新的基于鼠标行为的持续身份认证方法

doi:10.11959/j.issn.2096-109x.2022067

网络与信息安全学报 ›› 2022, Vol. 8 ›› Issue (5): 179-188.doi: 10.11959/j.issn.2096-109x.2022067

• 学术论文 • 上一篇

新的基于鼠标行为的持续身份认证方法

易聪¹^,², 胡军¹^,²

¹ 计算智能重庆市重点实验室（重庆邮电大学），重庆 400065
² 重庆邮电大学计算机科学与技术学院，重庆 400065

修回日期:2022-06-22 出版日期:2022-10-15 发布日期:2022-10-01
作者简介:易聪（1995- ），男，四川达州人，重庆邮电大学研究生，主要研究方向为智能信息处理和数据挖掘
胡军（1977- ），男，湖北监利人，重庆邮电大学教授、博士生导师，主要研究方向为粒计算、粗糙集、智能信息处理和数据挖掘
基金资助:
国家自然科学基金(61936001);国家自然科学基金(61876201);国家自然科学基金(61876027);重庆市教委重点合作项目(HZ2021008);重庆市自然科学基金(cstc2019jcyj-cxttX0002);重庆市自然科学基金(cstc2021ycjh-bgzxm0013)

Novel continuous identity authentication method based on mouse behavior

Cong YI¹^,², Jun HU¹^,²

¹ Chongqing Key Laboratory of Computational Intelligence(Chongqing University of Posts and Telecommunications), Chongqing 400065, China
² College of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing 400065, China

Revised:2022-06-22 Online:2022-10-15 Published:2022-10-01
Supported by:
The National Natural Science Foundation of China(61936001);The National Natural Science Foundation of China(61876201);The National Natural Science Foundation of China(61876027);The Key Cooperation Project of Chongqing Municipal Education Commission(HZ2021008);The National Natural Science Foundation of Chongqing(cstc2019jcyj-cxttX0002);The National Natural Science Foundation of Chongqing(cstc2021ycjh-bgzxm0013)

摘要/Abstract

摘要：

随着互联网技术的快速发展，安全问题一直是人们关注的焦点。基于鼠标行为的持续身份认证对于保护计算机系统的安全起着至关重要的作用。针对鼠标行为认证方法存在的认证准确率较低和认证时间较长的问题，提出了一种新的基于鼠标行为的持续身份认证方法。该方法将用户的鼠标事件序列按不同的类型划分为相应的鼠标行为，并基于鼠标行为从多方面挖掘鼠标行为特征，对于时间和空间的特征值需要计算其统计值来唯一表示，从而更好地表示不同用户的鼠标行为差异，提高认证准确率。通过 ReliefF 算法得到鼠标行为特征的重要度，并在此基础上结合邻域粗糙集去除鼠标行为的无关或冗余特征，以达到降低模型复杂度和建模时间的目的，并采用二分类算法进行认证模型的训练。在身份认证时会根据每次收集的鼠标行为使用认证模型得到分类得分，再结合信任模型更新用户的信任值，当用户的信任值降低到信任模型阈值以下时，就会被判断为非法用户。在Balabit和DFL数据集上对所提方法的身份认证效果进行仿真实验，结果表明，该方法相较于其他文献的方法，不仅可以提高身份认证准确率、降低身份认证时间，而且对于外部用户的非法入侵具有一定的鲁棒性。

关键词: 身份认证, 鼠标行为, 邻域粗糙集, 特征选择, 信任模型

Abstract:

With the rapid development of Internet technologies, security issues have always been the hot topics.Continuous identity authentication based on mouse behavior plays a crucial role in protecting computer systems, but there are still some problems to be solved.Aiming at the problems of low authentication accuracy and long authentication latency in mouse behavior authentication method, a new continuous identity authentication method based on mouse behavior was proposed.The method divided the user’s mouse event sequence into corresponding mouse behaviors according to different types, and mined mouse behavior characteristics from various aspects based on mouse behaviors.Thereby, the differences in mouse behavior of different users can be better represented, and the authentication accuracy can be improved.Besides, the importance of mouse behavior features was obtained by the ReliefF algorithm, and on this basis, the irrelevant or redundant features of mouse behavior were removed by combining the neighborhood rough set to reduce model complexity and modeling time.Moreover binary classification was adopted.The algorithm performed the training of the authentication model.During identity authentication, the authentication model was used to obtain a classification score based on the mouse behavior collected each time, and then the user’s trust value was updated in combination with the trust model.When the user’s trust value fell below the threshold of the trust model, it might be judged as illegal user.The authentication effect of the proposed method was simulated on the Balabit and DFL datasets.The results show that, compared with the methods in other literatures, this method not only improves the authentication accuracy and reduces the authentication latency, but also has a certain robustness to the illegal intrusion of external users.

Key words: identity authentication, mouse behavior, neighborhood rough set, feature selection, trust model

中图分类号:

TP309

易聪, 胡军. 新的基于鼠标行为的持续身份认证方法[J]. 网络与信息安全学报, 2022, 8(5): 179-188.

Cong YI, Jun HU. Novel continuous identity authentication method based on mouse behavior[J]. Chinese Journal of Network and Information Security, 2022, 8(5): 179-188.

图/表 13

图1

表1

图2

图3

图4

表2

图5

图6

图7

图8

表3

表4

表5

参考文献 21

[1]	荆继武 . 网络可信身份管理的现状与趋势[J]. 信息安全研究, 2016,2(7): 666-668.
	JING J W . The development status and tendency of internet trusted identity management[J]. Journal of Information Security Research, 2016,2(7): 666-668.
[2]	JOSHI V B , RAVAL M S . Adaptive threshold for fingerprint recognition system based on threat level and system load[J]. Procedia Computer Science, 2020,171: 498-507.
[3]	LIU Q , JIANG B , ZHANG J L ,et al. Semi-supervised uncorrelated dictionary learning for colour face recognition[J]. IET Computer Vision, 2020,14(3): 92-100.
[4]	KUMAR M R , ARTHI K . An effective non-cooperative iris recognition system using hierarchical collaborative representation-based classification[J]. The Journal of Supercomputing, 2020,76(1): 1-14.
[5]	AHMED A A E , TRAORE I . Biometric recognition based on free-text keystroke dynamics[J]. IEEE Transactions on Cybernetics, 2014,44(4): 458-472.
[6]	CHANG T Y , TSAI C J , YEH J Y ,et al. New soft biometrics for limited resource in keystroke dynamics authentication[J]. Multimedia Tools and Applications, 2020,79(31-32): 23295-23324.
[7]	AHMED A A E , TRAORE I . Detecting computer intrusions using behavioral biometrics[C]// 3rd Annual Conference on Privacy,Security and Trust. 2005: 91-98.
[8]	AHMED A A E , TRAORE I . A new biometric technology based on mouse dynamics[J]. IEEE Transactions on Dependable ＆ Secure Computing, 2007,4(3): 165-179.
[9]	ZHENG N , PALOSKI A , WANG H . An efficient user verification system via mouse movements[C]// Proceedings of the 18th ACM Conference on Computer and Communications Security. 2011: 139-150.
[10]	ZHENG N , PALOSKI A , WANG H . An efficient user verification system using angle-based mouse movement biometrics[J]. ACM Transactions on Information and System Security, 2016,18(3): 1-27.
[11]	徐剑, 李明洁, 周福才 ,等. 基于用户鼠标行为的身份认证方法[J]. 计算机科学, 2016,43(2): 148-154.
	XU J , LI M J , ZHOU F C ,et al. Identity authentication method based on user’s mouse behavior[J]. Computer Science, 2016,43(2): 148-154.
[12]	YILDIRIM M , ANARIM E . Session-based user authentication via mouse dynamics[C]// 27th Signal Processing and Communications Applications Conference. 2019: 1-4.
[13]	田杰, 宋礼鹏 . 基于鼠标及窗口行为的持续身份认证研究[J]. 中北大学学报(自然科学版), 2020,41(6): 511-519,526.
	TIAN J , SONG L P . Research on continuous identity authentication based on mouse and window behavior[J]. Journal of North China University(Nature Science Edtion), 2020,41(6): 511-519,526.
[14]	CHONG P , TAN Y X M , GUARNIZO J ,et al. Mouse authentication without the temporal aspect-what does a 2D-CNN learn[C]// IEEE Security and Privacy Workshops (SPW). 2018: 15-21.
[15]	沈超, 蔡忠闽, 管晓宏 ,等. 基于鼠标行为特征的用户身份认证与监控[J]. 通信学报, 2010,31(7): 68-75.
	SHEN C , CAI Z M , GUAN X H ,et al. User authentication and monitoring based on mouse behavioral features[J]. Journal on Communications, 2010,31(7): 68-75.
[16]	KONONENKO I , . Estimating attributes:analysis and extensions of relief[C]// European Conference on Machine Learning. 1994: 171-182.
[17]	LADHA L , DEEPA T . Feature selection methods and algorithms[J]. International Journal of Advanced Trends in Computer Science and Engineering, 2011,3(5): 1787-1797.
[18]	奖志军, 易华蓉 . 一种基于图像金字塔光流的特征跟踪方法[J]. 武汉大学学报(信息科学版), 2007,32(8): 680-683.
	JANG Z J , YI H R . A feature tracking method based on image pyramid optical flow[J]. Journal of Wuhan University(Information Science Edition), 2007,32(8): 680-683.
[19]	ANTAL M , EGYED-ZSIGMOND E , . Intrusion detection using mouse dynamics[J]. IET Biometrics, 2019,8(5): 285-294.
[20]	ALMALKI S , CHATTERJEE P , ROY K . Continuous authentication using mouse clickstream data analysis[C]// International Conference on Security,Privacy and Anonymity in Computation,Communication and Storage. 2019: 76-85.
[21]	YILDIRIM M , ANARIM E . Novel feature extraction methods for authentication via mouse dynamics with semi-supervised learning[C]// Innovations in Intelligent Systems and Applications Conference (ASYU). 2019: 1-6.

特征	描述	数量
横坐标	横坐标的最小值、最大值、标准差、平均值、偏度、峰度	6
纵坐标	纵坐标的最小值、最大值、标准差、平均值、偏度、峰度	6
速度	切线，水平，竖直方向速度的最小值、最大值、标准差、平均值、偏度、峰度	18
加速度	加速度的最小值、最大值、标准差、平均值、偏度、峰度	6
加加速度	加加速度的最小值、最大值、标准差、平均值、偏度、峰度	6
角度	角度的最小值、最大值、标准差、平均值、偏度、峰度、和	7
角速度	角速度的最小值、最大值、标准差、平均值、偏度、峰度	6
曲率及曲率变化率	曲率及曲率变化率的最小值、最大值、标准差、平均值、偏度、峰度	12
时间间隔，停顿次数，停顿时间，停顿时间比例，鼠标事件数量，关键点数，点击鼠标时间	各1个	7
轨迹长度，直线距离，最大偏离，平直度，鼠标行为类型，方向	各1个	6
总计		80

特征选择算法	特征维数	准确率
无	80	99.02%
ReliefF-NRS	37	98.96%
ReliefF	46	96.54%
NRS	39	97.78%

实验方法	ANIA
文献[21]	9.96
文献[22]	8.94
文献[23]	8.62
Method1	9.69
Method2	9.03
Method3	7.83

实验方法	ANIA
文献[21]	11.21
文献[22]	8.13
文献[23]	8.02
Method1	7.83
Method2	7.43
Method3	6.55

用户	准确率
2	95.09%
4	95.97%
5	97.67%
6	94.11%
7	97.26%

新的基于鼠标行为的持续身份认证方法

Novel continuous identity authentication method based on mouse behavior

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 13

参考文献 21

相关文章 15

Metrics

推荐阅读 0

[1]	朱春陶, 尹承禧, 张博林, 殷琪林, 卢伟. 基于多域时序特征挖掘的伪造人脸检测方法[J]. 网络与信息安全学报, 2023, 9(3): 123-134.
[2]	郭辉, 罗勇, 郭晓潞. 基于国密算法的车载以太网控制器身份认证方法[J]. 网络与信息安全学报, 2022, 8(6): 20-28.
[3]	杨冠群, 刘荫, 徐浩, 邢宏伟, 张建辉, 李恩堂. 基于区块链的电网可信分布式身份认证系统[J]. 网络与信息安全学报, 2021, 7(6): 88-98.
[4]	宋永成, 黄欣沂, 伍玮, 陈海霞. 基于编码的数字签名综述[J]. 网络与信息安全学报, 2021, 7(4): 1-17.
[5]	叶岳洋, 张兴兰. Fabric中的匿名身份认证技术研究[J]. 网络与信息安全学报, 2021, 7(3): 134-140.
[6]	张效林,谷大武,张驰. 移动平台典型应用的身份认证问题研究[J]. 网络与信息安全学报, 2020, 6(6): 137-151.
[7]	付溪,李晖,赵兴文. 网络钓鱼识别研究综述[J]. 网络与信息安全学报, 2020, 6(5): 1-10.
[8]	王昊,吴天昊,朱孔林,张琳. 交叉口场景下基于区块链技术的匿名车辆身份认证方案[J]. 网络与信息安全学报, 2020, 6(5): 27-35.
[9]	超凡,杨智,杜学绘,孙彦. 基于深度神经网络的Android恶意软件检测方法[J]. 网络与信息安全学报, 2020, 6(5): 67-79.
[10]	陈盈盈,章峰,蒋文保,周旭. 基于可信联盟的P2P网络身份认证机制[J]. 网络与信息安全学报, 2020, 6(2): 77-86.
[11]	肖辉,翁彬,黄添强,普菡,黄则辉. 融合多特征的视频帧间篡改检测算法[J]. 网络与信息安全学报, 2020, 6(1): 84-93.
[12]	于游, 付钰, 吴晓平. 中文文本分类方法综述[J]. 网络与信息安全学报, 2019, 5(5): 1-8.
[13]	陈舒荻,朱友文. 抗肩窥攻击的安全口令输入方法[J]. 网络与信息安全学报, 2019, 5(1): 87-93.
[14]	吴邱涵,胡卫. 基于SM2算法和区块链的移动端身份认证协议设计[J]. 网络与信息安全学报, 2018, 4(9): 60-65.
[15]	吕从东,李毓才. 货运列车车载网络轻量级身份认证协议研究[J]. 网络与信息安全学报, 2018, 4(11): 23-31.