Abstract
Knowledge-based authentication (KBA) has gained prominence as a user authentication method for electronic transactions. This paper presents a Bayesian network model of KBA grounded in probabilistic reasoning and information theory. The probabilistic semantics of the model parameters naturally lead to the definitions of two key KBA metrics-guessability and memorability. The statistical modeling approach allows parameter estimation using methods such as the maximum likelihood estimator (MLE). The information-theoretic view helps to derive the closed-form solutions to estimating the guessability and guessing entropy metrics. The results related to KBA metrics and the models under different attacking strategies and factoid distributions are unified under a game-theoretic framework that yields lower and upper bounds of optimal guessability. The paper also proposes a methodology for implementing a Bayesian network-based KBA system. Further, an empirical evaluation of the relative merits of two Bayesian network structures for KBA, the Naive Bayes (NB) and the Tree Augmented Naive Bayes (TAN), confirms the hypothesis that the TAN structure is superior in terms of authentication accuracy and error rates. The results of the theoretical analysis and the empirical study provide insights into the KBA design problem and establish a foundation for future research in the KBA area.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: IEEE Transactions on Knowledge and Data Engineering
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.