Type of Document Master's Thesis Author Jagadeesan, Harini Author's Email Address firstname.lastname@example.org URN etd-05082009-141351 Title Design and Verification of Privacy and User Re-authentication Systems Degree Master of Science Department Electrical and Computer Engineering Advisory Committee
Advisor Name Title Hsiao, Michael S. Committee Chair Huang, Chao Committee Member Plassmann, Paul E. Committee Member Keywords
- user re-authentication
Date of Defense 2009-04-30 Availability unrestricted AbstractIn the internet age, privacy and security have become major concerns since an increasing number of transactions are made over an unsecured network. Thus there is a greater chance for private data to be misused. Further, insider attacks can result in loss of valuable data. Hence there arises a strong need for continual, non-intrusive, quick user re-authentication. Previously, a number of studies have been conducted on authentication using behavioral attributes. Currently, few successful re-authentication mechanisms are available since they use either the mouse or the keyboard for re-authentication and target particular applications. However, successful re-authentication is still dependent on a large number of factors such as user excitation level, fatigue and using just the keyboard or the mouse does not mitigate these factors successfully.
Both keyboard and mouse contain valuable, hard-to-duplicate information about the user’s behavior. This can be used for analysis and identification of the current user. We propose an application independent system that uses this information for user re-authentication. This system will authenticate the user continually based on his/her behavioral attributes obtained from both the keyboard and mouse operations. This re-authentication system is simple, continual, non-intrusive and easily deployable. To utilize the mouse and keyboard information for re-authentication, we propose a novel heuristic that uses the percentage of mouse-to-keyboard interaction ratio. This heuristic allows us to extract suitable user-behavioral attributes. The extracted data is compared with an already trained database for user re-authentication.
The accuracy of the system is calculated by the number of correct identifications to total number of identifications. At present, the accuracy of the system is around 96% for application based user re-authentication and around 82% for application independent user re-authentication. We perform black box, white box testing and Spec# verification procedures that prove the robustness of the proposed system. On testing POCKET, a privacy protection software for children, it was found that the security of POCKET was inadequate at the user level. Our system enhances POCKET security at the user level and ensures that the child’s privacy is protected.
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access thesis_Harini_Jagadeesan.pdf 16.81 Mb 01:17:48 00:40:00 00:35:00 00:17:30 00:01:29
If you have questions or technical problems, please Contact DLA.