Secure and privacy preserving data processing support for active authentication

Abstract

Keystroke dynamics and mouse movements are effective behavioral biometric modalities for active authentication. However, very little is done on the privacy of collection and transmission of keyboard and mouse data. In this paper, we develop a rule based data sanitization scheme to detect and remove personally identifiable and other sensitive information from the collected data set. Preliminary experiments show that our scheme incurs on average 5.69 % false negative error rate and 0.64 % false positive error rate. We also develop a data transmission scheme using the Extensible Messaging and Presence Protocol (XMPP) to guarantee privacy during transmission. Using these two schemes as a basis, we develop two distinct architectures for providing secure and privacy preserving data processing support for active authentication. These architectures provide flexibility of use depending upon the application environment.