Abstract
Trusted interaction mechanism is very crucial to ensure the online security, but almost all studies of authentication using behavioral biometrics are based on controlled experiment. In order to generalize the authentication, data were continuously gathered from websites. The experimental system, which was designed as websites, can be regarded as an uncontrolled experiment. Eight users used the websites for more than three months. No specific tasks were asked to be finished, so the users could use the websites as their will. The system gathered users’ mouse data automatically, and based on that, mouse behavior models were built. Only left click and movement sequence of mouse events are considered, but error rates are lower than 3.36% in terms of left click and 4.21% in terms of the movement sequence. The results of a case study show that the authentication accuracy using users’ mouse behavior in uncontrolled surroundings is quite high. This research has verified a rapid and general approach to authentic user behavior on the network environment.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Multi factor user authentication on multiple devices (2017). https://patents.google.com/patent/US20180097806A1/en. Accessed 26 Apr 2018
Joyce, R., Gupta, G.: Identity authentication based on keystroke latencies. Commun. ACM 33(2), 168–176 (1990)
Monrose, F., Rubin, A.D.: Keystroke dynamics as a biometric for authentication. Future Gener. Comput Syst. 16(4), 351–359 (2000)
Ahmed, A.A.E., Traore, I.: A new biometric technology based on mouse dynamics. IEEE Trans. Dependable Secur. Comput. 4(3), 165–179 (2007)
Muthumari, G., Shenbagaraj, R., Pepsi, M.B.B.: Mouse gesture based authentication using machine learning algorithm. In: 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies, pp. 492–496 (2014)
Zheng, N., Paloski, A., Wang, H.: An efficient user verification system via mouse movements. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 139–150. ACM, New York (2011). http://doi.acm.org/10.1145/2046707.2046725. Accessed 25 Aug 2017
Gamboa, H., Fred, A.: A behavioral biometric system based on human-computer interaction, pp. 381–392 (2004). http://adsabs.harvard.edu/abs/2004SPIE.5404..381G. Accessed 25 Aug 2017
Mondal, S., Bours, P.: Combining keystroke and mouse dynamics for continuous user authentication and identification. In: 2016 IEEE International Conference on Identity, Security and Behavior Analysis, ISBA, pp. 1–8 (2016)
Park, J., Han, S.H., Kim, H.K., Moon, H., Park, J.: Developing and verifying a questionnaire for evaluating user value of a mobile device. Hum. Factors Ergon. Manuf. Serv. Ind. 25(6), 724–739 (2015)
Gaines, R.S., Lisowski, W., Press, S.J., Shapiro, N.: Authentication by keystroke timing: some preliminary results. Report No. RAND-R-2526-NSF. Rand Corp Santa Monica CA, May 1980. http://www.dtic.mil/docs/citations/ADA484022. Accessed 25 Aug 2017
Brown, M., Rogers, S.J.: User identification via keystroke characteristics of typed names using neural networks. Int. J. Man-Mach. Stud. 39(6), 999–1014 (1993)
Haider, S., Abbas, A., Zaidi, A.K.: A multi-technique approach for user identification through keystroke dynamics. In: 2000 IEEE International Conference on Systems, Man, and Cybernetics, vol. 2, pp. 1336–1341 (2000)
Han, S.J., Kim, S.-U.: Placement of a touchpad and click-buttons to relieve arm fatigue and discomfort in a laptop PC. Hum. Factors Ergon. Manuf. Serv. Ind. 27(3), 131–137 (2017)
Monrose, F., Rubin, A.: Authentication via keystroke dynamics. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, CCS 1997, pp. 48–56. ACM, New York (1997). http://doi.acm.org/10.1145/266420.266434. Accessed 25 Aug 2017
Pusara, M.: An examination of user behavior for user re-authentication (2007). https://search.proquest.com/openview/1bd296a5f59df64c30768646f674eeab/1?pq-origsite=gscholar&cbl=18750&diss=y. Accessed 25 Aug 2017
Bergadano, F., Gunetti, D., Picardi, C.: User authentication through keystroke dynamics. ACM Trans. Inf. Syst. Secur. 5(4), 367–397 (2002)
Pusara, M., Brodley, C.E.: User re-authentication via mouse movements. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, VizSEC/DMSEC 2004, pp. 1–8. ACM, New York (2004). http://doi.acm.org/10.1145/1029208.1029210. Accessed 26 Apr 2018
Everitt, R.A.J., McOwan, P.W.: Java-based internet biometric authentication system. IEEE Trans. Pattern Anal. Mach. Intell. 25(9), 1166–1172 (2003)
Shen, C., Cai, Z., Guan, X., Du, Y., Maxion, R.A.: User authentication through mouse dynamics. IEEE Trans. Inf. Foren. Secur. 8(1), 16–30 (2013)
Ahmed, A.A.E., Traore, I.: Anomaly intrusion detection based on biometrics. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 452–453 (2005)
Bailey, K.O., Okolica, J.S., Peterson, G.L.: User identification and authentication using multi-modal behavioral biometrics. Comput. Secur. 43, 77–89 (2014)
Acknowledgment
This work was supported by Fundamental Research Funds for the Central Universities NO. 106112016CDJXY110003, 2016.1-2017.12 and the National Natural Science Foundation of China under Grant No. 71671020.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Mo, F., Xiong, S., Yi, S., Yi, Q., Zhang, A. (2018). Authentication Using Users’ Mouse Behavior in Uncontrolled Surroundings. In: Li, K., Fei, M., Du, D., Yang, Z., Yang, D. (eds) Intelligent Computing and Internet of Things. ICSEE IMIOT 2018 2018. Communications in Computer and Information Science, vol 924. Springer, Singapore. https://doi.org/10.1007/978-981-13-2384-3_12
Download citation
DOI: https://doi.org/10.1007/978-981-13-2384-3_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-2383-6
Online ISBN: 978-981-13-2384-3
eBook Packages: Computer ScienceComputer Science (R0)