Continuous authentication of users based on network usage behavior at corporate wireless local networks / Autenticação continuada de usuários baseada em comportamento no uso de redes locais corporativas sem fio

Pedro Luiz Teixeira de Moura, Eduardo Takeo Ueda

Abstract


 A Autenticação Continuada (AC) de Dispositivos Móveis (DM) pessoais, em redes sem fio locais corporativas, baseia-se em geral em biometria, uso de teclado, toque em tela ou na análise do uso de aplicativos.  Isso implica na instalação de um programa de monitoramento no próprio DM, impactando negativamente o sentimento de intrusão por parte do proprietário do DM, e sobrecarregando a equipe de apoio técnico. Além disso, a AC pode ser comprometida caso o aplicativo seja desativado por um intruso ou se o DM for clonado. Com a finalidade de evitar tais problemas, este artigo propõe e avalia, em ambiente de teste, o uso do tráfego de rede para autenticar usuários em seus DMs, aplicando métodos de Aprendizado de Máquina, Supervisionado e Não Supervisionado.


Keywords


Autenticação continuada, dispositivos móveis, rede local sem fio, aprendizado de máquina, autenticação baseada em comportamento.

References


A. L. Samuel. Some Studies in Machine Learning Using the Game of Checkers. IBM Journal of Research and Development. Year: 1959, Volume: 3, Issue: 3. Pages: 210 – 229, DOI: 10.1147/rd.33.0210. IBM Journals & Magazines.

Ahmed, A. System and method for determining a computer user profile from a motion-based input device, 5 out. 2006. Disponível em: http://www.google.com/patents/US20060224898. Acessado em: 18/12/2017.

Apache Mahout: Scalable machine learning and data mining. Disponível em https://mahout.apache.org. Acessado em: 01/09/2017.

Bours, Patrick ; Mondal, Soumik. Continuous Authentication using Behavioural Biometrics SIMEM’s 2013 JED, 2013. Disponível em: http://jedsimem2013.sciencesconf.org/conference/jedsimem2013/pages/Book_of_abstract_JED2013.pdf#page=13. Acessado em: 07/06/2017.

Class Balancer. Disponível em: http://weka.sourceforge.net/doc.dev/weka/filters/supervised/instance/ClassBalancer.html. Acessado em: 15/10/2017.

Class ConditionalProbatilities. Disponível em: http://weka.sourceforge.net/doc.dev/weka/filters/supervised/attribute/ClassConditionalProbabilities.html. Acessado em: 15/10/2017.

Class J48,weka.classifiers.trees. Disponível em: http://weka.sourceforge.net/doc.dev/weka/classifiers/trees/J48.html. Acessado em: 15/10/2017.

Class Puk. Disponível em: http://weka.sourceforge.net/doc.dev/weka/classifiers/functions/supportVector/Puk.html. Acessado em: 15/10/2017.

Class SMO. Disponível em: http://weka.sourceforge.net/doc.dev/weka/classifiers/functions/SMO.html. Acessado em: 15/10/2017.

Class ZeroR. http://weka.sourceforge.net/doc.dev/weka/classifiers/rules/ZeroR.html. Acessado em: 01/10/2017.

Deutschmann, I.; Lindholm, J. (2013). Behavioral biometrics for DARPA’s Active Authentication program. Disponível em: http://cs.emis.de/LNI/Proceedings/Proceedings212/225.pdf. Acessado em: 25/02/2017.

Frank, M. et al. Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication. IEEE Transactions on Information Forensics and Security, v. 8, n. 1, p. 136–148, 1 jan. 2013.

Ghosh, S.; Dubey, S. K. (2013). Comparative Analysis of K-Means and Fuzzy C-Means Algorithms. Ijacsa, 4(4), 35–39. doi:10.14569/IJACSA.2013.040406. Disponível em: http://thesai.org/downloads/volume4no4/paper_6-comparative_analysis_of_k-means_and_fuzzy_c_means_algorithms.pdf. Acessado em: 30/04/2017.

GNU Octave. Disponível em: https://www.gnu.org/software/octave/. Acessado em: 01/10/2017.

GNU General Public License. Disponível em: https://www.gnu.org/licenses/gpl-3.0.en.html. Acessado em: 15/10/2017.

Kashi, R. Habit-based authentication, 8 maio 2012. Disponível em: http://www.google.com/patents/US8176159. Acessado em: 12/10/2017.

KNIME | KNIME Analytics Platform. Disponível em: https://www.knime.org/knime. Acessado em: 12/10/2017.

Kohavi, Ron And Provost, Foster. Glossary of Terms. Special Issue on Applications of Machine Learning and the Knowledge Discovery Process. ©1998 Kluwer Academic Publishers, Boston, Manufactured in The Netherlands. Disponível em: http://robotics.stanford.edu/~ronnyk/glossary.html. Acessado em: 08/08/2017.

Lantz, Brett 2013. Machine Learning with R. Packt Publishing. ISBN:1782162143 9781782162148.

Mitchell, Thomas M. Machine Learning McGraw-Hill, Inc. New York, NY, USA. 1997. ISBN:0070428077 9780070428072.

Moghaddam, S.; Helmy, A. Multidimensional modeling and analysis of wireless users online activity and mobility: a neural-networks map approach. Proceedings of the 14th ACM international (2011).

Montalvao Filho, J.R. and Freire, E.O. (2006), “Multimodal biometric fusion - joint typist (keystroke) and speaker verification”, Proceedings of the International Telecommunications Symposium , pp. 609-614.

Muncaster, J. and Turk, M. (2006), “Continuous Multimodal Authentication Using Dynamic Bayesian Networks”, Proceedings of the 2nd Workshop on Multimodal User Authentication, pp. 1-8.

OpenCV. Disponível em: http://opencv.org. Acesso em: 15 de Novembro 2017.

OREKONDY, Tribhuvanesh, et al. (2012). Application of Support Vector Machine in Continuos Authentication. In Information and Communication Technologies (WICT), 2012 World Congress on (pp. 608–613).

Partition membership. Disponível em: http://weka.sourceforge.net/doc.dev/weka/filters/supervised/attribute/PartitionMembership.html. Acessado em: 15/10/2017.

Quinlan, J. R. "Induction of decision trees", Machine Learning Journal., vol. 1, no. 1, pp.81 -106 1986. Kluwer Academic Publishers. DOI 10.1007/BF00116251. Disponível em: http://link.springer.com/content/pdf/10.1007%2FBF00116251.pdf. Acessado em: 11/08/2017.

R: The R Project for Statistical Computing. Disponível em http://www.r-project.org. Acessado em: 02/10/2017.

Rabiner, L., "A tutorial on hidden Markov models and selected applications in speech recognition," Proceedings of the IEEE , vol.77, no.2, pp.257,286, Feb 1989. doi: 10.1109/5.18626. Disponível em: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=18626&isnumber=698. Acessado em: 07/06/2017.

Rennie, J. D. M. et al. (2003). Tackling the Poor Assumptions of Naive Bayes Text Classifiers. Proceedings of the Twentieth International Conference on Machine Learning (ICML)-2003), 616–623. doi:10.1186/1477-3155-8-16. Disponível em: https://people.csail.mit.edu/jrennie/papers/icml03-nb.pdf. Acessado em: 28/01/2018.

Resample. Disponível em: http://weka.sourceforge.net/doc.dev/weka/filters/supervised/instance/Resample.html. Acessado em: 07/06/2017.

Salatas, John. SelfOrganizingMap: Cluster data using the Kohonen's Self-Organizing Map algorithm. Disponível em: http://weka.sourceforge.net/packageMetaData/SelfOrganizingMap/index.html. Acessado em: 01/06/2017.

Seo, Hojin et al . A Novel Biometric Identification Based on a User’s Input Pattern Analysis for Intelligent Mobile Devices. 2012. doi:10.5772/51319. Disponível em: http://cdn.intechopen.com/pdfs-wm/38080.pdf. Acessado em: 04/03/2017.

Wang, Y.; Wei, J.; Vangury, K. Bring your own device security issues and challenges, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC). Anais...IEEE, jan. 2014. Disponível em: http://ieeexplore.ieee.org/articleDetails.jsp?arnumber=6866552. Acessado em: 05/06/2017.

Weka 3 – Data Mining with Open Source Machine Learning Software in Java. Disponível em: http://www.cs.waikato.ac.nz/ml/weka. Acessado em: 10/02/2017.

Wheeler, J. Et Al. ACTIVE AUTHENTICATION USING COVERT COGNITIVE INTERROGATION GAMES. Disponível em: http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA581055. Acessado em: 12/10/2017.

Wu, Junjie. 2012. Advances in K-Means Clustering: A Data Mining Thinking. Springer Publishing Company, Incorporated. ISBN:3642298060 9783642298066.




DOI: https://doi.org/10.34117/bjdv5n7-061.

Refbacks

  • There are currently no refbacks.