Shen Fu, Mathew L. Wymore, Ting-Wei Chang, D. Qiao
{"title":"A Novel Software System Protection Scheme Based on Behavior and Context Monitoring","authors":"Shen Fu, Mathew L. Wymore, Ting-Wei Chang, D. Qiao","doi":"10.4018/ijsssp.2019010102","DOIUrl":null,"url":null,"abstract":"The restriction of access to software systems is more important than ever. Yet, most primary authentication methods are still largely based on passwords, which are vulnerable to various attacks such as phishing scams and keyloggers. Advanced methods of behavior-based authentication exist, but most are platform-specific and are not generally applicable. In this article, the authors propose a generic continuous authentication scheme for software systems, which supplements existing authentication schemes and works as an auxiliary layer to provide additional protection against impostors. The kernel of their scheme is a novel monitoring engine that detects impostors in real-time based on behavior and context information. The authors evaluate their scheme on a dataset consisting of real users' historical records provided by their industrial partner, and the results demonstrate that the approach achieves a high classification accuracy with only a short delay in detection, allowing for real-time, continuous authentication.","PeriodicalId":135841,"journal":{"name":"Int. J. Syst. Softw. Secur. Prot.","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Syst. Softw. Secur. Prot.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijsssp.2019010102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The restriction of access to software systems is more important than ever. Yet, most primary authentication methods are still largely based on passwords, which are vulnerable to various attacks such as phishing scams and keyloggers. Advanced methods of behavior-based authentication exist, but most are platform-specific and are not generally applicable. In this article, the authors propose a generic continuous authentication scheme for software systems, which supplements existing authentication schemes and works as an auxiliary layer to provide additional protection against impostors. The kernel of their scheme is a novel monitoring engine that detects impostors in real-time based on behavior and context information. The authors evaluate their scheme on a dataset consisting of real users' historical records provided by their industrial partner, and the results demonstrate that the approach achieves a high classification accuracy with only a short delay in detection, allowing for real-time, continuous authentication.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
