Abstract
Abstract Data theft is a growing threat to consumers and organizations which existing security safeguards do not sufficiently address. In particular, existing authentication mechanisms are frequently bypassed or circumvented although in situations where attacks are launched by malicious insiders who already possess valid credentials. We propose methods to enhance existing authentication paradigms with continuous active authentication. Our system adds additional levels of security without burdening the user with more credentials to manage. We utilize two complementary authentication modalities to validate user-identity: (1) behavior profiling for user-system interaction, and (2) baiting adversaries using automatically distributed file-decoy tripwires. We present the results from a 160-subject user study used to validate our system. Our results show that the presence of decoy documents on a system does not interfere with normal user activities, and that, with 95% accuracy, our system will detect an intrusion within 15 minutes with at most one false-positive for 40 hours of user activity.
Accepted Version (
Free)
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call