BehavioSec participation in the DARPA AA Phase 2



Similar documents
Detecting Credit Card Fraud

This method looks at the patterns found on a fingertip. Patterns are made by the lines on the tip of the finger.

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

DARPA ACTIVE AUTHENTICATION PROGRAM: BEHAVIORAL BIOMETRICS

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Biometrics is the use of physiological and/or behavioral characteristics to recognize or verify the identity of individuals through automated means.

NFC & Biometrics. Christophe Rosenberger

Authentication Solutions Through Keystroke Dynamics

User Authentication using Combination of Behavioral Biometrics over the Touchpad acting like Touch screen of Mobile Device

Role of Multi-biometrics in Usable Multi- Factor Authentication

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management

Device-Centric Authentication and WebCrypto

HIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics

Encryption as a Cloud Service provides the lowest TCO

SCB Access Single Sign-On PC Secure Logon

IDRBT Working Paper No. 11 Authentication factors for Internet banking

AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

Dynamic Query Updation for User Authentication in cloud Environment

The Benefits of an Industry Standard Platform for Enterprise Sign-On

Start Here. P5100 Fingerprint Reader. Quick Installation Guide. Verifi. IMPORTANT. This installation manual is for Windows 8.1.

Biometric Authentication using Online Signature

Guide to Evaluating Multi-Factor Authentication Solutions

Application-Specific Biometric Templates

Alternative authentication what does it really provide?

Start Here. P5100 Fingerprint Reader. Quick Installation Guide. Verifi. IMPORTANT. This product must be used with Windows 7 or 8.

XYPRO Technology Brief: Stronger User Security with Device-centric Authentication

Continuous Biometric User Authentication in Online Examinations

An Analysis of Keystroke Dynamics Use in User Authentication

CSC Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

IDENTITY-AS-A-SERVICE IN A MOBILE WORLD. Cloud Management of Multi-Modal Biometrics

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

ADVANCE AUTHENTICATION TECHNIQUES

Assignment 1 Biometric authentication

Advanced Authentication

Implementation of Operator Authentication Processes on an Enterprise Level. Mark Heard Eastman Chemical Company

Digital identity: Toward more convenient, more secure online authentication

Knowledge Based Authentication (KBA) Metrics

Signature Verification Why xyzmo offers the leading solution.

Biometric Authentication using Online Signatures

Framework for Biometric Enabled Unified Core Banking

Enhanced Cloud Security through KFAC

Measuring Performance in a Biometrics Based Multi-Factor Authentication Dialog. A Nuance Education Paper

Multi-Factor Authentication Core User Policy and Procedures

Enterprise Single Sign-On City Hospital Cures Password Pain. Stephen Furstenau Operations and Support Director Imprivata, Inc.

WHITE PAPER Usher Mobile Identity Platform

Security Model in E-government with Biometric based on PKI

International Journal of Innovative Research in Computer and Communication Engineering

Securing e-government Web Portal Access Using Enhanced Two Factor Authentication

FIDO Trust Requirements

PTE ACADEMIC SECURE

Two-Factor Authentication and Swivel

DriveLock and Windows 7

Analysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security

ACER ProShield. Table of Contents

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

Mobile Device Management:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication

User Behaviour Analytics

HIPAA Security Alert

Managed Portable Security Devices

Spanish Certification Body. Challenges on Biometric Vulnerability Analysis on Fingerprint Devices. New. Technical Manager September 2008

Authentication Levels. White Paper April 23, 2014

May For other information please contact:

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

FFIEC CONSUMER GUIDANCE

French Justice Portal. Authentication methods and technologies. Page n 1

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Voice Authentication for ATM Security

Biometric Security: Client-Server Systems. Mira LaCous VP Technology & Development BIO-key International, Inc Mira.LaCous@bio-key.

Powering Security and Easy Authentication in a Multi-Channel World

Security Levels for Web Authentication using Mobile Phones

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

DA BIOMETRIC FINGERPRINT READER 2,5" HDD ENCLOSURE User Manual

Identity Management: Key Technologies

Authentication Scheme for ATM Based On Biometric K. Kavitha, II-MCA IFET COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER APPLICATIONS

2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.

Biometrics and Cyber Security

Biometrics: Advantages for Employee Attendance Verification. InfoTronics, Inc. Farmington Hills, MI

Modern Mobile Resource Management Solutions

Glossary of Key Terms

Human Factors in Information Security

Vulnerability Management Policy

Electronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust

Transcription:

BehavioSec participation in the DARPA AA Phase 2 A case study of Behaviometrics authentication for mobile devices Distribution Statement A (Approved for Public Release, Distribution Unlimited) 1

This paper is an overview about BehavioSec s participation in DARPA s Active Authentication Program Phase 2 in 2013/2014. 2

Contents Introduction... 4 DARPA s Active Authentication Program... 5 DARPA s Active Authentication Program Phase 1... 6 Trust Metrics... 6 DARPA s Active Authentication Program Phase 2... 7 Keyboard/keystroke... 7 Touch... 7 Work packages... 8 Working with CAC card... 8 3

Introduction The word Behaviometrics derives from the terms behavioral and biometrics. Behavioral refers to the way a human person behaves and biometrics, in an information security context, refers to technologies and methods that measure and analyzes biological characteristics of the human body for authentication purposes; for example fingerprints, eye retina and voice patterns. In other words Behaviometrics, or behavioral biometrics, is a measurable behavior, used to recognize or verify the identity of a person. Behaviometrics focus on behavioral patterns rather than physical attributes. After a user is verified with traditional security techniques, such as passwords, Behaviometrics can enhance the protection even after the user has logged in. It can continuously monitor the user during the whole working session to create an ongoing authentication process. A biometric authentication system can check if a user is accepted into a system. If a user is accepted that should not be, it is called a false accept. If a user that should be accepted is not, it is called a false reject. The ratio between users that falsely attempts to enter and users falsely accepted, is called false accept rate (FAR). While the ratio between correct users being accepted and rejected is called false reject rate (FRR). A behavioral continuous authentication system uses a set of behavioral traits to calculate a similarity ratio between the current user s behavior and the expected. The similarity can be combined with a threshold, so that if the similarity drops below the set threshold, the user will be detected as an imposter. 4

DARPA s Active Authentication Program The current standard method for validating a user s identity for authentication on an information system requires humans to do something that is inherently unnatural: create, remember, and manage long, complex passwords. Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus unauthorized individuals may improperly obtain extended access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating at the console. The Active Authentication program seeks to address this problem by developing novel ways of validating the identity of the person at the console that focus on the unique aspects of the individual through the use of software based biometrics. Biometrics is defined as the characteristics used to uniquely recognize humans based on one or more intrinsic physical or behavioral traits. This program focuses on the behavioral traits that can be observed through how we interact with the world. Just as when you touch something your finger you leave behind a fingerprint, when you interact with technology you do so in a pattern based on how your mind processes information, leaving behind a cognitive fingerprint. The first phase of the program will focus on researching biometrics that do not require the installation of additional hardware sensors, rather the program will look for research on biometrics that can be captured through the technology we already use looking for aspects of this cognitive fingerprint. These could include, for example, how the user handles the mouse and how the user crafts written language in an e-mail or document. A heavy emphasis will be placed on validating any potential new biometrics with empirical tests to ensure they would be effective in large scale deployments. The later phases of the program will focus on developing a solution that integrates any available biometrics using a new authentication platform suitable for deployment on a standard a Department of Defense desktop or laptop. The combinatorial approach of using multiple modalities for continuous user identification and authentication is expected to deliver a system that is accurate, robust, and transparent to the user s normal computing experience. [1] [1] http://www.darpa.mil/our_work/i2o/programs/active_authentication.aspx 5

DARPA s Active Authentication Program Phase 1 In phase one we used the behavioral data of 100 voluntary users for 3 months on standard windows office PCs, to extend current biometrical measurement definitions to better fit the unique characteristics of continuous behaviometrics. We sampled the following modalities: Fig 1. Modalities Trust Metrics To use the behavior of users for continuous authentication we decided to develop the concept of Trust. The trust is defined by Biometric systems have been defined by the US National Institute of Standards and Technology (NIST) as systems exploiting automated methods of recognizing a person based on physiological or behavioral characteristics 6

DARPA s Active Authentication Program Phase 2 Keyboard/keystroke We are looking for how a person is typing, not what a person is typing. We use keystroke dynamics (press, flight and sequence) and combine this with pressure, accelerometer and gyro information as well as the position of the touch on the pressed key. Touch For touch gestures we use all the available modalities of the touch, like distance and time travelled, as well as the points when entering or leaving measurement points together with the pressure. Start Stop 7

Work packages WP 2 Continuous Trust on Mobile Devices Realize a Continuous Authentication for mobile devices with our Trust Metrics from Phase 1 using: Keystroke dynamics Pressure Touch Gestures Accelerometer Gyro GPS WP 3 Differences of keystroke on mobile and desktop We study the possibility of reusing the information from profiles between desktop and mobile devices We compare the reliability of an user authentication for self-chosen vs. predetermined passwords WP 4 USMA metrics We plan to present different metric s according to the USMA metrics based on our data (FTE, FTA, FAR, FRR, EER, MTTE, MTTD, ROC) WP 5 Open Data Format We plan to propose an Open Data Format for interoperability for behaviometric data for keystroke dynamics, mouse movements, application usage and mobile modalities like Keystroke position, Pressure, Touch, Gyro, Accelerometer and GPS. WP 6 Gesture Based Input Model gestures to be used for authentication Fusion of gestures into our continuous trust system Stability of Predetermined and self-chosen gestures WP 7 PIN entry on mobile devices We are using data from 50.000 anonymous users 4-8 digit pin to generate statistically significant results for user authentication. Differences between self-chosen and random PIN Results from gathered data will be presented showing the stability of user behavior for self-chosen and random PIN. Working with CAC card To show the possibility of tying a user to an issued credential, we intend to research, how this can be done on mobile devices using standard CAC card with NFC. 8

A temporary behavioral profile on the mobile would be generated This would be signed with the CAC card via NFC and encrypted using a supplied server key Send to server The server is decrypting the profile and checking the signature The server polls the user profile from the database, based on user signature The temporary profile of the user would be compared and based on the results a score trust value will be reported Workflow Temporary profile Secured with user specific CAC card Poll user profile, based on user credentials Compare to profile and maintain trust value 9

For more information please contact sales at BehavioSec, Jakobs torg 3, SE-111 52 Stockholm, Sweden sales@behaviosec.com www.behaviosec.com 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information