An Insider Threat Detection Approach Based on Mouse Dynamics and Deep Learning

TLDR

In intranet environments, information is widely accessible, allowing users to access content they are not authorized for and enabling insider attackers to steal credentials or exploit unattended computers, making one‑time authentication insufficient. This study proposes a continuous identity authentication method to mitigate insider threats. The method uses mouse biobehavioral characteristics and deep learning, evaluated on an open‑source dataset of ten users. Experiments demonstrate the approach authenticates users every ~7 s with a 2.94 % false acceptance rate and a 2.28 % false rejection rate.

Abstract

In the current intranet environment, information is becoming more readily accessed and replicated across a wide range of interconnected systems. Anyone using the intranet computer may access content that he does not have permission to access. For an insider attacker, it is relatively easy to steal a colleague’s password or use an unattended computer to launch an attack. A common one-time user authentication method may not work in this situation. In this paper, we propose a user authentication method based on mouse biobehavioral characteristics and deep learning, which can accurately and efficiently perform continuous identity authentication on current computer users, thus to address insider threats. We used an open-source dataset with ten users to carry out experiments, and the experimental results demonstrated the effectiveness of the approach. This approach can complete a user authentication task approximately every 7 seconds, with a false acceptance rate of 2.94% and a false rejection rate of 2.28%.

References

Page 1

	Year	Citations

Page 1