{"title":"利用机器学习对用户和设备进行情境认证","authors":"Divyans Mahansaria, Uttam Kumar Roy","doi":"10.1007/s00607-024-01333-7","DOIUrl":null,"url":null,"abstract":"<p>At the time of authentication, confidential data are exchanged between the user/device and the authentication server to determine the legitimacy of the source requesting authentication. Safeguarding the authentication process from security attacks is of utmost importance, and various authentication methods exist depending on the system’s requirements. However, no authentication process can guarantee full-proof security. This research aimed to use the context of users and devices during authentication to detect anomalies and security-related attacks. In particular, denial-of-service (DoS)/distributed denial-of-service (DDoS) attacks and brute-force attacks have been analyzed in detail using contextual information. Extensive simulations were conducted on the benchmark CIC-IDS2017 dataset using the Weka tool. The performance metrics of recall, precision, accuracy, f-score, and model-built time were computed for the four machine-learning classifiers—J48, Random Forest, Multi-Layer Perceptron, and Bayes Net—for different combinations of data splits and groups of data features. For both DoS/DDoS and brute-force attacks, some of the experimental results show a more than 99% value for recall, precision, accuracy, and f-score. The results of the experiments, security analysis, and threat modeling show that the proposed authentication scheme effectively enhances a secure system’s security level.</p>","PeriodicalId":10718,"journal":{"name":"Computing","volume":"183 1","pages":""},"PeriodicalIF":3.3000,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Contextual authentication of users and devices using machine learning\",\"authors\":\"Divyans Mahansaria, Uttam Kumar Roy\",\"doi\":\"10.1007/s00607-024-01333-7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>At the time of authentication, confidential data are exchanged between the user/device and the authentication server to determine the legitimacy of the source requesting authentication. Safeguarding the authentication process from security attacks is of utmost importance, and various authentication methods exist depending on the system’s requirements. However, no authentication process can guarantee full-proof security. This research aimed to use the context of users and devices during authentication to detect anomalies and security-related attacks. In particular, denial-of-service (DoS)/distributed denial-of-service (DDoS) attacks and brute-force attacks have been analyzed in detail using contextual information. Extensive simulations were conducted on the benchmark CIC-IDS2017 dataset using the Weka tool. The performance metrics of recall, precision, accuracy, f-score, and model-built time were computed for the four machine-learning classifiers—J48, Random Forest, Multi-Layer Perceptron, and Bayes Net—for different combinations of data splits and groups of data features. For both DoS/DDoS and brute-force attacks, some of the experimental results show a more than 99% value for recall, precision, accuracy, and f-score. The results of the experiments, security analysis, and threat modeling show that the proposed authentication scheme effectively enhances a secure system’s security level.</p>\",\"PeriodicalId\":10718,\"journal\":{\"name\":\"Computing\",\"volume\":\"183 1\",\"pages\":\"\"},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2024-09-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s00607-024-01333-7\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00607-024-01333-7","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
摘要
在进行身份验证时,用户/设备与身份验证服务器之间会交换机密数据,以确定请求身份验证来源的合法性。防止身份验证过程受到安全攻击是最重要的,根据系统的要求有各种身份验证方法。然而,没有任何一种身份验证过程能保证完全安全。这项研究旨在利用用户和设备在身份验证过程中的上下文来检测异常情况和与安全相关的攻击。特别是,利用上下文信息详细分析了拒绝服务(DoS)/分布式拒绝服务(DDoS)攻击和暴力破解攻击。使用 Weka 工具在基准 CIC-IDS2017 数据集上进行了大量模拟。针对不同的数据拆分组合和数据特征组,计算了四种机器学习分类器--J48、随机森林、多层感知器和贝叶斯网的召回率、精确度、准确率、f-分数和建模时间等性能指标。对于 DoS/DDoS 和暴力破解攻击,部分实验结果显示召回率、精确率、准确率和 f 分数均超过 99%。实验、安全分析和威胁建模的结果表明,所提出的认证方案能有效提高安全系统的安全级别。
Contextual authentication of users and devices using machine learning
At the time of authentication, confidential data are exchanged between the user/device and the authentication server to determine the legitimacy of the source requesting authentication. Safeguarding the authentication process from security attacks is of utmost importance, and various authentication methods exist depending on the system’s requirements. However, no authentication process can guarantee full-proof security. This research aimed to use the context of users and devices during authentication to detect anomalies and security-related attacks. In particular, denial-of-service (DoS)/distributed denial-of-service (DDoS) attacks and brute-force attacks have been analyzed in detail using contextual information. Extensive simulations were conducted on the benchmark CIC-IDS2017 dataset using the Weka tool. The performance metrics of recall, precision, accuracy, f-score, and model-built time were computed for the four machine-learning classifiers—J48, Random Forest, Multi-Layer Perceptron, and Bayes Net—for different combinations of data splits and groups of data features. For both DoS/DDoS and brute-force attacks, some of the experimental results show a more than 99% value for recall, precision, accuracy, and f-score. The results of the experiments, security analysis, and threat modeling show that the proposed authentication scheme effectively enhances a secure system’s security level.
期刊介绍:
Computing publishes original papers, short communications and surveys on all fields of computing. The contributions should be written in English and may be of theoretical or applied nature, the essential criteria are computational relevance and systematic foundation of results.