dc.contributor.author |
Dlamini, Thandokuhle M
|
|
dc.contributor.author |
Eloff, JHP
|
|
dc.contributor.author |
Venter, HS
|
|
dc.contributor.author |
Eloff, MM
|
|
dc.contributor.author |
Henha Eyono, RPS
|
|
dc.contributor.author |
Mosola, NN
|
|
dc.date.accessioned |
2017-10-25T12:43:52Z |
|
dc.date.available |
2017-10-25T12:43:52Z |
|
dc.date.issued |
2017-09 |
|
dc.identifier.citation |
Dlamini, T.M. et al. 2017. Behavioural analytics: Beyond risk-based MFA. SATNAC 2017, 3-10 September 2017, Freedom of the Seas Cruise Liner operated by Royal Caribbean International; Spain, France, Italy |
en_US |
dc.identifier.uri |
http://www.satnac.org.za//proceedings/2017/SATNAC%202017%20Proceedings%20Final.pdf
|
|
dc.identifier.uri |
http://hdl.handle.net/10204/9689
|
|
dc.description |
Paper presented at SATNAC 2017, 3-10 September 2017, Freedom of the Seas Cruise Liner operated by Royal Caribbean International; Spain, France, Italy |
en_US |
dc.description.abstract |
This paper investigates how to effectively stop an attacker from using compromised user credentials to gain authorized entry to systems that they are otherwise not authorised to access. The proposed solution extends previous work to move beyond a risk-based multi-factor authentication system. It adds a behavioural analytics component that uses keystroke dynamics to grant or deny users access. Given the increasing number of compromised user credential stores, we make the assumption that criminals already know the user credentials. Hence, to test our solution, users were given authentic user credentials and asked to login to our proof-of-concept. Despite the fact that all illegitimate users in our test cases were given the correct user credentials for legitimate users, none of these were granted access by the system. This demonstrates zero-tolerance to false positives. The results demonstrate the uniqueness of keystroke dynamics and its use to prevent users with stolen credentials from accessing systems they are not authorized to access. |
en_US |
dc.language.iso |
en |
en_US |
dc.relation.ispartofseries |
Worklist;19530 |
|
dc.relation.ispartofseries |
Worklist;19527 |
|
dc.subject |
Behavioural analytics |
en_US |
dc.subject |
Risk-based MFA |
en_US |
dc.subject |
Cybersecurity |
en_US |
dc.title |
Behavioural analytics: Beyond risk-based MFA |
en_US |
dc.type |
Conference Presentation |
en_US |
dc.identifier.apacitation |
Dlamini, T. M., Eloff, J., Venter, H., Eloff, M., Henha Eyono, R., & Mosola, N. (2017). Behavioural analytics: Beyond risk-based MFA. http://hdl.handle.net/10204/9689 |
en_ZA |
dc.identifier.chicagocitation |
Dlamini, Thandokuhle M, JHP Eloff, HS Venter, MM Eloff, RPS Henha Eyono, and NN Mosola. "Behavioural analytics: Beyond risk-based MFA." (2017): http://hdl.handle.net/10204/9689 |
en_ZA |
dc.identifier.vancouvercitation |
Dlamini TM, Eloff J, Venter H, Eloff M, Henha Eyono R, Mosola N, Behavioural analytics: Beyond risk-based MFA; 2017. http://hdl.handle.net/10204/9689 . |
en_ZA |
dc.identifier.ris |
TY - Conference Presentation
AU - Dlamini, Thandokuhle M
AU - Eloff, JHP
AU - Venter, HS
AU - Eloff, MM
AU - Henha Eyono, RPS
AU - Mosola, NN
AB - This paper investigates how to effectively stop an attacker from using compromised user credentials to gain authorized entry to systems that they are otherwise not authorised to access. The proposed solution extends previous work to move beyond a risk-based multi-factor authentication system. It adds a behavioural analytics component that uses keystroke dynamics to grant or deny users access. Given the increasing number of compromised user credential stores, we make the assumption that criminals already know the user credentials. Hence, to test our solution, users were given authentic user credentials and asked to login to our proof-of-concept. Despite the fact that all illegitimate users in our test cases were given the correct user credentials for legitimate users, none of these were granted access by the system. This demonstrates zero-tolerance to false positives. The results demonstrate the uniqueness of keystroke dynamics and its use to prevent users with stolen credentials from accessing systems they are not authorized to access.
DA - 2017-09
DB - ResearchSpace
DP - CSIR
KW - Behavioural analytics
KW - Risk-based MFA
KW - Cybersecurity
LK - https://researchspace.csir.co.za
PY - 2017
T1 - Behavioural analytics: Beyond risk-based MFA
TI - Behavioural analytics: Beyond risk-based MFA
UR - http://hdl.handle.net/10204/9689
ER -
|
en_ZA |