Cyber attacks has always been of a great concern. Websites and services with poor security layers are the most vulnerable to such cyber attacks. The attackers can easily access sensitive data like credit card details and social security number from such vulnerable services. Currently to stop cyber attacks, various different methods are opted from using two-step verification methods like One-Time Password and push notification services to using high-end bio-metric devices like finger print reader and iris scanner are used as security layers. These current security measures carry a lot of cons and the worst is that user always need to carry the authentication device on them to access their data. To overcome this, we are proposing a technique of using keystroke dynamics (typing pattern) of a user to authenticate the genuine user. In the method, we are taking a data set of 51 users typing a password in 8 sessions done on alternate days to record mood fluctuations of the user. Developed and implemented anomaly-detection algorithm based on distance metrics and machine learning algorithms like Artificial Neural networks (ANN) and convolutional neural network (CNN) to classify the users. In ANN, we implemented multi-class classification using 1-D convolution as the data was correlated and multi-class classification with negative class which was used to classify anomaly based on all users put together. We were able to achieve an accuracy of 95.05% using ANN with Negative Class. From the results achieved, we can say that the model works perfectly and can be bought into the market as a security layer and a good alternative to two-step verification using external devices. This technique will enable users to have two-step security layer without worrying about carry an authentication device.
翻译:网络攻击一直是一个极大的关注点。安全层差的网站和服务是最容易遭受网络攻击的对象。攻击者可以轻易地从这些易受攻击的服务中获取敏感数据,如信用卡详细信息和社会安全号码。目前防止网络攻击采用各种不同的方法,从使用二步验证方法,如一次性密码和推送通知服务,到使用高端生物识别设备,如指纹识读器和虹膜扫描仪作为安全层。这些当前的安全措施都存在不少缺点,最糟糕的是用户需要随身携带验证设备才能访问其数据。为了克服这一难点,我们提出了一种使用用户的按键动态(输入模式)来验证真正用户的技术。在这种方法中,我们采用了51个用户在8个交替日期中输入密码时的数据集来记录用户的情绪波动,根据距离度量和机器学习算法,如人工神经网络(ANN)和卷积神经网络(CNN),开发和实现了异常检测算法来对用户进行分类。在ANN中,我们使用1-D卷积实现了多类别分类,由于数据相关,使用包含所有用户的异常的负类别实现了多类别分类。我们使用ANN和负类别实现了95.05%的准确性。从所取得的结果可以看出,该模型完美地奏效,可以作为一种安全层并成为外部设备二步验证的良好替代方案。这种技术将使用户在无需担心携带身份验证设备的情况下获得二步安全层。