Henrique Santos

A Survey of User Authentication Based on Mouse Dynamics

This work surveys biometric based authentication systems that deploy mouse movements. Typically, timing and movement direction, along with clicking actions are used to build a profile of a user, which is then used for authentication purposes. Most system relies on a continuous monitoring process, or require the user to interact with a program (such as a game) in order to derive sufficient statistical information regarding their mouse dynamics. In this work, a novel graphical authentication system dubbed Mouse-lock is presented. This system deploys the analogy of a safe, and the password is entered via the mouse in a graphical equivalent of combination lock. The question is whether this approach elicits sufficient discriminatory information from a relatively minimalist degree of interaction from the user. The preliminary results from a study with six subjects indicates, based on FAR/FRR values, that this is a viable approach.

Modeling industrial embedded systems with UML

The main purpose of this paper is to present how the Unified Modeling Language (UML) can be used for modeling industrial embedded systems. By using a car radios production line as a running example, the paper demonstrates the modeling process that can be followed during the analysis phase of complex control applications. In order to guarantee the continuity mapping of the models, the authors propose some guidelines to transform the use case diagrams into a single object diagram, which is one of the main diagrams for the next development phases.

Password secured sites - stepping forward with keystroke dynamics

Computer authentication is a critical component of most computer systems -especially those used in e-commerce activities over the Internet. Global access to information makes security, namely the authentication process, a critical design issue in these systems. In what concerns to authentication, what is required is a reliable, hardware independent and efficient security system. In this paper, we propose an extension to a keystroke dynamics based security system. We provide evidence that completely software based systems can be as effective as expensive and cumbersome hardware based systems. Our system is a behavioral based system that captures the normal typing patterns of a user and uses that information, in addition to standard login/password security to provide a system that is user friendly and very effective at detecting imposters. The results provide a means of dealing with enhanced security that is growing in demand in Web based applications based on e-commerce.

A machine learning approach to keystroke dynamics based user authentication

The majority of computer systems employ a login ID and password as the principal method for access security. In stand-alone situations, this level of security may be adequate, but when computers are connected to the internet, the vulnerability to a security breach is increased. In order to reduce vulnerability to attack, biometric solutions have been employed. In this paper, we investigate the use of a behavioural biometric based on keystroke dynamics. Although there are several implementations of keystroke dynamics available, their effectiveness is variable and dependent on the data sample and its acquisition methodology. The results from this study indicate that the Equal Error Rate (EER) is significantly influenced by the attribute selection process and to a lesser extent on the authentication algorithm employed. Our results also provide evidence that a Probabilistic Neural Network (PNN) can be superior in terms of reduced training time and classification accuracy when compared with a typical MLFN back-propagation trained neural network.

Automatic visual detection of human behavior

We review the topic of automatic detection of human behaviors from video.We survey 193 papers using six major scientific publishers from 2000 to 2014.Papers were classified into three subjects: techniques, datasets and applications.We provide a roadmap to guide future research in this area. Due to advances in information technology (e.g., digital video cameras, ubiquitous sensors), the automatic detection of human behaviors from video is a very recent research topic. In this paper, we perform a systematic and recent literature review on this topic, from 2000 to 2014, covering a selection of 193 papers that were searched from six major scientific publishers. The selected papers were classified into three main subjects: detection techniques, datasets and applications. The detection techniques were divided into four categories (initialization, tracking, pose estimation and recognition). The list of datasets includes eight examples (e.g., Hollywood action). Finally, several application areas were identified, including human detection, abnormal activity detection, action recognition, player modeling and pedestrian detection. Our analysis provides a road map to guide future research for designing automatic visual human behavior detection systems.

Data Mining a Keystroke Dynamics Based Biometrics Database Using Rough Sets

Software based biometrics, utilising keystroke dynamics has been proposed as a cost effective means of enhancing computer access security. Keystroke dynamics has been successfully employed as a means of identifying legitimate/illegitimate login attempts based on the typing style of the login entry. In this paper, we collected keystroke dynamics data in the form of digraphs from a series of users entering a specific login ID. We wished to determine if there were any particular patterns in the typing styles that would indicate whether a login attempt was legitimate or not using rough sets. Our analysis produced a sensitivity of 96%, specificity of 93% and an overall accuracy of 95%. The results of this study indicate that typing speed and the first few and the last few characters of the login ID were the most important indicators of whether the login attempt was legitimate or not

On the use of rough sets for user authentication via keystroke dynamics

Keystroke dynamics is a behavioral biometric that is based on how a user enters their login details. In this study, a set of eight attributes were extracted during the course of entering login details. This collection of attributes was used to form a reference signature (a biometrics identification record) for subsequent authentication requests. The algorithm for the authentication step entails transforming the attributes into a discretised form based on the amino acid alphabet. A set of bioinformatics based algorithms are then used to perform the actual authentication test. In addition, the use of rough sets was employed in this study to determine if subsets of attributes were more important in the classification (authentication) than others. Lastly, the results of this study indicate that the error rate is less than 1% in the majority of the cases.

An Evolutionary Approach to the Use of Petri Net Based Models

The main purpose of this article is to present how Petri Nets (PNs) have been used for hardware design at our research laboratory. We describe the use of PN models to specify synchronous parallel controllers and how PN specifications can be extended to include the behavioural description of the data path, by using object-oriented concepts. Some hierarchical mechanisms which deal with the specification of complex digital systems are highlighted. It is described a design flow that includes, among others, the automatic generation of VHDL code to synthesize the control unit of the system. The use of PNs as part of a multiple-view model within an object-oriented methodology for hardware/software codesign is debated. The EDgAR-2 platform is considered as the reconfigurable target architecture for implementing the systems and its main characteristics are shown.

Enhancing login security through the use of keystroke input dynamics

Security is a critical component of most computer systems – especially those used in E-commerce activities over the Internet. Global access to information makes security a critical design issue in these systems. Deployment of sophisticated hardware based authentication systems is prohibitive in all but the most sensitive installations. What is required is a reliable, hardware independent and efficient security system. In this paper, we propose an extension to a keystroke dynamics based security system. We provide evidence that completely software based systems based on keystroke input dynamics can be as effective as expensive and cumbersome hardware based systems. Our system is behavioral based that captures the typing patterns of a user and uses that information, in addition to standard login/password security to provide a system that is user-friendly and very effective at detecting imposters.

Monitoring Organizational Transactions in Enterprise Information Systems with Continuous Assurance Requirements

This work focuses on issues typically encountered in organizations whose core business largely depends on ICT: continuous monitoring, continuous auditing, controlling and assessment of transactions risk. Organizations have been making efforts to implement methods and systems which enable them to increase reliability of their business and, simultaneously, to be in accordance with their organizational objectives and compliant with external regulations. Thus, this work presents and validates an innovative solution to implement Continuous Assurance services in information systems applicable to any organizational transaction, regardless of its type, dimension, business area or even its information system support technology. This last objective is pursued having as support an ontological model at an abstraction level that guarantees that independence. This research culminated with the development of a prototype and consequent results analysis, using data collected from the near-real implementation, allowing us to ensure the feasibility and the effective use of the proposal.