Computer-User-Input Behavioral Biometrics Dr. Charles C Computer-User-Input Behavioral Biometrics Dr. Charles C. Tappert Seidenberg School of CSIS, Pace University http://csis.pace.edu/~ctappert/ Subtitle GenCyber Cybersecurity Workshop at Pace University

What are Computer-User-Input Behavioral Biometrics Authentication or identification of individuals based on the unique way they interact with computer devices With desktop/laptop computers, it is the way people input text (motor control of keystroke input), the words and syntax they use (stylometry), the intent (semantics) of the input, as well as the way they move a mouse With smartphones, and to some extent tablets, it concerns all of the above, and everything from how the user holds the phone to how they swipe the screen to which keyboard or gestural shortcuts they use These biometrics are the ones we focus on at Pace University because they have not been as extensively studied as the well-known biometrics

Importance of Computer-Input Biometrics to Identify or Authenticate Computer Users DARPA: Active Authentication – DoD wants to continually authenticate all gov’t computer users Phase 1: 2010 and 2012 – authenticate users on desktops/laptops Phase 2: 2013 and 2015 – authenticate users on mobile devices Phase 3: 2016 - implementation DARPA: Enhanced Attribution – DoD wants technology to attribute actions in cyberspace to individuals 2016-2020 – network behavior and activity tracking of individuals, fusing generated data for predictive analysis

Importance of Computer-Input Biometrics to Identify or Authenticate Computer Users U.S. Higher Education Opportunity Act of 2008 Concerns authentication of students taking online tests Universities are using more online courses Requires institutions of higher learning to adopt new identification technologies as they become available To assure students of record are those accessing the systems and taking the exams in online courses

Attribution and Intrusion Detection Plan Multi-biometric System Motor control level – keystroke + mouse movement Linguistic level – stylometry (char, word, syntax) Semantic level – target likely intruder commands Intruder Keystroke + Mouse Stylometry Motor Control Level Linguistic Semantic

Keystroke Biometrics Based on idea that generated patterns are unique to individuals and difficult to duplicate Appeal of keystroke over other biometrics Not intrusive, inexpensive, continual user verification The keystroke biometric is one of the less-studied behavioral biometrics

Pace Univ. Keystroke Biometric Studies Most literature studies have been on short input of a few seconds Commercial products on hardening passwords Pace University studies on desktop/laptop mechanical keyboards Short input of few seconds Vinnie Monaco, now at ARL, entered 2016 contest: we have World’s Best System Phone number – similar to CMU study (Ned Bakelman and Vinnie Monaco) Long text input of several minutes Online test taking (Mary Villani, John Stewart, Vinnie Monaco, Steve Kim) Impaired users – left hand, right hand, and both hands input (Gonzalo Perez) Pace University studies on mobile device touchscreens Numeric input – phone # – similar to CMU study (Mike Coakley) Features – pressure & location/area of finger press on keys, acceleration & gyroscope information Names are doctoral students

Mouse Movement and Stylometry Traits

Pace Univ. Mouse & Stylometry Studies Combining keystroke/stylometry info: John Stewart Stylometry can compliment keystroke analysis The correct student may be keying in the test answers provided by a coach, with the student merely typing the coach’s words This would not be discovered via keystroke analysis But potentially could through stylometry analysis Stylometry analysis of Facebook postings Dissertation study by Jenny Li

Interesting Related Videos IBM Trusteer Car Driving Biometric (2 min) IBM Watson future (2 min) IBM Watson (8 min) IBM Watson robot (51 min) IBM CEO Ginni Rometty (28 min) A View of the Future of CyberSecurity – RSA Conf 2017 (2 min) Google's Great AI Awakening – RSA Conf 2017 (40 min) Other RSA Conf 2017 videos RSA Amazon CEO Jeff Bezos (80 min) Another keystroke biometric demo

Sources of Dissertations and Papers Research Day Conference Proceedings 2017 Research Day Conference – stylometry examples below The Correlation between the Topic and Emotion of Tweets through Machine Learning Three Topics: Politics, Religion, Family Three Emotions: Happiness, Sadness, Anger Sentiment Analysis of Twitter Messages Using Word2Vec Classify tweets as displaying positive, negative, or neutral sentiment Doctoral of Professional Studies (DPS) program DPS Doctoral Dissertations.

Copyright for Material Reuse This materials are developed under the support of the GenCyber program of the National Security Agency and the CyberCorps program of the National Science Foundation. Copyright© 2017 Charles Tappert (ctappert@pace.edu), Pace University. Please properly acknowledge the source for any reuse of the materials as below. Charles Tappert, 2017 GenCyber Cybersecurity Workshop, Pace University Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html.

Acknowledgment The authors would like to acknowledge the support from the GenCyber program of the National Security Agency and the CyberCorps program of the National Science Foundation. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation, the National Security Agency or the U.S. government.