Leveraging the Effects of Cognitive Function on Input Device Analytics to Improve Security - July 2015
Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.
PI(s): David L. Roberts, Robert St. Amant
Researchers: Alok Goel, Ignacio X. Dominguez
HARD PROBLEM(S) ADDRESSED
- Human Behavior - Our work addresses understanding human behavior through observations of input device usage. The basic principles we are developing will enable new avenues for characterizing risk and identifying malicious (or accidental) uses of systems that lead to security problems. The ultimate goal of our work is the development of a novel class of security proofs that we call "Human Subtlety Proofs" (HSPs). HSPs combine the unobtrusiveness of Human Observational Proofs with the interactivity of Human Interactive Proofs, which hopefully will lead to more secure interactions.
PUBLICATIONS
- Robert St. Amant, Prairie Rose Goodwin, Ignacio Dominguez, and David L. Roberts. "Toward Expert Typing in ACT-R." Proceedings of the 2015 International Conference on Cognitive Modeling (ICCM 15). 2015.
- Ignacio X. Dominguez, Alok Goel, David L. Roberts, and Robert St. Amant. "Detecting Abnormal User Behavior Through Pattern-mining Input Device Analytics." Proceedings of the 2015 Symposium and Bootcamp on the Science of Security (HotSoS-15). 2015.
ACCOMPLISHMENT HIGHLIGHTS
- We are making great progress toward the implementation and validation of a HSP technology inspired by cognitive models of task interactions.
- Online, real-time detection of system usage inconsistent with intended usage is the current goal, and progress is being made in that direction.
- The incorporation of more detailed cognitive modeling of transcription typing and mouse targeting behavior has enabled notable increases in accuracy of usage detection schemes, which will serve HSP implementations very well.