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang ZYin HRao SYan XWang ZLiang WZhao YShan YZhang RLin YJiang J(2025)Identifying E-Commerce Fraud Through User Behavior Data: Observations and InsightsData Science and Engineering10.1007/s41019-024-00275-610:1(24-39)Online publication date: 15-Jan-2025
https://doi.org/10.1007/s41019-024-00275-6
Davydenko SKostyuchenko ENovikov S(2024)Evaluation of the Informativeness of Features in Datasets for Continuous VerificationОценивание информативности признаков в наборах данных для проведения продлённой аутентификацииInformatics and AutomationИнформатика и автоматизация10.15622/ia.23.1.323:1(65-100)Online publication date: 11-Jan-2024
https://doi.org/10.15622/ia.23.1.3
Khan SDevlen CManno MHou D(2024)Mouse Dynamics Behavioral Biometrics: A SurveyACM Computing Surveys10.1145/364031156:6(1-33)Online publication date: 24-Jan-2024
https://dl.acm.org/doi/10.1145/3640311
Li JYi QLim MYi SZhu PHuang X(2024)MBBFAuth: Multimodal Behavioral Biometrics Fusion for Continuous Authentication on Non-Portable DevicesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.348036319(10000-10015)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3480363
Malashin ITynchenko VGantimurov ANeluyb VBorodulin A(2024)Detecting of Robotic Imitation of Human on-the-Website Activity With Advanced Vector Analysis and Fractional DerivativesIEEE Access10.1109/ACCESS.2024.339137712(56707-56718)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3391377
Zhang YYi QYi SZhang XLi J(2024)Trustworthy interaction model: continuous authentication using time–frequency joint analysis of mouse biometricsBehaviour & Information Technology10.1080/0144929X.2024.232193344:3(428-445)Online publication date: 8-Mar-2024
https://doi.org/10.1080/0144929X.2024.2321933
Portugal DFaria JBelk MMartins PConstantinides APietron APitsillides AAvouris NFidas C(2023)Continuous user identification in distance learning: a recent technology perspectiveSmart Learning Environments10.1186/s40561-023-00255-910:1Online publication date: 26-Jul-2023
https://doi.org/10.1186/s40561-023-00255-9
Weber TMourao Thiel RMayer S(2023)Supporting Software Developers Through a Gaze-Based Adaptive IDEProceedings of Mensch und Computer 202310.1145/3603555.3603571(267-276)Online publication date: 3-Sep-2023
https://dl.acm.org/doi/10.1145/3603555.3603571
Ganapathi IAli SPrakash SVu NWerghi N(2023)A Survey of 3D Ear Recognition TechniquesACM Computing Surveys10.1145/356088455:10(1-36)Online publication date: 2-Feb-2023
https://dl.acm.org/doi/10.1145/3560884
Xu DLu X(2023)Human-machine recognition based on mouse behavior modelingSecond International Symposium on Computer Applications and Information Systems (ISCAIS 2023)10.1117/12.2683564(58)Online publication date: 26-Jun-2023
https://doi.org/10.1117/12.2683564
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents