Abstract
User authentication is considered to be an important aspect of any cyber security program. However, one-time validation of user’s identity is not strong to provide resilient security throughout the user session. In this aspect, continuous monitoring of session is necessary to ensure that only legitimate user is accessing the system resources for entire session. In this paper, a true continuous user authentication system featuring keystroke dynamics behavioural biometric modality has been proposed and implemented. A novel method of authenticating the user on each action has been presented which decides the legitimacy of current user based on the confidence in the genuineness of each action. The 2-phase methodology, consisting of ensemble learning and robust recurrent confidence model(R-RCM), has been designed which employs a novel perception of two thresholds i.e., alert and final threshold. Proposed methodology classifies each action based on the probability score of ensemble classifier which is afterwards used along with hyper-parameters of R-RCM to compute the current confidence in genuineness of user. System decides if user can continue using the system or not based on new confidence value and final threshold. However, it tends to lock out imposter user more quickly if it reaches the alert threshold. Moreover, system has been validated with two different experimental settings and results are reported in terms of mean average number of genuine actions (ANGA) and average number of imposter actions(ANIA), whereby achieving the lowest mean ANIA with experimental setting II.
Highlights
In In modern networks, the security of critical computer systems is highly susceptible to different attacks at the user level, system level or network level precisely
We have proposed the robust Recurrent confidence Model (R-RCM) which considers each and every action of user in order to decide if user is legitimate or not
The true continuous user authentication (CUA) system works on authenticating the user based on the typing behaviour which distinguishes one user from the other
Summary
In In modern networks, the security of critical computer systems is highly susceptible to different attacks at the user level, system level or network level precisely. In the user level attacks i.e., masquerade attacks, intruder exploits the legitimate user rights for unauthorized access to some confidential information. User is authenticated using password, usernames or any other related information to ensure whether the user is the one claiming to be while accessing a system or network. Resources of session are allocated upon authentication and user can use session for which it has been authenticated until logged out or for some fixed period of time [3]. This is referred to as static user authentication (SUA). If a person leaves its system or phone unattended or forgets to log out from authenticated session of any critical application that contains
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
