TWC: Medium: Collaborative: Long-term Active User Authentication Using Multi-modal Profiles

TWC：中：协作：使用多模式配置文件进行长期活跃用户身份验证

• 批准号: 1314803
• 负责人: Venugopal Govindaraju
• 金额: $ 84.97万
• 依托单位: SUNY at Buffalo
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-09-15 至 2017-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1314803&HistoricalAwards=false
• 关键词: TWC; Medium; Collaborative; Long; term

This project aims at advancing the state-of-the-art in cybersecurity by developing efficient methods for generating novel biometric signatures and performing active and continuous user authentication. Current authentication procedures typically occur once at the initial log-in stage and involve user proxies such as passwords and smart cards which suffer from several vulnerabilities. This research addresses these limitations by developing probabilistic, generative models to represent multimodal biometrics of every user in the system, so that any significant deviation from the user-specific model flags the presence of an imposter. This novel technique specifically targets mitigation of masquerading attacks which are particularly challenging to detect as they are mostly carried out by insiders familiar with the activity patterns of the authorized user. The approach enables identification of intruders before they can hijack a user session of an authorized individual who may have momentarily stepped away from his/her console.The project also involves extensive usability tests for seamless integration of the authentication processes in real-life computer and network systems, thus ensuring that data about the behavior and performance of people using the network is fed-back and incorporated into future designs of the security protocols. The methods also readily extend to protecting both wired and wireless networks, and mobile devices.

该项目旨在通过开发有效的方法来生成新的生物特征签名并进行主动和连续的用户身份验证，从而推进网络安全的最新技术水平。目前的身份验证程序通常在初始登录阶段进行一次，涉及密码和智能卡等用户代理，这些代理存在几个漏洞。本研究通过开发概率生成模型来表示系统中每个用户的多模态生物特征，从而解决了这些限制，因此任何与用户特定模型的显著偏差都标志着冒名顶替者的存在。这种新颖的技术专门针对缓解伪装攻击，这是特别具有挑战性的检测，因为它们主要是由熟悉授权用户的活动模式的内部人员进行的。 该方法能够在入侵者劫持可能暂时离开其控制台的授权个人的用户会话之前识别入侵者。该项目还涉及广泛的可用性测试，用于在现实生活中的计算机和网络系统中无缝集成认证过程，从而确保关于使用网络的人的行为和表现的数据被反馈并被结合到安全协议的未来设计中。该方法还容易扩展到保护有线和无线网络以及移动的设备。