An application-specific continuous authentication system using document reading behavior

Abstract

This thesis addresses a continuous authentication system using document reading behavior. Continuous authentication typically uses behavioral biometrics such as command sequence, keystroke, or mouse movement dynamics. By using behavioral biometrics, it satisfies two conditions for continuous authentication: non-intrusive and transparency. Based on the inherent behavior for individuals, document reading behavior is one of behavioral biometrics newly proposed in this thesis. A logger program, as a form of macro for Microsoft Word, was made to record events related to individual`s document reading behavior. In pilot experiment, five features were extracted from the attributes which can be gathered via the logger program. Machine learning was conducted with Na\"ive Bayes algorithm. I confirmed the possibility of continuous authentication system using document reading behavior. Then, the features were modified to represent concrete reading behavior. There are three features rearranged in main experiment. Machine learning was conducted with Na\"ive Bayes, Support Vector Machine, Random Forest, and Classification and Regression Trees (CART) classifier. Evaluation result shows that Random Forest achieved comparably better performance in terms of false positive rate and false negative rate. According to the performance result through machine learning, the continuous authentication method using user`s documeent reading behavior is efficient to verify the identity of user. Also it is confirmed that the continuous authentication method is a proper defense method against masquerade attack.