8/11/2019 Known User Continuous Authentication System

1/2

Known User Continuous Authentication System

Ines Brosso1 Fernando Ferreira2

College of Computation and Informatics,

Mackenzie Presbyterian University,Sao Paulo, Brazil

inesbrosso@mackenzie.br1 fer.henrique@gmail.com2

Graa Bressan3 Wilson V Ruggiero4

Laboratory of Computer Architecture and Networks,

Department of Computer and Digital System Engineering,Polytechnic School of So Paulo University, Brazil

gbressan@larc.usp.br 3 ruggiero@larc.usp.br 4

Abstract This work presents KUCAS (Known User ContinuousAuthentication System), a work-in-progress security system, that hasa continuous authentication mechanism of users in software

application. The KUCAS system makes use of environmental contextinformation, users behavior analysis, the behavior theories of Skinnerand the Mathematical Confidence of Dempster-Shafer EvidencesTheory, that establishes trust levels to authenticate the user by his

behavior analysis, during an application software, in a specificdomain of the computer networks, in a period of time. The dynamicsof enclosed management in this system compares the currentbehavior with the users previous behaviors description and with the

trust restrictions. In case of indications of changes in the users

behavior, the system provides the behavior analysis of the user usingdatabase restrictions information. If there are uncertainties anddivergences, mechanisms of security and alert signals are triggered.

Keywords-component: Security and Content Protection,

Pervasive and Ambient Applications Computer, Access control,

Continuous Authentication Process, Behavioral science, Adaptative

Security Policy.

I. THE KUCASSYSTEM

KUCAS (Known User Continuous Authentication System)

is a security system that has a continuous authenticationmechanism of users [1]. A continuous authentication of theuser in an application software is extremely important and acomplement to the initial authentication. KUCAS Systemextracts behavioral information of users, in the environment,using context-aware computing. The human behavior is basedon contextual information, based on previous behavioralhistory, previous history of reinforcement of behavior andconduct of the person to immediately interact with theenvironment. The key concept of the thinking of Skinner'sbehavior is operant conditioning that is a mechanism thatrewards a response of an individual until he is conditioned toassociate the need for action [4]. The human behavior isuncertain and complex, defying the attempts of analysis, for

this should be based on rigorous methods of isolation ofvariables. The scientific analysis of the human behavior startsin the knowledge and isolation of the parts of an event, todetermine the characteristics and the dimensions of theoccasion where the behavior occurs, and to define the changesproduced in answers to the environment, space, time andopportunities. Thus, it can be said that the environment, thevirtual space and the physical space establish the conditions tooccur a behavior. When the organism answers to anenvironmental stimulation and the consequences of its reply

are awardees, this makes the probability of similar answersincrease; when the consequences are punitive, diminish suchprobability. It is in this way, the environmental variablesmodel the behavior of the users, in a conditioning process. Inanalogous way, during a software application session, the userbehavior is conditioned when interacting with an electro-electronic device and the software application. The user willassociate the situations occurred with other similar,generalizing this learning to a larger context of life. This may

be considered in the context of an authentication system andthe security aspects. KUCAS system has two different types ofauthentication: 1. Initial Authentication: the person informsthe access code and password which will be used for accessingthe software applications. 2. Continuous authentication:ensuring the authenticity of the person during thecommunication and over-application processing software, thesystem verifies the databases periodically, without thenecessity for confirmation of the authentication, everything isdone so ubiquitously, an authentication which extendscontinuously over the time interval in which the user interactswith the application software. The KUCAS System has aninfrastructure composed by one framework (F-KUCAS), aSecurity Module (S-KUCAS) and an Algorithm of ContinuousAuthentication (A-KUCAS) that analyzes the user behaviorand give him the trust level. The user accesses a softwareapplication in the wired or wireless network, the system isactivated and KUCAS capture the user behavior informationin the environment through the F-KUCAS framework, whichtriggers the algorithm A-KUCAS and the security module S -KUCAS; with the increase of user interaction with theenvironment, the KUCAS system will varying the initial levelof trust attributed to the user [3, 4]. The KUCAS system hasthree distinct stages: 1stage - to capture the information of theuser behavior in the environment, 2stage - to analyze the userbehavior, 3stage to increment/decrement the trust. Thecapture of user behavioral information in the environment is

done from the time when the user is identified and accesses asoftware application to the time when he closes it. Theinformation obtained is the evidence of user behavior. Theprocess of continuous authentication is done by The KUCASSystem that capture the environment context informationusing the contextual dimensions {who, where, when, what}defined by the Context-aware Computing and a variable calledrest that represents the behavioral restrictions for a user.

978-1-4244-5176-0/10/$26.00 2010 IEEE

This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE CCNC 2010 proceedings

8/11/2019 Known User Continuous Authentication System

2/2

Figure 1: The KUCAS Implementation

At the first moment, the user is identified by the KUCAS

system that starts a behavioral analysis of the user in a

software application session using the trust. The trust, the

concept that we humans use to give trust or not to a person is

based in the behavior and in the reputation. The trust in a

person is not the dichotomy of trust or not, it is dimensional

and it can be measured. For this, KUCAS System stipulatestrust levels based in the behavioral analysis of the user and in

the trust restrictions generated by the user. Along the time and

in accordance with the behavior analysis, the user trust level

can suffer variations, and thus, KUCAS System interacts with

the user and determines evidences to increase or to decrease

the trust in the user. The measures of trust and distrust are so

mutually dual and therefore, the measure of distrust can also

be defined as independent of the measure of trust. With the

time passing and in accordance with the behavior analysis, the

trust level in the user can suffer variations, and thus, KUCAS

System interacts with the user and it determines evidences to

increase or to decrease the trust in the user. Trust is based in

two not complementary measures: Confidence is an abstractconcept that shows a belief in the sincerity / authenticity of a

person in another person. Given the uncertainty and doubt, it is

often necessary to take decisions based on evidences, which

are not always accurate. The heuristic to define the initial trust

value is determined by a model based on the user behavior, his

activity at the moment, his localization, the schedule where the

current behavior occurs and the user behavior description. The

KUCAS system is being validated with successful tests and

simulations to continuous authenticate a user identity in

Internet banking and to protect financial information

resources.The KUCAS System, based on the evidences of the

behavior, establishes if it trusts or not in the user and the

behavior analysis reflects the personality of the user/consumer,

even in a conditioned environment. The KUCAS System

preserves the privacy of the consumer and it is possible to

define adaptive security policy, based on behavioral analysis

of user in computers networks.

II.

THE DEMONSTRATION OF KUCAS

Figure 2: Using KUCAS in Internet Banking Application

The Figure 2 shows KUCAS applied in a softwareapplication to access a bank account via Internet Banking orMobile Banking with the following variables: who={BankAccount and Password (Security Key)}, where= {Place or IPof computer}, when={Date and Time using Internet banking},

what={type of application (payment, transfer of money orfinancial investment} and the variable rest= {set of the

behavioral restrictions for a user in Internet Banking}.

Figure 3: KUCAS Presentation

Figure 3 shows how KUCAS can be demonstrated or usedin a place without using Internet.

III.

REFERENCES

[1] Brosso, I.; Bressan, G.; Ruggiero, W. V. - The ContinuousAuthentication- 22nd IEEE Computer Security Foundations Symposium(CSF 2009), Short Talks Session, July 8-10, Port Jefferson, New York,USA, ( 2009).

[2]

Dempster, A. P. -Upper and Lower Probabilities Induced by a Multi-valued Mapping, Annals of Mathematical Statistics, Vol.38, pp.325-339,(1967).

[3]

Shaffer, G. A Mathemathical Theory of Evidence. Princeton, PrincetonUniversity Press, (1976).

[4]

Skinner, B. F. Cincia e Comportamento Humano. So Paulo:Ed.Martins Fontes, (2003).

[5]

Calderon, T.G., Chandra, Akhilesh and Cheh, John J. - Modeling anintelligent continuous authentication system to protect financialinformation resources- International Journal of Accounting InformationSystems, Volume 7, Issue 2, Pages 91-109, June (2006).

This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE CCNC 2010 proceedings