Continuous User Identity Verification Via Mouse Gesture Dynamics
Prasanna Y. Kumawat
ME- Comp, SRES College Of Engineering, Kopargaon,
(Pune University)
Abstract: Most of the online websites and ebanks
uses alphanumeric username and password to
identity user. But such a credentials like
passwords,PIN’s(Personal identification Number),
smartcards etc. are easily stolen by hackers. User
verification method provides additional layer of
security to existing computer security. So in this
paper I am introducing a novel method that
continuously verifies users according to
characteristics of their interaction with pointing
device of the computer (e.g. mouse,touch pad ) .
Keywords- Mouse dynamics, Behavioral biometrics,
Security monitoring, Verification, Mouse, Pointing
devices
Behavioral biometric scheme is applicable to
high risk environments or where the cost of
unauthorized use of a computer is high, continuous
verification of the user’s identity is extremely
important. Continuous user identity verification
scheme has built around the biometrics supplied by
the user behavioural characteristics and continuously
check the identity of the user throughout a session.
These user characteristics are captured and are stored
in database according to each user’s profile.
Whenever user user tries to relogin into the system
these user characteristics are compared with current
user’s characteristics. From that user identity is
verified by the system.
II.
I.
INTRODUCTION
Now a days most of the online websites and
ebanks, identifies users by using usernames and
passwords or PINS. But there are many hacking
techniques to steal such a user credientials. Some of
the techniques are phishing attacks, key logger and so
on. User verification process adds one more layer to
existing security level. There are two types of user
verification methods. One is Physiological
verification and second is Behavioral verification.
Drawback of physiological verification method is
required dedicated hardware devices like retina or
finger print scanner. And these devices are expensive
and are not available easily. So cost for implementing
physiological verification scheme is more. On the
otherhand behavioral biometric verification method
do not required dedicated hardware. It uses
commonly available devices like mouse or keyboard.
In [2] there is survey on Keystroke Dynamics which
is one of the famous biometric technologies, which
will try to identify the authenticity of a user when the
user is working via a keyboard. The verification
process is done by observing change in the typing
pattern of user. In [1] we get how actually mouse
based method is work. It also provides basic metrics
to measure performance of behavioral biometric
devices. Since biometric-based verification systems
are a special case of classifiers [4], their performance
is
evaluated
using
similar
measurements.
Specifically, the following measurements are used:
RELATED WORK
As we know recently a number of researches were
conducted to explore the utilization of machine
learning techniques in different biometric systems.
Most commonly behavioral verification techniques
based on (a) Mouse dynamics,which are derived from
the user mouse interaction and the focus of this
implementation is based on mouse dynamics of the
user; (b) Keystroke dynamics,which derived from
keyboard activity. Such as frequency of key pressing
and typing speed etc; (c) Software interaction,which
rely on features extracted from the interaction of user
with specific software tool. Several works on
Keyboard dynamics has already done. [1] has stated
mouse dynamics method can be categorized into two
types of learning: implicit and explicit.



False Acceptance Rate (FAR) – measures
the ratio between the number of attacks that
were erroneously labeled as authentic
interactions and the total number of attacks.
False Rejection Rate (FRR) – measures the
ratio between the number of legitimate
interactions that were erroneously labeled as
attacks and the total number of legitimate
interactions.
ROC Curve – A ROC curve is a graphical
representation of the tradeoff between the
FAR and the FRR for various threshold
values.


Area Under Curve (AUC) – measures the
area under the ROC curve. A lower AUC is
sought after since it corresponds to better
performance.
Equal Error Rate (EER) – The rate at
which both acceptance and rejection error
rates are equal. Low EER values indicate an
accurate authentication system.
III.
PROPOSED WORK
In this paper I am proposing a novel verification
method which verifies a user based on each
individual mouse action. This method requires the
mouse events generated during user interaction. It
takes aggregation of its coordinates and different
activities before accurate user verification process.
Verification of each individual mouse action
increases the accuracy while reducing the time that is
needed to verify the identity of the user since the
fewer actions are required to achieve a specific
accuracy level, as compared to the histogram- based
approach which is explained in [1]. The general
architecture of the proposed system is shown in fig.1.
Figure.1 General System Architecture
A biometric-based user verification system is
essentially a pattern recognition system that acquires
biometric data from an individual, extracts a feature
set to establish a unique user signature and constructs
a verification model by training it on the set of
signatures.
The system is divided into mainly two phases as
follows;
I. Training Phase: In the training phase, the training
data was used to build the classifier model and store
the model in a database for use in testing phase. Each
genuine user has his/her own classifier model.
II. Testing Phase: In the testing phase, we are going
to test data which was separated from the training
data for comparison. In the comparison, we will use
the model stored in the database and obtain the
classifier score (probability) on each sample of the
test data. This score will then be used to update the
trust value C in the trust model. Finally, the trust
value C was used in the decision module, to
determine if the user will be locked out or can
continue using the PC. This decision was made based
on the current trust value and the lockout threshold.
Both the phases uses common components as
follows:
 Event acquisition - captures the events
generated by the various input devices used
for the interaction (e.g. mouse) via their
drivers, some mouse events can be left down
(LD), left up (LU), right down (RD), right
up (RU), mouse move (MM), silence (S)
etc.
 Feature extraction - High level features can
be extracted from that events and the
signature will be constructed which
characterizes the behavioral biometrics of
the user, The features may include Left
Click (LC), Right Click (RC), Mouse Move
Sequence (MMS) etc.
 Classifier Model - is used to build the user
verification model to classify the signatures.
During verification, the model is used to
classify new samples acquired from the user.
Any classifiers can be used depend on its
availability and its knowledge.
 Store Model- is used to store the signature
of user. If multiple users exist for system,
then upon the entry of a username, signature
of that user will retrieve for verification
process [1].
In the store model i.e database, the signature
will consist number of mouse moves; number of left
clicks, number of right clicks, number of silence
along with time intervals and aggregation of mouse
Co-ordinates. Same type of signature will be created
for every session.
IV.
CONCLUSION
In this paper I introduces a novel method for user
identity verification which based on mouse dynamics.
As it is difficult to trace mouse movements of
particular user, this approach is more secure than any
other authentication system. So this method adds one
more layer to existing security methods.
REFERENCES
1.
2.
3.
Clint Feher, Yuval Elovici, Robert
Moskovitch, Lior Rokach, Alon Schclar,
“User identity verification via mouse
dynamics”, Information Sciences 201 (2012)
19–36.
D. Shanmugapriya, Dr. G. Padmavathi, “A
Survey
of
Biometric
keystroke
Dynamics:Approaches,
Security
and
Challenges”, IJCSI Vol. 5, No. 1(2009).
E. Erzin, Y. Yemez, A.M. Tekalp, A. Eril,
H. Erdogan, H. Abut, "Multimodal person
recognition for human vehicle interaction",
IEEE MultiMedia (2006) 18-31.
4.
P. Grother, E. Tabassi, "Performance of
biometric
quality
measures",
IEEE
Transactions on Pattern Analysis and
Machine Intelligence (2007) 531-543.
5.
A.A.E. Ahmed, I. Traore, "A new biometric
technology based on mouse dynamics",
IEEE Transactions on Dependable and
Secure Computing (2007)165-179.
6.
M. De Marsico, M. Nappi, D. Riccio, G.
Tortora, "NABS: novel approaches for
biometric systems", IEEE Transactions on
Systems, Man, and Cybernetics, Part C:
Applications and Reviews (2011) 481-493.
7.
B J Gorad, D.V Kodavade, "User Identity
Verification Using Mouse Signature", IOSR
Journal of Computer Engineering (2013) 3336