Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Modeling and Evaluation of Continuous Authentication with Keystroke Dynamics
Download
mbiyik_2231454_master_thesis.pdf
Date
2023-7-17
Author
Bıyık, Mustafa
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
283
views
255
downloads
Cite This
Authentication with single- and multi-factor credentials alone cannot prevent sophisticated identity theft attacks like account takeovers and session hijackings. Companies and individuals may suffer catastrophic losses and critical infrastructure may be destroyed as a result of these attacks. Detecting identity theft and session hijacking attacks with continuous authentication schemes is emerging as a promising technique for extending traditional identity and access management (IAM) strategies. As a first step, user authentication and authorization are key components of IAM strategies that protect data security and privacy. A continuous authentication system verifies the identity of a user repeatedly or continuously based on behavior patterns unique to each user rather than simply identifying users through their credentials one time, as is the case in classical authentication. As a result, due to its hard-to-imitate nature, personal keystroke dynamics can be used for identity authentication. Also, verification can be done without affecting input, and authentication is made in the background without affecting users' input. Two different methods are used in this thesis. The first approach is that the behavioral characteristics of the user for keystroke dynamics are modeled as a Gamma distribution due to the right skewness of keystroke data distributions. For each user in the system, a reference Gamma model and observed Gamma models are generated from keystroke dynamics features such as the time between two key presses. The error distances measured with Jensen-Shannon (JS) distance metric between the reference models and the observed model are used for user identification. M-ary hypothesis testing method is used in the decision stage of user detection. Also, simulations and different scenarios are done to evaluate the performance of the proposed model in the thesis. The second approach is based on the conversion of keystroke data with a constant length into a 2D image. By using this transformation process, we can train images based on convolutional neural networks (CNNs) while maintaining all the characteristics of the behavioral signal. Popular CNN architectures which are Resnet-18, DenseNet-121, EffifcientNetB0, ShuffleNet, and a Basic CNN model created for the research are used. Implementation of Gamma model distribution is easier. On the other side, CNN provides higher accuracy. In this thesis, two different authentication methods are evaluated in terms of accuracy and efficiency on different datasets.
Subject Keywords
continuous authentication, keystroke dynamics, Gamma distribution, hypothesis testing, CNN
URI
https://hdl.handle.net/11511/104837
Collections
Graduate School of Natural and Applied Sciences, Thesis
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
M. Bıyık, “Modeling and Evaluation of Continuous Authentication with Keystroke Dynamics,” M.S. - Master of Science, Middle East Technical University, 2023.
