摘要
随着互联网技术的快速发展,安全问题一直是人们关注的焦点。基于鼠标行为的持续身份认证对于保护计算机系统的安全起着至关重要的作用。针对鼠标行为认证方法存在的认证准确率较低和认证时间较长的问题,提出了一种新的基于鼠标行为的持续身份认证方法。该方法将用户的鼠标事件序列按不同的类型划分为相应的鼠标行为,并基于鼠标行为从多方面挖掘鼠标行为特征,对于时间和空间的特征值需要计算其统计值来唯一表示,从而更好地表示不同用户的鼠标行为差异,提高认证准确率。通过ReliefF算法得到鼠标行为特征的重要度,并在此基础上结合邻域粗糙集去除鼠标行为的无关或冗余特征,以达到降低模型复杂度和建模时间的目的,并采用二分类算法进行认证模型的训练。在身份认证时会根据每次收集的鼠标行为使用认证模型得到分类得分,再结合信任模型更新用户的信任值,当用户的信任值降低到信任模型阈值以下时,就会被判断为非法用户。在Balabit和DFL数据集上对所提方法的身份认证效果进行仿真实验,结果表明,该方法相较于其他文献的方法,不仅可以提高身份认证准确率、降低身份认证时间,而且对于外部用户的非法入侵具有一定的鲁棒性。
With the rapid development of Internet technologies,security issues have always been the hot topics.Continuous identity authentication based on mouse behavior plays a crucial role in protecting computer systems,but there are still some problems to be solved.Aiming at the problems of low authentication accuracy and long authentication latency in mouse behavior authentication method,a new continuous identity authentication method based on mouse behavior was proposed.The method divided the user’s mouse event sequence into corresponding mouse behaviors according to different types,and mined mouse behavior characteristics from various aspects based on mouse behaviors.Thereby,the differences in mouse behavior of different users can be better represented,and the authentication accuracy can be improved.Besides,the importance of mouse behavior features was obtained by the ReliefF algorithm,and on this basis,the irrelevant or redundant features of mouse behavior were removed by combining the neighborhood rough set to reduce model complexity and modeling time.Moreover binary classification was adopted.The algorithm performed the training of the authentication model.During identity authentication,the authentication model was used to obtain a classification score based on the mouse behavior collected each time,and then the user’s trust value was updated in combination with the trust model.When the user’s trust value fell below the threshold of the trust model,it might be judged as illegal user.The authentication effect of the proposed method was simulated on the Balabit and DFL datasets.The results show that,compared with the methods in other literatures,this method not only improves the authentication accuracy and reduces the authentication latency,but also has a certain robustness to the illegal intrusion of external users.
作者
易聪
胡军
YI Cong;HU Jun(Chongqing Key Laboratory of Computational Intelligence(Chongqing University of Posts and Telecommunications),Chongqing 400065,China;College of Computer Science and Technology,Chongqing University of Posts and Telecommunications,Chongqing 400065,China)
出处
《网络与信息安全学报》
2022年第5期179-188,共10页
Chinese Journal of Network and Information Security
基金
国家自然科学基金(61936001,61876201,61876027)
重庆市教委重点合作项目(HZ2021008)
重庆市自然科学基金(cstc2019jcyj-cxttX0002,cstc2021ycjh-bgzxm0013)。
关键词
身份认证
鼠标行为
邻域粗糙集
特征选择
信任模型
identity authentication
mouse behavior
neighborhood rough set
feature selection
trust model
