Upload
others
View
35
Download
0
Embed Size (px)
Citation preview
USER AUTHENTICATION THROUGH MOUSE
DYNAMICS
NURUL LIYANA SYAHIRAH BINTI RUSMADI
BACHELOR OF COMPUTER SCIENCE
(NETWORK SECURITY)
UNIVERSITI SULTAN ZAINAL ABIDIN
2017
USER AUTHENTICATION THROUGH MOUSE DYNAMICS
NURUL LIYANA SYAHIRAH BINTI RUSMADI
Bachelor of Computer Science (Network Security)
Faculty of Informatics and Computing
Universiti Sultan Zainal Abidin, Terengganu, Malaysia
MAY 2017
i
DECLARATION
I hereby declare that this report is based on my original work except for quotations
and citations, which have been duly acknowledged. I also declare that it has not been
previously or concurrently submitted for any other degree at Universiti Sultan Zainal
Abidin or other institutions.
________________________________
Name : Nurul Liyana Syahirah Binti Rusmadi
Date : ..................................................
ii
CONFIRMATION
This is to confirm that:
The research conducted and the writing of this report was under my supervision.
________________________________
Name : Dr. Ahmad Nazari Bin Mohd Rose
Date : ..................................................
iii
DEDICATION
Alhamdulillah, first and foremost, praised to Allah, the Most Gracious and the
Most Merciful for blessing and giving me the opportunity to complete my final year
project, the User Authentication Through Mouse Dynamics.
Here, I would like to take this opportunity to express my highest gratitude to
my supervisor Dr. Ahmad Nazari Mohd Rose and Madam Siti Dhalila Mohd Satar for
their guidance, motivation and help throughout my project. Without their support and
guidance, it is impossible for me to complete my project successfully.
Besides that, I would like to extend my appreciation to my family members
and friends. They have always been there to support and encourage me
unconditionally.
Last but not least, I would like to thank all my lecturers who taught me
throughout my education at Universiti Sultan Zainal Abidin (UniSZA).
iv
ABSTRACT
Authentication is a process that ensures user identity. Nowadays, the most common
authentication methods used are password and fingerprint-based user. It has been
shown to have some drawbacks as hacker can invade system and revealed the
password while fingerprint can easily be stolen from authenticated user. To overcome
this problem, user authentication through mouse dynamics is introduced. It is an
authentication with pointing device such as mouse and touchpad that can verify
computer user based on their mouse operating styles. The authentication approach is
based on mouse operation task for which user who performs the right action can be
verified as an authenticated user. Other than that the system will reject the user.
Development and testing of biometric system are the main focuses in this study
regarding to the mouse movement for user authentication. Mouse dynamics biometric
system usually consists of three modules which are Data Capture Module, Feature
Extraction Module and Classifier Module. Expected results from this project is that it
can achieve higher percentage in authentication user.
v
ABSTRAK
Pengesahan adalah satu proses yang memastikan identiti pengguna. Pada masa kini,
kaedah pengesahan yang paling biasa digunakan adalah kata laluan dan pengguna
berasaskan cap jari. Ia telah terbukti mempunyai beberapa kelemahan seperti hacker
boleh menyerang sistem dan mendedahkan kata laluan manakala cap jari boleh dicuri
daripa pengguna yang sah. Untuk mengatasi masalah ini, pengesahan pengguna
melalui dinamik tetikus diperkenalkan. Ia adalah satu pengesahan dengan menunjuk
peranti seperti tetikus dan pad sentuh yang boleh mngesahkan pengguna komputer
berdasarkan gaya operasi tetikus mereka. Pendekatan pengesahan adalah berdasarkan
tugas operasi tetikus yang mana pengguna yang melakukan operasi tetikus yang betul
boleh disahkan sebagai pengguna yang sah. Selain daripada itu, sistem akan menolak
pengguna. Fokus utama dalam pembangunan dan ujian sistem biometrik adalah
mengenai pergerakan tetikus untuk pengesahan pengguna. Selain itu, sistem biometrik
tingkah laku terdiri daripada tiga modul iaitu ‘Data Capture’ modul, ‘Feature
Extraction’ modul dan ‘Classifier’ modul. Keputusan yang dijangkakan daripa projek
ini adalah bahawa ia boleh mencapai peratusan yang lebih tinggi dalam pengesahan
pengguna.
vi
CONTENTS
PAGE
DECLARATION i
CONFIRMATION ii
DEDICATION iii
ABSTRACT iv
ABSTRAK v
CONTENTS vi
LIST OF FIGURES viii
LIST OF ABBREVIATIONS ix
CHAPTER I INTRODUCTION
1.1 Background 1
1.2 Problem statement 2
1.3 Objectives 3
1.4 Scope of work 3
1.5 Expected Result 4
CHAPTER II LITERATURE REVIEW
2.1 Introduction 5
2.2 Literature Review 5
2.3 Method used 6
2.3.1 Data Capture Module 6
2.3.2 Feature Extraction Module 8
2.3.3 Classifier Module 9
2.4 Existing Approaches 10
2.4.1 Continuous Authentication Approaches 10
2.3.2 Static Authentication Approaches 11
2.5 Results from Previous Studies 11
2.6 Summary 12
CHAPTER III
METHODOLOGY
3.1 Introduction 13
3.2 Project Methodology 13
vii
3.2.1 Information Gathering Phase 14
3.2.2 Design Phase 14
3.2.2.1 Framework 14
3.2.2.2 Flow chart 16
3.2.2.2.1 Flow chart (Data Capture) 16
3.2.2.2.2 Flow chart (Feature
Extraction)
18
3.2.2.2.3 Flow chart (Classifier) 19
3.2.2.3 Use Case Diagram 20
3.2.2.4 Class Diagram 21
3.2.3 Prototype Phase 22
3.2.4 Review Phase 23
3.2.5 Develop Phase 23
3.2.6 Implement Phase 23
3.2.7 Testing Phase 23
3.2.8 Maintenance Phase 24
3.3 Chapter Summary 24
REFERENCES 25
viii
LIST OF FIGURES
FIGURE TITLE PAGE
3.1 Rapid Prototyping SDLC Model 13
3.2 Framework of the application 15
3.3 Flow chart of Data Capture Module 17
3.4 Flow chart of Feature Extraction Module 18
3.5 Flow chart of Classifier Module 19
3.6 Use Case Diagram 20
3.7 Class Diagram 21
ix
LIST OF ABBREVIATIONS / TERMS / SYMBOLS
GUI Graphical User Interface
FAR False Acceptance Rate
FRR False Rejection Rate
EER Equal Error Rate
USB Universal Serial Bus
SVM Support Vector Machine
KNN Nearest Neighbour
SDLC System Development Life Cycle
MYSQL My Structured Query Language
1
CHAPTER I
INTRODUCTION
1.1 Background
In today’s society, the quest for user authentication and verification become
more important than ever before. Authentication provides a way of clasifying a user
by on their valid username and valid password before they can access the system. In
the context of authentication, biometrics-based authentication is more secure than
traditional based authentication. Moreover, biometrics such as mouse dynamics,
fingerprints, voice, face are less intrusive and do not require any specialized hardware
to capture biometrics information.
The term “biometrics” is borrowed from the Greek words ‘bio’ means life and
‘metric’ is to measure. Biometrics refers to the classification of humans by their
physical characteristics or traits[1]. Biometrics can be divided into two parts that are
physiological and behavioral biometrics. Physiological biometrics is something that
related to part of the body such as fingerprint, voices, face recognition and much more
[1], [2], [4], [5], [8], [10], [11]. On the other hand, behavioral biometrics is related to
the behavior of a person [1], [2], [3], [4], [5], [7], [8], [9], [10], [11]. Mouse dynamics,
signature verification, typing rhythm are some typical examples of behavioral
biometrics. Mouse dynamics is a pointing device such as mouse or touchpad that
2
describes an individual’s behavior. Many previous studies have demonstrated that
mouse dynamics has a rich potential as a biometrics for user authentication with much
lesser cost [2], [3], [4]. An efficient approach that can perform the user authentication
task in short time while maintaining high accuracy is introduced. In this project,
holistic features will be extracted from user’s unique mouse behavior data. Other than
that, Leave One Out Method by using Manhattan Distance are applied.
Mouse dynamics, one of the common behavioral biometrics can be used to
provides user authentication through different mouse movements and clicks. In this
projects, there is a combination of holistic features such as single-click statistic and
movement elapsed will be applied to create user authentication. Mouse biometric
system usually consists of three modules which are Data Capture Module, Feature
Extraction Module and Classifier Module [5]. User will interact with GUI and will
provide raw data based on their mouse behavior for the first module. Second module
work by analyzes the raw data that provided earlier to extract user own feature that
can distinguish each user behavior through their mouse movements. The extraction
feature will then be used to identify or verify user.
1.2 Problem Statement
The most common approach for securing access to system is the use of textual
password. However, it is well known that text password is insecure for a multiple
of reasons. The problem statement of this project, textual password is vulnerable
to attackers as user choose simple and easy to remember password. Textual
password is defenseless against shoulder-surfing, hidden-camera and spyware
attacks. Other than that, users do not pay sufficient attention wisely when choosing
password and also protecting them. Most users think that security
3
1.3 Objectives
The objectives are listed below
i. To identify holistic features of mouse dynamics
ii. To design mouse dynamic application authentication prototype
iii. To test whether the mouse movement can be used to authenticate user.
1.4 Scope of work
There are two scopes in this project which is user and application scope.
User Scope
In the user scope phase, user will interact with Graphical User Interface
(GUI) to register and play with the training programs which is random buttons.
User will be able to provide data regarding user’s unique mouse movements
and clicks.
Application Scope
There are three basic methods that will be used in application scope
which is to capture, extract and classify user’s unique mouse movements and
clicks data that has been provided in the user scope. Application scope can also
able to extract holistic features that include single click statistics, distance,
speed and many more features on how the way user move the mouse based on
the collected data.
4
1.5 Expected Result
Development and testing of biometric system are the main focuses in
this study regarding to the mouse movement for user authentication. This
application is expected to demonstrate that mouse movement behavioral
biometric can be used to authenticate user. The expected results will be
presented in percentage of authenticate user and percentage of non-
authenticate user based on the matching of their mouse movement biometric in
the authentication and verification phase. Expected results from this project is
that it can achieve higher percentage in authentication user which mean that
this application is able to identifies authenticate user by user’s unique mouse
movements and clicks.
5
CHAPTER 2
LITERATURE REVIEW
2.1 Introduction
A simple mouse biometric authentication system usually consists of
three modules which are data capture module, feature extraction module and
classifier module [5]. This chapter will discuss about the basic concept of
authentication using mouse movement. Other than that, some of the existing or
related works will be discussed as well.
2.2 Literature Review
“Biometrics” itself derived from Greek words ‘bio’ means life and
‘metric’ is to measure. Biometrics refers to the identification of human by their
traits or characteristics. Biometrics is used as a form of identification.
Biometrics can be categorized into two parts which are physiological and
behavioral biometrics. Physiological biometrics is related to the physical of a
person including iris, fingerprint, face recognition, DNA and many more.
Behavioral are associated to the behavior of a person that includes voices,
mouse dynamics, keystroke and signature [6].
User’s unique profile can be generated by monitoring mouse
movement when user made interaction with GUI. The mouse movement
6
includes mouse move, silence, point and click and drag and drop[7]. Mouse
dynamics are usually evaluated based on the following metrics [3]:
False Acceptance Rate (FAR) – the probability that the system
wrongly denied access to user
False Rejection Rate (FRR) – the probability that the system
wrongly gives authorization to unauthorized user
Equal Error Rate (EER) – the error rate when the system’s
parameter are set such that FRR and FAR are equal. The lower
the EER the more precise the system.
2.3 Method used
Mouse dynamics biometric is designed with three major modules which are
data capture module, feature extraction module and classifier module. Data capture
module consist of an application that can collect data regarding the mouse behavior of
an individual when he or she is interacting with a GUI. The purpose of feature
extraction is to analyze raw data to generate user feature vectors that can be used to
differentiate each user behavior through their mouse movements. Furthermore,
classifier module are used to identify and verify a user based on the extraction feature.
2.3.1 Data capture module
In [4] the raw data was collected from 37 subjects consist of 7
females and 30 males. All subjects were right-handed users and had
been using a mouse for more than two years. All of them were required
to participate in two rounds of data collection per day and waited at
7
least 24 hours between collections. In each round subject need to
perform same mouse operation task 10 times. A mouse movement
sample was obtained when a subject first clicked a start button on the
screen, then moved the mouse to click following buttons prompted by
the data collection application. This experiment took between 15 days
and 60 days to complete data collection. Each subject accomplished
150 error-free repetitions of same mouse-operation task.
In [5] the data capture application was well hidden from the user
and can only function when there is some interaction with the
experiment. User needs to perform an activity called “follow the
button.” The user needs to move the mouse and clicked on the buttons
according to where the buttons appeared. The button was arranged in
random pattern so that user could not predict where would the next
button be. User had to click until the 20th button to finish without any
constraint of time. For this research, user needs to use their own laptop
and mouse within seven days to collect six different data. The raw data
consist of coordinate X and Y and time in milliseconds.
Jorgensen and Ting [3] collected data from 17 volunteer
subjects by using two different types of pointing devices, while
performing a common web browsing task. There are eight males and
nine females that were all computer science student and right handed.
Two identical computers with USB optical mouse and the other with a
USB touchpad were set up. All subjects were given specific web
browsing task designed to last 30 minutes and they need to execute the
task each in both computers with different pointing devices. Jorgensen
8
and Ting create their own custom mouse event logging software which
implement in C# ran as a background process and used Windows
mouse hook to intercept all mouse event then written it to a file.
In [8] mouse movement data was recorded during subjects
routine computing activities. Logging tool RUI were used to record
their mouse movement activities. In order to profile a user’s behavior
on mouse device, cursor movement and mouse event (single, double
clicks and mouse wheel movement) need to be captured [9]. In [7],
they used available mouse dynamics dataset that collected from 49
volunteers. The data collection software stored the dataset in four
features which is type of action (1: Mouse Move; 2: Silence; 3: Point
and Click; or 4: Drag and Drop), travelled distance in pixels, elapsed
time (with 0.25 second accuracy) and direction of movement (a value
between 1 and 8 according the movement of the mouse).
2.3.2 Feature extraction module
According to the research paper [5],the first step was to create
mouse movement profiles. To get mouse movement profile for each
user, the raw data were applied by calculations. The formulas were
time, speed, acceleration, deviation and angle of deviation. Next step
was to create mouse movement profile measurement. Average and
standard deviation were calculated as there would be some counts of
the mouse movement points that could differentiate each user. The
calculation need to be done to find the nearest value from those count
that could distinguish a user to another user.
9
In [8], they first compute the distance, angle and speed between
pairs of data points. For each in every category and for the cursor
movement data, they compute the mean, standard deviation angle, third
moment of the distance and speed between pairs of point. Lastly, they
compute mean, standard deviations and third moment for the X and the
Y coordinates. This will give rough measure where the location of the
events in windows and the location of the cursor in the window.
Besides, research in [4] stated that mouse features were
typically organized into vector to represent the sequence of mouse
operations in one execution of the mouse-operation task. They
characterized mouse behavior based on two basic types of mouse
operations which were mouse click and mouse movement into holistic
features or procedural features. Holistic feature is a feature that
characterizes the whole properties of mouse during interactions such as
single click and double click statistics. On the other hand, procedural
features are a features that describe the detailed dynamic processes of
mouse behaviors, such as movement speed and acceleration curves.
Manhattan Distance are used to calculate the distance vector of holistic
features while, Dynamic Time Warping (DTW) distance are used to
compute the distance vector of procedural features.
2.3.3 Classifier module
In [4], the approach that used to compare and detect the
differences between behavior was using one-class classification. This
approach was an appropriate solution to build a model based only on
10
legitimate user’s data sample. The model used to detect impostors.
Other than that, this research also introduced two other widely used
classifiers which were One Class Support Vector Machine (SVM) and
Nearest Neighbor (KNN) and neural network. Research paper [7] said
that SVM was the only method that always detected the impostors.
Based on a research paper [5],this module was to check the
validity of values from the previous process and classify the patterns
that could identify a user. All values would go through normalization
before the identification process begun. In identification process, Leave
One Out method was used. This method could be done by comparing
or testing a test file value against all the file values in the training data
set by using Euclidean Distance formula.
2.4 Existing approaches
Frequent problems with the existing techniques will be discussed in this
section regarding how they were evaluated. There was two authentication approach
that has been proposed which are continuous authentication approaches and static
authentication approaches.
2.4.1 Continuous authentication approaches
[10] used individual mouse actions (differ in using histogram
over some mouse actions) as a feature for continuous authentication. They
have been used 25 volunteers which are 21 males and four females to collect
data in their experiment and used Random Forest Classifiers for data analysis.
In an approach by Ahmed and Traore [11], low-level mouse events are
11
collection in higher-level actions such as point-and-clicks or drag-and-drops,
represented by action types, distance, duration and direction. Authentication
involves training a neural network on mouse data from a given user which then
be used to classify observed mouse behavior at authentication time.
2.4.2 Static authentication approaches
Static verification approach was when a user required to
perform a series of mouse movement and its mouse data is shown
within a certain amount of time for example in login time. Click-based
graphical password for user login, where five clicks are predicted to be
made in no more than 25 seconds would be a good example of this
scenario [8].
2.5 Results from Previous Studies
Research [4] was focusing on the challenged faced by mouse-dynamics based
user authentication and developed a simple and effective approach that can perform
the user authentication task in short time while maintaining high accuracy. Holistic
features and procedural features are extracted from the fixed mouse operations task to
accurately characterized a user’s unique behavior data. The experiments involved 37
subjects and all of it produced 5550 data samples. The validity of the proposed
approach produced FAR of 8.74% and FRR of 7.69% and an authentication time of
11.8 seconds. The results proved that mouse dynamics could provide a significant
enhancement for traditional authentication systems.
In [5],the results of Leave One Out Method for identification successfully
match 14 matching from 30 data to produce 46.67% of success percentage. The
12
experiment on Randomized Mouse Movement manages to identify 14 identifications
of user. It is quite difficult to get a match for a user or to identify a user in random
environment as the experiment was conducted in an uncontrollable environment
whereby the experiment is tested using user’s own laptop and mouse.
The authors of [8] only focused on fine-grained angle-based metrics which has
two advantages over previous research. The first advantage is angle-based metrics can
distinguish a user accurately with very few clicks. Second, angle-based metrics are
suitable for online re-authentication as it is independent of the operating environment
of user. The experiment gathered two sets of data, one set of 30 under controlled
circumstances, and another set of over 1,000 users on forum websites. They evaluated
the system performance in term of verification accuracy and time. The results were
EER of 1.3% with just 20 clicks. It showed the overhead required for online
verifications is small. Therefore, using partial movements will significantly reduce
verification time, but it will cost of accuracy being degraded.
2.6 Summary
Hopefully, this chapter would provide an overview regarding the concept of
the application. Based on the study that has been made, it shows the literature review
is one of the important parts in research and we could know whether the idea had been
study or not.
13
CHAPTER 3
METHODOLOGY
3.1 Introduction
This chapter discuss about how to develop the project. There are some steps
that must be consider. In methodology term, it is the method that intended to use to
collect data. Methodology is a set of practices regarding to develop the project.
3.2 Project Methodology
Project methodology that used in this project is Rapid Prototyping Software
Development Life Cycle as it can ease of understanding of the system being
developed and missing functionality can be easily detected. The rapid prototyping
SDLC model is shown below in Figure 3.1. This model includes eight main phases
which are information gathering, design, prototype, review, development, implement,
testing and maintenance phase.
Figure 3.1: Rapid Prototyping SDLC Model
14
3.2.1 Information Gathering Phase
Information gathering phase is the most critical step as it determines the
project’s main goal and how the overall system for the mouse dynamics would
function. Analysing user’s requirement is carried out. Basically, all possible
requirement of the application that needed to be developed will be documented
in the requirement specification.
3.2.2 Design Phase
Based on the user requirement and the detailed analysis, the new
system must be designed. The design phase will show how the application
would look like and how its work. In the design phase, the programming
language, the hardware and software platforms in which the new application
will run are also decided. Other than that, desired features and operations in
detailed may include use case diagram, class diagram, framework and other
documentation to know about the flow of the application.
3.2.2.1 Framework
In the mouse movement biometric application, framework and
flow chart was produced before the application was implemented so
that this project would be implemented successfully. Framework
describes about the overview of the system work.
15
Figure 3.2: Framework of the application
Figure 3.2 shows a framework of the authentication through
mouse dyanmics. This framework describe about overview of the
systemwork. The framework can be divided into two phase. There are
registration and verification phase.
For the registration phase, the users will interact with the
program that has been provided by the application. When users start to
play with the application, a monitoring program will be running in the
background of the application and collect raw data. The raw data
consists of co-ordinates X and Y of the mouse movement and time (t).
Next, feature extraction module will extracts holistics features
from the raw data. Holistics features here mean features that
characterized the overall properties of mouse behaviours during
interactions with GUI (citation). Feature vectors is the raw data that
16
has been compute and extracted. Furthermore, the feature vector will
produce training result and it will be stored in the MySQL database.
Moreover, data capture module and feature extraction module
also included in the verification phase. The process are the same as in
the registration phase whereas the feature vector will produce the
practise result. After that, the training result would go through the
classifier module. The results of the practise results in the verification
phase that has been compute would be compared to the training results
in the database from earlier. If the results is the same, the application
wouls authenticate the users.
3.2.2.2 Flow Chart
A flow chart is the type of diagram that represents the process
or the workflow that shows step by step by connecting them with
arrows.
3.2.2.2.1 Flow Chart (Data Capture)
17
Figure 3.3: Flow chart of data capture module
Figure 3.3 shows the flow that involves in the data
capture module. Firstly, when the application is start, users will
interact with GUI. The users would input username, ic, gender
and email address to register. Next, user would provide
username and identification number so that the user can play
with the training program. The training program is an
application to collect the raw data from users. The raw data will
then be used to compute features vector in the feature extraction
module.
18
3.2.2.2.2 Flow Chart (Feature Extraction)
Figure 3.4: Flow chart of feature extraction module
Figure 3.4 shows the raw data that has been collect from
the user will be stored in the MySQL database. As the results,
the raw data would go through feature extraction to compute
feature vectors.
Moreover, feature vectors that can be extracted from the
raw data are average duration, average distance, average speed,
average single click statistics, variance duration, variance
distance, variance speed, variance single click statistics,
variance double click statistics, standard deviation duration,
standard deviation distance, standard deviation speed, standard
deviation single click statistics and standard deviation double
click statistics. These feature vectors include the training result
and the testing result. The training result is computed during the
19
registration phase while the testing result is computed during the
verification phase.
3.2.2.2.3 Flow Chart ( Classifier)
Figure 3.5: Flow chart of classifier module
Figure 3.5 above shows feature vectors would be stored
in the training program in the database. During the verification
phase, classifier module is responsible to classify feature
vectors. The classifier would compare the testing value and
training value in the database. Users will be authenticate as the
both results match to each other. After the application able to
authenticate user, the program will terminate.
20
3.2.2.3 Use Case Diagram
A use case diagram is the most simplest representation of a
system with the user’s interaction. It shows that the relationship
between the user and the different use cases in which the user is
involved. Use case diagrams consist of actors or in other word user, use
cases, boundary and their relationship between actors and the use case.
Figure 3.6: Use Case Diagram
Figure 3.6 shows the first step that the actor which is the user
can involve is registered. Then the next step will be the data capture
process. In this process, raw data from the user are collected. After that,
the process will extend with the feature extraction which will include
feature vector. The last process would extend classifier process. This
process can authenticate user, so the user knows either the application
can recognize the exact user through this classifier process.
21
3.2.2.4 Class Diagram
A class diagram shows the fixed structure of a system. It shows
the objects, attributes, the relationship between classes and all operation
in it. The classes in the class diagram are arranged in groups that share
common characteristics. The classes are represented by boxes that have
three partitioned. The first and the top partition contains the name of
the class. The middle part contains the class’s attributes. The last and
the bottom partition shows the possible operations that are associated
with the class.
Figure 3.7: Class Diagram
22
Figure 3.7 above shows that there are four class for this
application which are user, data capture, feature extraction and
classifier. Each object knows to which class it belongs. The entire users
are able to register the application thus create a relationship called
“register().” The data capture class have attributes called width (x),
height (y) basically the co-ordinates of the random button and time (t).
To extract feature, there will be calculation included such as average,
variance and standard deviation for duration, distance, speed, single
click statistics and double click statistics.
The third class would be feature extraction class. The attributes
for this class is average, variance and standard deviation for duration,
distance, speed, single click statistics and double click statistics. It
involves formulae to calculate distance so it can participate in a
relationship called “CalculateDistance().” Lastly, classifier class which
has distance as attribute. This class can participate in a relationship
called “GetAuthentication().”
3.2.3 Prototype Phase
Prototype is a sample or model of a product built to test a concept. It
shows the main functional capabilities of the proposed application. Prototyping
serves to provide specification for a real, working system, rather than
theoretical one. It includes the sample interface of mouse dynamics
authentication and also the physical database.
23
3.2.4 Review Phase.
The sample of the mouse dynamics application prototype that has been
develop will be presented to users. The feedback from user will be collected
for further development.
3.2.5 Develop Phase
The actual projects are developed and built in this phase. Written actual
codes and testing unit is performed in this phase.
3.2.6 Implement Phase
In this phase, each of the design is implemented as one program
module. This project is developed using JAVA programming and use graphical
user interface (GUI) as a medium of interaction and interface whereas MySQL
for physical database. XAMPPServer is used for local host server. Each
module is tested to exclude any kinds of error. Testing the module one by one
is the most efficient ways to debug errors.
3.2.7 Testing Phase
In this phase, data capture module, feature extraction module and
classifier module need to be tested as a whole. This is to make sure that the
application runs smoothly without any errors. If there is any error, the
application would repeat the develop and implement phase until the application
is suitable for users.
24
3.2.8 Maintenance Phase
The application must be developed in a way that it would adapt to
change. In this phase, if there is any error detected, all of the problems need to
be solved.
3.3 Chapter Summary
Methodology is very important in system and application development. There
are lots of different software development methodology that available and can be used
to develop any kind of application. All of the activities in each phase in methodology
are explained so that it can be understood easily.
25
REFERENCES
[1] Stephen Mayhew, “History of Biometrics | BiometricUpdate,” January 14,
2015. [Online]. Available: http://www.biometricupdate.com/201501/history-of-
biometrics. [Accessed: 26-Apr-2017].
[2] R. V Ponkshe and P. V. Chole, “Keystroke and Mouse Dynamics : A Review
on Behavioral Biometrics,” vol. 4, no. 2, pp. 341–345, 2015.
[3] Z. Jorgensen and T. Yu, “On mouse dynamics as a behavioral biometric for
authentication,” Proc. 6th ACM Symp. Information, Comput. Commun. Secur. -
ASIACCS ’11, p. 476, 2011.
[4] C. Shen, Z. Cai, X. Guan, Y. Du, and R. A. Maxion, “User authentication
through mouse dynamics,” IEEE Trans. Inf. Forensics Secur., vol. 8, no. 1, pp.
16–30, 2013.
[5] N. A. Hamid, S. Safei, S. Dhalila, M. Satar, S. Chuprat, and R. Ahmad,
“Randomized Mouse Movement for Behavioral Biometric Identification,” Int.
J. Interact. Digit. Media, vol. 1, no. 2, pp. 52–57, 2013.
[6] “Biometric – Theory « Bio-Metrica, LLC.” [Online]. Available: http://bio-
metrica.com/biometric-theory. [Accessed: 27-Apr-2017].
[7] S. Mondal and P. Bours, “Continuous authentication using mouse dynamics,”
Biometrics Spec. Interes. Gr. (BIOSIG), 2013 Int. Conf., no. 2003, pp. 1–12,
2013.
26
[8] N. Zheng, A. Paloski, and H. Wang, “An efficient user verification system via
mouse movements,” Proc. 18th ACM Conf. Comput. Commun. Secur. - CCS
’11, p. 139, 2011.
[9] M. Pusara and C. E. Brodley, “User re-authentication via mouse movements,”
Proc. 2004 ACM Work. Vis. data Min. Comput. Secur. VizSECDMSEC 04, pp.
1–8, 2004.
[10] C. Feher, Y. Elovici, R. Moskovitch, L. Rokach, and A. Schclar, “User identity
verification via mouse dynamics,” Inf. Sci. (Ny)., vol. 201, pp. 19–36, 2012.
[11] A. awad E.Ahmed and I. Traore, “Anomaly Intrusion Detection Based on
Dynamic,” no. June, pp. 737–744, 2007.