Awad E. Ahmed

A New Biometric Technology Based on Mouse Dynamics

In this paper, we introduce a new form of behavioral biometrics based on mouse dynamics, which can be used in different security applications. We develop a technique that can be used to model the behavioral characteristics from the captured data using artificial neural networks. In addition, we present an architecture and implementation for the detector, which cover all the phases of the biometric data flow including the detection process. Experimental data illustrating the experiments conducted to evaluate the accuracy of the proposed detection technique are presented and analyzed. Specifically, three series of experiments are conducted. The main experiment, in which 22 participants are involved, reproduces real operating conditions in computing systems by giving participants an individual choice of operating environments and applications; 284 hours of raw mouse data are collected over 998 sessions, with an average of 45 sessions per user. The two other experiments, involving seven participants, provided a basis for studying the confounding factors arising from the main experiment by fixing the environment variables. In the main experiment, the performance results presented using receiver operating characteristic (ROC) curves and a confusion matrix yield at the crossover point (that is, the threshold set for an equal error rate) a false acceptance rate (FAR) of 2.4649 percent and a false rejection rate (FRR) of 2.4614 percent.

Improving Mouse Dynamics Biometric Performance Using Variance Reduction via Extractors With Separate Features

The European standard for access control imposes stringent performance requirements on commercial biometric technologies that few existing recognition systems are able to meet. In this correspondence paper, we present the first mouse dynamics biometric recognition system that fulfills this standard. The proposed system achieves notable performance improvement by developing separate models for separate feature groups involved. The improvements are achieved through the use of a fuzzy classification based on the Learning Algorithm for Multivariate Data Analysis and using a score-level fusion scheme to merge corresponding biometric scores. Evaluation of the proposed framework using mouse data from 48 users achieves a false acceptance rate of 0% and a false rejection rate of 0.36%.

Biometric Recognition Based on Free-Text Keystroke Dynamics

Accurate recognition of free text keystroke dynamics is challenging due to the unstructured and sparse nature of the data and its underlying variability. As a result, most of the approaches published in the literature on free text recognition, except for one recent one, have reported extremely high error rates. In this paper, we present a new approach for the free text analysis of keystrokes that combines monograph and digraph analysis, and uses a neural network to predict missing digraphs based on the relation between the monitored keystrokes. Our proposed approach achieves an accuracy level comparable to the best results obtained through related techniques in the literature, while achieving a far lower processing time. Experimental evaluation involving 53 users in a heterogeneous environment yields a false acceptance ratio (FAR) of 0.0152% and a false rejection ratio (FRR) of 4.82%, at an equal error rate (EER) of 2.46%. Our follow-up experiment, in a homogeneous environment with 17 users, yields FAR=0% and FRR=5.01%, at EER=2.13%.

INVERSE BIOMETRICS FOR MOUSE DYNAMICS

Various techniques have been proposed in different literature to analyze biometric samples collected from individuals. However, not a lot of attention has been paid to the inverse problem, which consists of synthesizing artificial biometric samples that can be used for testing existing biometric systems or protecting them against forgeries. In this paper, we present a framework for mouse dynamics biometrics synthesis. Mouse dynamics biometric is a behavioral biometric technology, which allows user recognition based on the actions received from the mouse input device while interacting with a graphical user interface. The proposed inverse biometric model learns from random raw samples collected from real users and then creates synthetic mouse actions for fake users. The generated mouse actions have unique behavioral properties separate from the real mouse actions. This is shown through various comparisons of behavioral metrics as well as a Kolmogorov–Smirnov test. We also show through a two-fold cross-validation test that by submitting sample synthetic data to an existing mouse biometrics analysis model we achieve comparable performance results as when the model is applied to real mouse data.

Dynamic sample size detection in continuous authentication using sequential sampling

Continuous Authentication (CA) departs from the traditional static authentication scheme by requiring the authentication process to occur multiple times throughout the entire logon session. One of the main objectives of the CA process is to detect session hijacking. An important requirement about designing or operating a CA system is the need to achieve the quickest detection while maintaining rates of missed and false detections to predetermined levels. We introduce in this paper a new approach for detection based on the sequential sampling theory that allows balancing appropriately between detection promptness and accuracy in CA systems. We study and illustrate the proposed approach using an existing mouse dynamics biometrics recognition model and corresponding sample experimental data.

Dynamic Sample Size Detection in Learning Command Line Sequence for Continuous Authentication

Continuous authentication (CA) consists of authenticating the user repetitively throughout a session with the goal of detecting and protecting against session hijacking attacks. While the accuracy of the detector is central to the success of CA, the detection delay or length of an individual authentication period is important as well since it is a measure of the window of vulnerability of the system. However, high accuracy and small detection delay are conflicting requirements that need to be balanced for optimum detection. In this paper, we propose the use of sequential sampling technique to achieve optimum detection by trading off adequately between detection delay and accuracy in the CA process. We illustrate our approach through CA based on user command line sequence and naïve Bayes classification scheme. Experimental evaluation using the Greenberg data set yields encouraging results consisting of a false acceptance rate (FAR) of 11.78% and a false rejection rate (FRR) of 1.33%, with an average command sequence length (i.e., detection delay) of 37 commands. When using the Schonlau (SEA) data set, we obtain FAR = 4.28% and FRR = 12%.

Software Performance Modeling using the UML: a Case Study

The performance analysis of distributed software systems is a challenging task in which the assessment of performance measures is a vital step. Due to its versatility, the concept of software performance engineering (SPE) has been advocated as a promising solution towards realizing that step. This paper illustrates how by using our recently proposed Model-Driven SPE (MDSPE) approach, one can design annotated UML performance models for the performance analysis of distributed software systems, based on the UML profile for Schedulability, Performance and Time. An outline of system performance models and metrics is provided and a case study of a business system is used to validate the stated goal.

A Framework for Bottleneck Analysis in High-Performance Software Design

The design of complex software systems is a challenging task because it involves a wide range of quality attributes such as security, performance, reliability, to name a few. Dealing with each of these attributes requires specific set of skills, which quite often, involves making various trade-offs. This paper proposes a Model-Driven Software Performance Engineering (MDSPE) process that integrates performance requirements analysis with traditional software architecture design activities. One of the most important aspects of software performance engineering is bottleneck identification and removal. We propose in this paper a new framework for performance bottleneck analysis and removal based on a simple tabular notation. A case study is presented to illustrate how the proposed framework can comply with well-known performance models to assess the performance measures and make appropriate design decisions.