The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS.
REPORT DATE (DD-MM-YYYY)
DECEMBER 2013
REPORT TYPE
FINAL TECHNICAL REPORT
DATES COVERED (From -To
ABSTRACTActive authentication is the process of continuously verifying a user based on their on-going interaction with the computer. In this report, we consider a representative collection of behavioral biometrics: low-level modalities of keystroke dynamics and mouse movement, high-level modalities of stylometry and web browsing behavior. We develop a sensor for each modality and organize the sensors as a parallel binary detection decision fusion architecture. The decisions of each sensor (legitimate/illegitimate user) are fed into a Decision Fusion Center (DFC) which applies the Chair-Varshney fusion algorithm to generate a global decision. The DFC minimizes the probability of error using the local-sensor False Rejection Rates (FAR) and False Acceptance Rates (FRR) as well as the a-priori probability that user is legitimate to form the decision rule. We test our approach on a dataset collected from 67 users, each working individually in an office environment for a period of one week. We show that the fusion algorithm achieves lower probability of error than that of the best individual sensor in the fused set, and we are able to quantify the contribution of each modality to the overall performance. We consider the temporal characteristics of intruder detection, showing results of the time it takes to detect a change in user. We measure the effect of perfect adversarial compromise of sensors as part of the fusion system. Lastly, we consider a higher level classification model of users based on their personality metrics. Active authentication is the process of continuously verifying a user based on their on-going interaction with the computer. In this report, we consider a representative collection of behavioral biometrics: low-level modalities of keystroke dynamics and mouse movement, highlevel modalities of stylometry and web browsing behavior. We develop a sensor for each modality and organize the sensors as a parallel binary detection decision fusion architecture. The decisions of each sensor (legitimate/illeg...