Pretražite po imenu i prezimenu autora, mentora, urednika, prevoditelja

Napredna pretraga

Pregled bibliografske jedinice broj: 866057

Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets


Skračić, Kristian; Pale, Predrag; Kostanjčar, Zvonko
Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets // Computers & security, 67 (2017), 107-121 doi:10.1016/j.cose.2017.03.002 (međunarodna recenzija, članak, znanstveni)


CROSBI ID: 866057 Za ispravke kontaktirajte CROSBI podršku putem web obrasca

Naslov
Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets

Autori
Skračić, Kristian ; Pale, Predrag ; Kostanjčar, Zvonko

Izvornik
Computers & security (0167-4048) 67 (2017); 107-121

Vrsta, podvrsta i kategorija rada
Radovi u časopisima, članak, znanstveni

Ključne riječi
User authentication ; One-time challenge generation ; User behavior profiling ; Transactional data set patterns ; Knowledge-based authentication ; Question-based authentication

Sažetak
Knowledge-based authentication methods have become increasingly popular, where they started as simple passwords, before evolving into static questions for fallback authentication and graphical password-based systems. Question-based authentication methods are typically based on static or slowly changing data sources, thereby making them vulnerable to eavesdropping, wiretapping, and other types of attacks. Thus, an alternative approach is needed to create an authentication challenge that could compete with other authentication factors: hardware tokens and biometrics. In this study, we propose a new authentication approach that exploits the user behavior patterns captured in non-public data sources to create unique, one-time challenges. We propose: (i) a model that is capable of representing user behavior patterns in a wide range of user activities captured from various data sources and (ii) a method for creating unique one-time challenges based on the model. We tested the model and the method based on multiple non-public data sources such as bank transactions, phone logs, computer usage data, and e-mail correspondence. We also demonstrated its efficacy with a live user pool. Security analysis indicated the full resilience of the proposed method against eavesdropping as well as its adaptability in response to guessing attacks by dynamically increasing the complexity of the challenge.

Izvorni jezik
Engleski

Znanstvena područja
Računarstvo



POVEZANOST RADA


Projekti:
HRZZ-UIP-2014-09-5349 - Algoritmi za mjerenje sustavskog rizika (ASYRMEA) (Kostanjčar, Zvonko, HRZZ ) ( CroRIS)

Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb

Profili:

Avatar Url Predrag Pale (autor)

Avatar Url Zvonko Kostanjčar (autor)

Poveznice na cjeloviti tekst rada:

doi dx.doi.org www.sciencedirect.com

Citiraj ovu publikaciju:

Skračić, Kristian; Pale, Predrag; Kostanjčar, Zvonko
Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets // Computers & security, 67 (2017), 107-121 doi:10.1016/j.cose.2017.03.002 (međunarodna recenzija, članak, znanstveni)
Skračić, K., Pale, P. & Kostanjčar, Z. (2017) Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets. Computers & security, 67, 107-121 doi:10.1016/j.cose.2017.03.002.
@article{article, author = {Skra\v{c}i\'{c}, Kristian and Pale, Predrag and Kostanj\v{c}ar, Zvonko}, year = {2017}, pages = {107-121}, DOI = {10.1016/j.cose.2017.03.002}, keywords = {User authentication, One-time challenge generation, User behavior profiling, Transactional data set patterns, Knowledge-based authentication, Question-based authentication}, journal = {Computers and security}, doi = {10.1016/j.cose.2017.03.002}, volume = {67}, issn = {0167-4048}, title = {Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets}, keyword = {User authentication, One-time challenge generation, User behavior profiling, Transactional data set patterns, Knowledge-based authentication, Question-based authentication} }
@article{article, author = {Skra\v{c}i\'{c}, Kristian and Pale, Predrag and Kostanj\v{c}ar, Zvonko}, year = {2017}, pages = {107-121}, DOI = {10.1016/j.cose.2017.03.002}, keywords = {User authentication, One-time challenge generation, User behavior profiling, Transactional data set patterns, Knowledge-based authentication, Question-based authentication}, journal = {Computers and security}, doi = {10.1016/j.cose.2017.03.002}, volume = {67}, issn = {0167-4048}, title = {Authentication approach using one-time challenge generation based on user behavior patterns captured in transactional data sets}, keyword = {User authentication, One-time challenge generation, User behavior profiling, Transactional data set patterns, Knowledge-based authentication, Question-based authentication} }

Časopis indeksira:


  • Current Contents Connect (CCC)
  • Web of Science Core Collection (WoSCC)
    • Science Citation Index Expanded (SCI-EXP)
    • SCI-EXP, SSCI i/ili A&HCI
  • Scopus


Citati:





    Contrast
    Increase Font
    Decrease Font
    Dyslexic Font