基于LPVC和行为特征的身份认证技术研究与实现
发布时间:2019-01-03 09:12
【摘要】:近年来互联网快速发展,给社会发展、经济增长以及文化繁荣带来了各种各样的机会,互联网给人们带来便利的同时也带来了不小的网络安全风险。网络安全尤其是身份认证技术逐渐成为人们关注的问题。安全的身份认证是保证计算机网络系统安全运行的基本前提。由于行为特征具有唯一性和易采集性的特点,在身份认证技术领域备受关注,因此研究基于行为特征的身份认证技术是非常有意义的。本文针对Web平台身份认证环节广泛使用用户名/密码方案存在的不足,提出了基于静态认证和动态认证相结合的动态连续身份认证方案。用户在最初登录系统时,需通过用户名/密码和验证码的静态认证方式获取系统权限资源。用户成功获取权限后,采用基于击键行为特征和鼠标行为特征组合的多行为特征动态认证方案,持续不断监听用户操作行为。通过操作行为判断操作对象是否为用户本人,保证了系统登录及登录后的安全性。本文研究的主要内容为验证码图像生成技术和操作行为特征在动态连续身份认证系统(DCA)中的应用。在静态登录环节采用了基于多图层验证码图像生成技术,降低了计算机对验证码图像的识别准确率。为DCA系统研发了捕获用户操作行为的数据采集软件;改进了信任模型中操作信任分数的计算方法,提升了信任分数的计算精确率。为了阻止攻击者利用安全漏洞逃避鼠标或者键盘中的某一个设备的入侵检测,采用击键行为特征和鼠标行为特征相结合的方式进行身份认证。最后对动态连续身份认证系统性能和行为特征数据的处理和分类进行了大量实验验证。由53名志愿者在无约束条件下对DCA系统进行测试,测试结果显示准确识别率达到80%,可以很好地实现动态连续身份认证。通过计算机分别识别了基于传统技术和多图层技术生成的验证码图像,发现基于多图层技术生成的验证码图像的识别误检率明显增加,达到21%,有效阻止了机器程序大量恶意注册行为。
[Abstract]:In recent years, the rapid development of the Internet has brought a variety of opportunities for social development, economic growth and cultural prosperity. Network security, especially identity authentication technology, has gradually become a problem that people pay attention to. Secure identity authentication is the basic premise to ensure the safe operation of computer network system. Because behavior features are unique and easy to collect, they have attracted much attention in the field of identity authentication, so it is very meaningful to study the identity authentication technology based on behavior characteristics. Aiming at the shortcomings of the user name / password scheme widely used in identity authentication of Web platform, a dynamic continuous identity authentication scheme based on static authentication and dynamic authentication is proposed in this paper. When users log on to the system initially, they need to obtain the system permission resources by the static authentication of user name / password and verification code. After the user acquires permission successfully, the dynamic authentication scheme based on the combination of keystroke behavior and mouse behavior features is adopted to continuously monitor the user's operation behavior. Through the operation behavior to judge whether the operation object is the user, it ensures the system login and the security after login. The main content of this paper is the application of image generation technology and operational behavior feature in dynamic continuous identity authentication system (DCA). In the static login, the multi-layer verification code image generation technology is adopted, which reduces the recognition accuracy of the computer for the verification code image. This paper develops a data acquisition software for DCA system to capture the user's operation behavior, and improves the calculation method of the operational trust score in the trust model to improve the accuracy of the calculation of the trust score. In order to prevent attackers from using security vulnerabilities to evade the intrusion detection of a certain device in the mouse or keyboard, the identity authentication is carried out by combining keystroke behavior characteristics with mouse behavior characteristics. Finally, a large number of experiments are carried out to verify the performance and behavior feature data processing and classification of dynamic continuous identity authentication system. The DCA system is tested by 53 volunteers under unconstrained conditions. The test results show that the accurate identification rate is 80%, and the dynamic continuous identity authentication can be realized well. The verification code images generated by traditional technology and multi-layer technology are recognized by computer respectively. It is found that the recognition error detection rate of the verification code image generated by multi-layer technology is obviously increased to 21. Effectively prevents a large number of malicious registrations of machine programs.
【学位授予单位】:江苏科技大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP393.08
本文编号:2399178
[Abstract]:In recent years, the rapid development of the Internet has brought a variety of opportunities for social development, economic growth and cultural prosperity. Network security, especially identity authentication technology, has gradually become a problem that people pay attention to. Secure identity authentication is the basic premise to ensure the safe operation of computer network system. Because behavior features are unique and easy to collect, they have attracted much attention in the field of identity authentication, so it is very meaningful to study the identity authentication technology based on behavior characteristics. Aiming at the shortcomings of the user name / password scheme widely used in identity authentication of Web platform, a dynamic continuous identity authentication scheme based on static authentication and dynamic authentication is proposed in this paper. When users log on to the system initially, they need to obtain the system permission resources by the static authentication of user name / password and verification code. After the user acquires permission successfully, the dynamic authentication scheme based on the combination of keystroke behavior and mouse behavior features is adopted to continuously monitor the user's operation behavior. Through the operation behavior to judge whether the operation object is the user, it ensures the system login and the security after login. The main content of this paper is the application of image generation technology and operational behavior feature in dynamic continuous identity authentication system (DCA). In the static login, the multi-layer verification code image generation technology is adopted, which reduces the recognition accuracy of the computer for the verification code image. This paper develops a data acquisition software for DCA system to capture the user's operation behavior, and improves the calculation method of the operational trust score in the trust model to improve the accuracy of the calculation of the trust score. In order to prevent attackers from using security vulnerabilities to evade the intrusion detection of a certain device in the mouse or keyboard, the identity authentication is carried out by combining keystroke behavior characteristics with mouse behavior characteristics. Finally, a large number of experiments are carried out to verify the performance and behavior feature data processing and classification of dynamic continuous identity authentication system. The DCA system is tested by 53 volunteers under unconstrained conditions. The test results show that the accurate identification rate is 80%, and the dynamic continuous identity authentication can be realized well. The verification code images generated by traditional technology and multi-layer technology are recognized by computer respectively. It is found that the recognition error detection rate of the verification code image generated by multi-layer technology is obviously increased to 21. Effectively prevents a large number of malicious registrations of machine programs.
【学位授予单位】:江苏科技大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP393.08
【参考文献】
相关期刊论文 前10条
1 杨勇;许杰;;个人身份认证技术及其研究进展[J];通信技术;2017年01期
2 卢世军;;生物特征识别技术发展与应用综述[J];计算机安全;2013年01期
3 余幸杰;高能;江伟玉;;云计算中的身份认证技术研究[J];信息网络安全;2012年08期
4 郑雷雷;宋丽华;郭锐;张建成;;B/S架构软件的安全性测试研究[J];计算机技术与发展;2012年01期
5 夏亮;韩冬;马书才;;基于神经网络的多因素身份认证方法[J];吉林大学学报(信息科学版);2011年02期
6 沈超;蔡忠闽;管晓宏;房超;杜友田;;基于鼠标行为特征的用户身份认证与监控[J];通信学报;2010年07期
7 房超;蔡忠闽;沈超;牛非;管晓宏;;基于鼠标动力学模型的用户身份认证与监控[J];西安交通大学学报;2008年10期
8 栾方军;程海;宋晓宇;;基于HMM的在线手写签名认证系统设计与实现[J];计算机应用与软件;2008年06期
9 常亮;吴铁峰;;基于自适应模糊c均值的击键序列身份认证[J];机械管理开发;2008年02期
10 刘志才;彭宏;邓爽;赵毓高;;基于支持向量方法和击键序列的主机入侵检测[J];计算机工程与应用;2007年15期
相关硕士学位论文 前1条
1 郭晓静;基于统计学的击键序列身份认证算法研究与改进[D];北京邮电大学;2013年
,本文编号:2399178
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2399178.html
