网络与信息安全学报 ›› 2022, Vol. 8 ›› Issue (5): 179-188.doi: 10.11959/j.issn.2096-109x.2022067

• 学术论文 • 上一篇    

新的基于鼠标行为的持续身份认证方法

易聪1,2, 胡军1,2   

  1. 1 计算智能重庆市重点实验室(重庆邮电大学),重庆 400065
    2 重庆邮电大学计算机科学与技术学院,重庆 400065
  • 修回日期:2022-06-22 出版日期:2022-10-15 发布日期:2022-10-01
  • 作者简介:易聪(1995- ),男,四川达州人,重庆邮电大学研究生,主要研究方向为智能信息处理和数据挖掘
    胡军(1977- ),男,湖北监利人,重庆邮电大学教授、博士生导师,主要研究方向为粒计算、粗糙集、智能信息处理和数据挖掘
  • 基金资助:
    国家自然科学基金(61936001);国家自然科学基金(61876201);国家自然科学基金(61876027);重庆市教委重点合作项目(HZ2021008);重庆市自然科学基金(cstc2019jcyj-cxttX0002);重庆市自然科学基金(cstc2021ycjh-bgzxm0013)

Novel continuous identity authentication method based on mouse behavior

Cong YI1,2, Jun HU1,2   

  1. 1 Chongqing Key Laboratory of Computational Intelligence(Chongqing University of Posts and Telecommunications), Chongqing 400065, China
    2 College of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing 400065, China
  • Revised:2022-06-22 Online:2022-10-15 Published:2022-10-01
  • Supported by:
    The National Natural Science Foundation of China(61936001);The National Natural Science Foundation of China(61876201);The National Natural Science Foundation of China(61876027);The Key Cooperation Project of Chongqing Municipal Education Commission(HZ2021008);The National Natural Science Foundation of Chongqing(cstc2019jcyj-cxttX0002);The National Natural Science Foundation of Chongqing(cstc2021ycjh-bgzxm0013)

摘要:

随着互联网技术的快速发展,安全问题一直是人们关注的焦点。基于鼠标行为的持续身份认证对于保护计算机系统的安全起着至关重要的作用。针对鼠标行为认证方法存在的认证准确率较低和认证时间较长的问题,提出了一种新的基于鼠标行为的持续身份认证方法。该方法将用户的鼠标事件序列按不同的类型划分为相应的鼠标行为,并基于鼠标行为从多方面挖掘鼠标行为特征,对于时间和空间的特征值需要计算其统计值来唯一表示,从而更好地表示不同用户的鼠标行为差异,提高认证准确率。通过 ReliefF 算法得到鼠标行为特征的重要度,并在此基础上结合邻域粗糙集去除鼠标行为的无关或冗余特征,以达到降低模型复杂度和建模时间的目的,并采用二分类算法进行认证模型的训练。在身份认证时会根据每次收集的鼠标行为使用认证模型得到分类得分,再结合信任模型更新用户的信任值,当用户的信任值降低到信任模型阈值以下时,就会被判断为非法用户。在Balabit和DFL数据集上对所提方法的身份认证效果进行仿真实验,结果表明,该方法相较于其他文献的方法,不仅可以提高身份认证准确率、降低身份认证时间,而且对于外部用户的非法入侵具有一定的鲁棒性。

关键词: 身份认证, 鼠标行为, 邻域粗糙集, 特征选择, 信任模型

Abstract:

With the rapid development of Internet technologies, security issues have always been the hot topics.Continuous identity authentication based on mouse behavior plays a crucial role in protecting computer systems, but there are still some problems to be solved.Aiming at the problems of low authentication accuracy and long authentication latency in mouse behavior authentication method, a new continuous identity authentication method based on mouse behavior was proposed.The method divided the user’s mouse event sequence into corresponding mouse behaviors according to different types, and mined mouse behavior characteristics from various aspects based on mouse behaviors.Thereby, the differences in mouse behavior of different users can be better represented, and the authentication accuracy can be improved.Besides, the importance of mouse behavior features was obtained by the ReliefF algorithm, and on this basis, the irrelevant or redundant features of mouse behavior were removed by combining the neighborhood rough set to reduce model complexity and modeling time.Moreover binary classification was adopted.The algorithm performed the training of the authentication model.During identity authentication, the authentication model was used to obtain a classification score based on the mouse behavior collected each time, and then the user’s trust value was updated in combination with the trust model.When the user’s trust value fell below the threshold of the trust model, it might be judged as illegal user.The authentication effect of the proposed method was simulated on the Balabit and DFL datasets.The results show that, compared with the methods in other literatures, this method not only improves the authentication accuracy and reduces the authentication latency, but also has a certain robustness to the illegal intrusion of external users.

Key words: identity authentication, mouse behavior, neighborhood rough set, feature selection, trust model

中图分类号: 

No Suggested Reading articles found!