International Conference on Computing, Control, Networking, Electronics and Embedded Systems Engineering, 2015 Comparison between Mixed Binary classification and Voting Technique for Active User Authentication using Mouse Dynamics Alnour Ahmed Khalifa + , Mutasim Adil Hassan + , Tarig Ahmed Khalid + and Hassan Hamdoun * + Electrical Engineering Department, University of Khartoum { alnour.ahmed@gmail.com , motasim.taha@yahoo.com ,t.a.khalid@ieee.org } * School of Natural and Computing Sciences, University of Aberdeen, Kings’ College, Aberdeen, UK, AB24 3BU hassan.hamdoun@abdn.ac.uk Abstract—The rapid proliferation of computing processing power has facilitated a rise in the adoption of computers in various aspects of human lives. From education to shopping and other everyday activities to critical applications in finance, banking and, recently, degree awarding online education. Several approaches for user authentication based on Behavioral Biometrics (BB) were suggested in order to identify unique signature/footprint for improved matching accuracy for genuine users and flagging for abnormal behaviors from intruders. In this paper we present a comparison between two classification algorithms for identifying users’ behavior using mouse dynamics. The algorithms are based on support vector machines (SVM) classifier allowing for direct comparison between different authentication-based metrics. The voting technique shows low False Acceptance Rate(FAR) and noticeably small learning time; making it more suitable for incorporation within different authentication applications. Index Terms: active authentication, mouse dynamics, pattern recognition, machine learning, support vector machines. I. INTRODUCTION Conventional authentication techniques rely on static approaches using passwords for single time check with no further identity validation after authorization. They are simple and effective if the access to computer systems occurs in one place and during specific time period in a secure environment [1]. Behavioral Biometrics (BB) performs users’ identification based on the behavioral patterns that the user exhibits when interacting with the computer. Research approaches building on BB concepts aims to find cost and time efficient tools and techniques in order strengthen computer security and data integrity at various points in the Human Computer Interaction (HCI) ecosystem, e.g. [2] [3] [4] [5]. However, there is still need for improved resilience of those techniques given the rising use of e-learning and e-education applications requiring improved user identification accuracy and verification time [6] [7] Also in banking systems [8]. Issues such as users forgetting their authentication details, remaining logged on, credentials stolen are easy ways for intruders to gain lawful access to the system. Behavioral Biometrics, contain inherent user characteristics of physiological features, offer unique advantages over other approaches. Firstly, they can be collected without causing the users’ any inconvenience and hence not affecting the user experience (UX) negatively. Secondly, No. extra hardware is needed to capture them, resulting in reduced cost of the overall system [9]. BB also monitors users’ behavior continuously, offering increased resilience to intruder’s attacks. Computer BB can be implemented using keystroke keyboard dynamic [10] or mouse dynamics [11]. Keyboard dynamics are based on analyzing the typing rhythm of the user which makes them affected by the keyboard layout structure resulting in differing users’ behavior for different keyboard types. Mouse dynamics, on the other hand, are platform independent and hence offer one-to-one mapping to users’ behavior. Both mouse and keyboard dynamic are needed for example in systems with a combination of command line and graphical interfaces [3] [9]. This paper investigates two BB-based approaches for user classification; one is based on SVM and the other on a weighted voting technique. Performance comparisons are conducted for False Acceptance Rate (FAR), authentication time required and False Rejection Rate (FRR). Result indicates the superiority of the voting technique in the FAR ,FRR and Generalization Factor (GF) performance measures. The inherent ability to combine results from different classifiers works well to the advantage of the voting technique. The rest of the paper is structured as follows: Behavioral Biometrics is covered in Section II. Section III describes Related Work. Our proposed system is illustrated in Section IV while results are in section V. finally Section VI concludes the paper. II. BEHAVIOURAL BIOMETRICS The need for authentication is important when a computing resource needs to be protected from manipulation, access and or to provide user’s privacy assurances. Traditional solutions include access control which can either be physical: sieges, doors, locks, CCTV cameras, etc or virtual using passwords, keys, Pins, finger-prints, etc. The authentication process consists of i) presentations of credentials by the unknown entity, ii) verification of credentials and ii) Authentication/prevention of access to the system. Biometrics is a promising approach for authenticating who the user is beyond traditional passwords and PINs. Biometrics use inherent characteristics of human beings (Eye iris, fingerprint, voice, behavior, face, etc.) and hence are