BehavioSec has been awarded phase 2 research of the Active Authentication program.
Phase 2 is continuing the success of BehavioSec participation of phase 1 2012/2013. The phase 1 was researching modalities for Active Authentication based on behavioral biometrics on a workstation, finding patterns on how users interact by typing and mouse movements and applying that to a continuous feed. Think of it as working as normal it recognize that it is the correct user, however the software within a couple of seconds detects a false user taking over the workstation.
Phase 2 of the DARPA Active Authentication program, BAA 13-16, is focusing on developing software sensors to collect behavioral biometric modalities to secure a mobile phone.
Details of the Phase 2 research
Keyboard/keystroke dynamics
We are looking for how a person is typing, not what a person is typing. We use keystroke dynamics (press, flight and sequence).
This is the basics of the technology and using the input that comes from typing on a native keyboard. However modern devices offer more rich data as pressure, accelerometer and gyro information as well as the position of the touch on the pressed key.
Gesture Dynamics/Swipe patterns
Touch devices offer rich data not just from the way users interact whilst typing. Swiping patterns inside applications and how a user is routinely handling their device is another modality that is used as a behavioral biometric input.
For gestures we use all the availabe modalities of the touch, like distance and time travelled, as well as the points when entering or leaving measurement points.
Modalities to create Active Authentication
We merge these into a model to create what we call trust. Trust that it is the correct user accessing the mobile phone at this moment due to the continuous approach of Active Authentication.
The trust have been defined by the US National Institute of Standards and Technology (NIST) as systems exploiting “automated methods of recognizing a person based on physiological or behavioral characteristics”.
CAC Authentication
Now we have the biometric input from the user, but how can we tell it is in fact the correct user to verify against?
On a standard DoD workstation each user are assigned a Common Access Card (CAC), why not use that in the verification process by using Near Field Communication (NFC) enabled cards?
