Сравнительный анализ инструментов непрерывной онлайн-аутентификации и систем обнаружения аномалий для постоянного подтверждения личности пользователя

Abstract

Problem statement: increasing the security of the system actualizes issues related to the confirmation of the user's identity by various methods. Known ways to increase security, continuous authentication by biometric parameters, such as the movement of a computer mouse, the speed of clicking mouse buttons is complex and does not give one hundred percent accuracy. The purpose of the work: is to study the existing solutions in the field of anomaly detection and continuous authentication systems. It is proposed to develop parameters for removing data from a computer mouse, requirements for creating a DataSet, the effectiveness of analysis and extraction of the main features from the raw data. Consider the DL models for CA and AD, allowing to verify the user, to make their qualitative comparison. Methods used: the study uses a comparative analysis of technologies. Such as differentiated machine learning (ML), including the decision tree classifier (DT), the k-nearest neighbor method (k-NN), the random forests algorithm (RF) and ultra-precise neural networks (CNN). Result: based on a comparative analysis of continuous online authentication tools and anomaly detection systems for permanent confirmation of the user's identity. As a result of the work, it was determined that the existing methods related to CA and AD describe mainly laboratory studies, and are in the nature of confirming hypotheses. The considered studies describe the parameters used to develop software for taking data about mouse actions. Studies show that the collection tools have little effect on the quality of the data obtained, provided that the data is preprocessed using algorithms for identifying key features. Most studies consider data sets obtained either from free sources or from groups of volunteers ranging from 10 to 60 people. It should be noted that the number exceeding 10 can be considered sufficient to determine a representative sample. It was determined that the greatest value on the result was given by signs describing the movement of the mouse between two locations of the screen. The DL models for CA and AD that allow user verification are considered, and their qualitative comparison is made. Practical significance: the conducted research makes it possible to judge the possibility of implementing a solution for continuous online authentication and anomaly detection systems for permanent confirmation of the user's identity within the framework of the RemoteTopology remote championship system developed earlier.