Physical Sciences and Mathematics Commons^™

Poisoning Attacks On Learning-Based Keystroke Authentication And A Residue Feature Based Defense, Zibo Wang

Doctoral Dissertations

Behavioral biometrics, such as keystroke dynamics, are characterized by relatively large variation in the input samples as compared to physiological biometrics such as fingerprints and iris. Recent advances in machine learning have resulted in behaviorbased pattern learning methods that obviate the effects of variation by mapping the variable behavior patterns to a unique identity with high accuracy. However, it has also exposed the learning systems to attacks that use updating mechanisms in learning by injecting imposter samples to deliberately drift the data to impostors’ patterns. Using the principles of adversarial drift, we develop a class of poisoning attacks, named Frog-Boiling …

Vulnerability Analysis Of Cyber-Behavioral Biometric Authentication, Abdul Serwadda

Doctoral Dissertations

Research on cyber-behavioral biometric authentication has traditionally assumed naïve (or zero-effort) impostors who make no attempt to generate sophisticated forgeries of biometric samples. Given the plethora of adversarial technologies on the Internet, it is questionable as to whether the zero-effort threat model provides a realistic estimate of how these authentication systems would perform in the wake of adversity. To better evaluate the efficiency of these authentication systems, there is need for research on algorithmic attacks which simulate the state-of-the-art threats.

To tackle this problem, we took the case of keystroke and touch-based authentication and developed a new family of algorithmic …

Snoop-Forge-Replay Attack On Continuous Verification With Keystrokes, Khandaker Abir Rahman

Doctoral Dissertations

We present a new attack called the snoop-forge-replay attack on the keystroke-based continuous verification systems. We performed the attacks on two levels – 1) feature-level and 2) sample-level.

(1) Feature-level attack targets specific keystroke-based continuous verification method or system. In feature-level attacks, we performed a series of experiments using keystroke data from 50 users who typed approximately 1200 to 2300 keystrokes of free text during three different periods. The experiments consisted of two parts. In the first part, we conducted zero-effort verification experiments with two verifiers ("R" and "S") and obtained Equal Error Rates (EERs) between 10% and 15% under …

Naïve Bayes And Similarity Based Methods For Identifying Computer Users Using Keystroke Patterns, Shrijit S. Joshi

Doctoral Dissertations

In this dissertation, we present two methods for identifying computer users using keystroke patterns. In the first method "Competition between naïve Bayes models for user identification," a naïve Bayes model is created for each user. In the training phase of this method, the model of a user is trained using maximum likelihood estimation on the key press latency values extracted from the texts typed by the user. In the user identification phase of this method, for each user we determine the probabilistic likelihood that the typed text belongs to a user. Finally, the typed text is assigned to the user …