ERINYES: A CONTINUOUS AUTHENTICATION PROTOCOL
Loading...
Authors
Lopez, Fabian A.
Hathaway, Gage A.
Subjects
machine learning
biometric encryption
security
FAR
false acceptance rate
FRR
false reject rate
biometric encryption
security
FAR
false acceptance rate
FRR
false reject rate
Advisors
Singh, Gurminder
Monaco, Vinnie
Date of Issue
2022-09
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
The need for user authentication in the digital domain is paramount as the number of digital interactions that involve sensitive data continues to increase. Advances in the fields of machine learning (ML) and biometric encryption have enabled the development of technologies that can provide fully remote continuous user authentication services. This thesis introduces the Erinyes protocol. The protocol leverages state of the art ML models, biometric encryption of asymmetric cryptographic keys, and a trusted third-party client-server architecture to continuously authenticate users through their behavioral biometrics. The goals in developing the protocol were to identify if biometric encryption using keystroke timing and mouse cursor movement sequences were feasible and to measure the performance of a continuous authentication system that utilizes biometric encryption. Our research found that with a combined keystroke and mouse cursor movement dataset, the biometric encryption system can perform with a 0.93% False Acceptance Rate (FAR), 0.00% False Reject Rate (FRR), and 99.07% accuracy. Using a similar dataset, the overall integrated system averaged 0% FAR, 2% FRR and 98% accuracy across multiple users. These metrics demonstrate that the Erinyes protocol can achieve continuous user authentication with minimal user intrusion.
Type
Thesis
Description
Series/Report No
Department
Computer Science (CS)
Computer Science (CS)
Organization
Identifiers
NPS Report Number
Sponsors
Funding
Format
Citation
Distribution Statement
Approved for public release. Distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.