TY - GEN
T1 - User Profiling Using Sequential Mining over Web Elements
AU - Levi, Matan
AU - Hazan, Itay
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/9/1
Y1 - 2019/9/1
N2 - Most of today's sensitive systems offer receiving information and performing actions remotely through the company's website by using authentication mechanisms such as username and password, one-time tokens, etc. However, these methods are not immune against credentials theft. Authenticated sessions can be subjected to session hijacking through stolen cookies, man in the middle (MitM) attacks, social Engineering and more. Behavioral biometrics models within the website can help continuously verify user's identity throughout the session and prevent a wide variety of attacks. Such methods usually focus on sampling the raw movements and extracting meaningful features for profiling such as velocity, curvature, distance, etc. However, traditional methods usually avoid the elements that are being traversed by the user and do not use the created sequence of elements the user usually go through, which can be easily extracted in web applications. Therefore, we introduce a novel approach for pointing device (e.g. mouse, finger, touchpad, trackball) sequential verification in web applications. This approach can be used in addition to traditional feature-based movement techniques and enhance them. Our approach is based on Hidden Markov Model and Linear Regression to profile a user based on web elements sequences constructed from the user's pointing device movements. We demonstrate the competitive advantage via encouraging results on anonymized dataset collected by IBM from accounts of 2500 web application users.
AB - Most of today's sensitive systems offer receiving information and performing actions remotely through the company's website by using authentication mechanisms such as username and password, one-time tokens, etc. However, these methods are not immune against credentials theft. Authenticated sessions can be subjected to session hijacking through stolen cookies, man in the middle (MitM) attacks, social Engineering and more. Behavioral biometrics models within the website can help continuously verify user's identity throughout the session and prevent a wide variety of attacks. Such methods usually focus on sampling the raw movements and extracting meaningful features for profiling such as velocity, curvature, distance, etc. However, traditional methods usually avoid the elements that are being traversed by the user and do not use the created sequence of elements the user usually go through, which can be easily extracted in web applications. Therefore, we introduce a novel approach for pointing device (e.g. mouse, finger, touchpad, trackball) sequential verification in web applications. This approach can be used in addition to traditional feature-based movement techniques and enhance them. Our approach is based on Hidden Markov Model and Linear Regression to profile a user based on web elements sequences constructed from the user's pointing device movements. We demonstrate the competitive advantage via encouraging results on anonymized dataset collected by IBM from accounts of 2500 web application users.
KW - Anomaly Detection
KW - Behavioral Biometrics
KW - Continuous Authentication
KW - Hidden Markov Model
KW - User Profiling
KW - User Verification
UR - https://www.scopus.com/pages/publications/85092321704
U2 - 10.1109/BTAS46853.2019.9186005
DO - 10.1109/BTAS46853.2019.9186005
M3 - Conference contribution
AN - SCOPUS:85092321704
T3 - 2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems, BTAS 2019
BT - 2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems, BTAS 2019
PB - Institute of Electrical and Electronics Engineers
T2 - 10th IEEE International Conference on Biometrics Theory, Applications and Systems, BTAS 2019
Y2 - 23 September 2019 through 26 September 2019
ER -