Identifying users with application-specific command streams
Title | Identifying users with application-specific command streams |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | El Masri, A., Wechsler, H., Likarish, P., Kang, B.B. |
Conference Name | Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on |
Date Published | July |
Keywords | Active Authentication, active authentication model, AdaBoost, application-specific command streams, area under the curve, AUC, authentication, Behavioral biometrics, biometrics (access control), Classification algorithms, GUI-based application, Hidden Markov models, human computer interaction, human-computer interaction, Intrusion detection, Keyboards, learning (artificial intelligence), machine learning, machine learning algorithms, message authentication, Mice, Microsoft, MS Word commands, Radio frequency, random forests, receiver operating characteristic, RF, ROC curve, sensitivity analysis, user command streams, user identification, user profiles, user-issued commands |
Abstract | This paper proposes and describes an active authentication model based on user profiles built from user-issued commands when interacting with GUI-based application. Previous behavioral models derived from user issued commands were limited to analyzing the user's interaction with the *Nix (Linux or Unix) command shell program. Human-computer interaction (HCI) research has explored the idea of building users profiles based on their behavioral patterns when interacting with such graphical interfaces. It did so by analyzing the user's keystroke and/or mouse dynamics. However, none had explored the idea of creating profiles by capturing users' usage characteristics when interacting with a specific application beyond how a user strikes the keyboard or moves the mouse across the screen. We obtain and utilize a dataset of user command streams collected from working with Microsoft (MS) Word to serve as a test bed. User profiles are first built using MS Word commands and identification takes place using machine learning algorithms. Best performance in terms of both accuracy and Area under the Curve (AUC) for Receiver Operating Characteristic (ROC) curve is reported using Random Forests (RF) and AdaBoost with random forests. |
DOI | 10.1109/PST.2014.6890944 |
Citation Key | 6890944 |
- receiver operating characteristic
- machine learning
- machine learning algorithms
- message authentication
- Mice
- Microsoft
- MS Word commands
- Radio frequency
- random forests
- learning (artificial intelligence)
- RF
- ROC curve
- sensitivity analysis
- user command streams
- user identification
- user profiles
- user-issued commands
- Active Authentication
- Keyboards
- Intrusion Detection
- Human-computer interaction
- human computer interaction
- Hidden Markov models
- GUI-based application
- Classification algorithms
- biometrics (access control)
- Behavioral biometrics
- authentication
- AUC
- area under the curve
- application-specific command streams
- AdaBoost
- active authentication model