Leveraging the Effects of Cognitive Function on Input Device Analytics to Improve Security - April 2015

Submitted by drwright on Sun, 03/22/2015 - 1:19pm

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s): David L. Roberts, Robert St. Amant
Researchers: Huseyin Sencan, Alok Goel

HARD PROBLEM(S) ADDRESSED

Human Behavior - Our work addresses understanding human behavior through observations of input device usage. The basic principles we are developing will enable new avenues for characterizing risk and identifying malicious (or accidental) uses of systems that lead to security problems. The ultimate goal of our work is the development of a novel class of security proofs that we call "Human Sublety Proofs" (HSPs). HSPs combine the unobtrusiveness of Human Observational Proofs with the interactivity of Human Interactive Proofs, which hopefully will lead to more secure interactions.

PUBLICATIONS

Robert St. Amant, Prairie Rose Goodwin, Ignacio Dominguez, David L. Roberts. 2015. Toward Expert Typing in ACT-R. Proceedings of the 2015 International Conference on Cognitive Modeling (ICCM 15).
Ignacio X. Dominguez, Alok Goel, David L. Roberts, Robert St. Amant. 2015. Detecting Abnormal User Behavior Through Pattern-mining Input Device Analytics. Proceedings of the 2015 Symposium and Bootcamp on the Science of Security (HotSoS-15).

ACCOMPLISHMENT HIGHLIGHTS

Began analysis and modeling of data from approximately 50 experiment participants typing under a variety of cognitive conditions, in a typing game. This analysis is focused on identifying analytics and features of input device usage that can be used to identify malicious or unintended use of software systems by identifying cognitive processes that aren't associated with normal use.
Developed visualization for eye tracking data from the experiment, aligning screen changes to shifts in gaze. The visualization tool enable candidate hypothesis generation for identifying patterns in device usage and cognitive processes reflective of normal and malicious or unintended software use.
Began adaptation of transcription typing model to data from the experiment. The typing model, along with the insights from our data analysis and visualization tool, will form the basis of Human Sublety Proofs for unintrusive monitoring of software usage.

Groups:

NCSU Science of Security Lablet Research Initiative