基于人类动力学行为理论的身份认证技术

发布时间：2018-04-28 02:27

本文选题：身份认证 + 内部威胁　；参考：《华中科技大学》2016年硕士论文

【摘要】：近年来,来自内部人员的攻击给企业和政府机构带来了极大的危害。身份伪冒攻击是内部人员最常用的攻击手段之一,往往令人防不胜防。因此,对身份伪冒检测技术的研究具有十分重要的现实意义。安全即时通信系统是本课题组承担的重点项目之一,它是湖北省政府电子政务系统的一个子系统,承担着政府部门内部员工接受、发送、审批重要文件等功能。信息安全问题是安全即时通信系统的核心问题之一。该系统现有的身份认证技术主要是系统登录时的USB Key以及静态密码的双因子认证,这种方式无法在系统登录成功后进行持续的身份认证。而现有的持续身份认证技术普遍存在认证周期长、数据量大、应用程序受限等问题,无法对安全即时通信系统进行实时的身份认证。为了提高安全即时通信系统的身份检测技术,针对现有的持续身份认证技术难以进行实时身份认证的问题,论文提出了使用介入式动态场景身份认证方法。在适当的时机(如用户进入关键位置,安全软件检测到异常等),主动注入鼠标光标异常事件来进行动态场景身份认证。结果表明,介入式动态场景身份认证方法大大的缩短了身份认证的时间。针对动态场景身份认证在短时内采集到的少量数据容易受到情绪、疲劳程度等因素影响的问题,论文提出了基于记忆游戏的固定场景身份认证方法,并与动态场景身份认证相结合,对用户的身份进行认证。当连续动态场景身份认证均出现异常时,系统将引导用户进行由记忆游戏构建的固定场景身份认证,以提高认证准确率。对10位用户进行身份认证实验,结果显示,动态场景认证得到了3.35%的FAR(拒真率)和2.87%的FRR(容假率),认证时间是5.6s;固定场景认证得到了3.0%的FAR和0.97%的FRR,认证时间是13.8s。相比现有的持续身份认证技术,该方法不仅不会受到应用程序的限制,而且大大的缩短了身份认证的时间,同时保证了身份认证的准确率。
[Abstract]:In recent years, attacks from insiders have brought great harm to enterprises and government agencies. Identity counterfeiting attacks are one of the most commonly used methods of attack by insiders. Therefore, the study of identity counterfeiting detection technology has a very important practical significance. The secure instant messaging system is one of the key projects undertaken by the research group. It is a subsystem of the Hubei Provincial Government E-government system, which is responsible for the functions of receiving, sending and approving important documents within the government departments. Information security is one of the core problems of secure instant communication system. The existing authentication technology of the system is mainly the USB Key when the system logs on and the double-factor authentication of the static password, which can not be continuously authenticated after the successful login of the system. However, the existing continuous identity authentication technology has many problems, such as long authentication period, large amount of data, limited application program, and so on, which makes it impossible to authenticate the secure instant communication system in real time. In order to improve the identity detection technology of secure instant communication system, aiming at the problem that the existing continuous identity authentication technology is difficult to carry out real-time identity authentication, this paper proposes a method of identity authentication based on interventional dynamic scene. At the right time (such as the user enters the key position, the security software detects the anomaly and so on, the mouse cursor anomaly event is injected actively to authenticate the identity of the dynamic scene. The results show that the interventional dynamic scene identity authentication method greatly shortens the time of identity authentication. Aiming at the problem that a small amount of data collected by dynamic scene identity authentication in a short period of time is easily affected by emotion, fatigue and other factors, a fixed scene identity authentication method based on memory game is proposed in this paper. And combined with dynamic scene identity authentication, the identity of the user is authenticated. When the identity authentication of continuous dynamic scene is abnormal, the system will guide the user to authenticate the identity of the fixed scene constructed by the memory game, so as to improve the accuracy of authentication. The results show that 3.35% Farr and 2.87% FRR (false tolerance rate is 5.6s) and 3.0% FAR and 0.97% FAR are obtained by dynamic scene authentication, and the authentication time is 13.8s. Compared with the existing continuous identity authentication technology, this method is not only not limited by the application program, but also greatly reduces the time of identity authentication, while ensuring the accuracy of identity authentication.
【学位授予单位】：华中科技大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP309

【参考文献】