User Profiling Using Sequential Mining over Web Elements

Matan Levi, Itay Hazan

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

Most of today's sensitive systems offer receiving information and performing actions remotely through the company's website by using authentication mechanisms such as username and password, one-time tokens, etc. However, these methods are not immune against credentials theft. Authenticated sessions can be subjected to session hijacking through stolen cookies, man in the middle (MitM) attacks, social Engineering and more. Behavioral biometrics models within the website can help continuously verify user's identity throughout the session and prevent a wide variety of attacks. Such methods usually focus on sampling the raw movements and extracting meaningful features for profiling such as velocity, curvature, distance, etc. However, traditional methods usually avoid the elements that are being traversed by the user and do not use the created sequence of elements the user usually go through, which can be easily extracted in web applications. Therefore, we introduce a novel approach for pointing device (e.g. mouse, finger, touchpad, trackball) sequential verification in web applications. This approach can be used in addition to traditional feature-based movement techniques and enhance them. Our approach is based on Hidden Markov Model and Linear Regression to profile a user based on web elements sequences constructed from the user's pointing device movements. We demonstrate the competitive advantage via encouraging results on anonymized dataset collected by IBM from accounts of 2500 web application users.

Original languageEnglish
Title of host publication2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems, BTAS 2019
PublisherInstitute of Electrical and Electronics Engineers
ISBN (Electronic)9781728115221
DOIs
StatePublished - 1 Sep 2019
Externally publishedYes
Event10th IEEE International Conference on Biometrics Theory, Applications and Systems, BTAS 2019 - Tampa, United States
Duration: 23 Sep 201926 Sep 2019

Publication series

Name2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems, BTAS 2019

Conference

Conference10th IEEE International Conference on Biometrics Theory, Applications and Systems, BTAS 2019
Country/TerritoryUnited States
CityTampa
Period23/09/1926/09/19

Keywords

  • Anomaly Detection
  • Behavioral Biometrics
  • Continuous Authentication
  • Hidden Markov Model
  • User Profiling
  • User Verification

ASJC Scopus subject areas

  • Computer Science Applications
  • Computer Vision and Pattern Recognition
  • Software
  • Instrumentation

Fingerprint

Dive into the research topics of 'User Profiling Using Sequential Mining over Web Elements'. Together they form a unique fingerprint.

Cite this