DeepAI AI Chat
Log In Sign Up

Behavioural Analytics: Beyond Risk-based MFA

01/08/2018
by   Roy Henha Eyono, et al.
0

This paper investigates how to effectively stop an attacker from using compromised user credentials to gain authorized entry to systems that they are otherwise not authorised to access. The proposed solution extends previous work to move beyond a risk-based multi-factor authentication system. It adds a behavioural analytics component that uses keystroke dynamics to grant or deny users access. Given the increasing number of compromised user credential stores, we make the assumption that criminals already know the user credentials. Hence, to test our solution, users were given authentic user credentials and asked to login to our proof-of-concept. Despite the fact that all illegitimate users in our test cases were given the correct user credentials for legitimate users, none of these were granted access by the system. This demonstrates zero- tolerance to false positives. The results demonstrate the uniqueness of keystroke dynamics and its use to prevent users with stolen credentials from accessing systems they are not authorized to access.

READ FULL TEXT
09/24/2019

On the Design and Analysis of a Biometric Authentication System using Keystroke Dynamics

This paper proposes a portable hardware token for user authentication, i...
05/26/2022

Machine and Deep Learning Applications to Mouse Dynamics for Continuous User Authentication

Static authentication methods, like passwords, grow increasingly weak wi...
11/10/2021

A Visual Analytics Framework for Distributed Data Analysis Systems

This paper proposes a visual analytics framework that addresses the comp...
04/21/2021

How to Identify and Authenticate Users in Massive Unsourced Random Access

Identification and authentication are two basic functionalities of tradi...
10/05/2018

Hands-Free One-Time and Continuous Authentication Using Glass Wearable Devices

Users with limited use of their hands, such as people suffering from dis...
05/15/2020

BaseSAFE: Baseband SAnitized Fuzzing through Emulation

Rogue base stations are an effective attack vector. Cellular basebands r...