Research

Mouse Dynamics Behavioral Biometrics: A Survey

7 min. czytania

Pobierz PDF

Mouse Dynamics Behavioral Biometrics: A Survey

Metadane

Streszczenie

This comprehensive survey examines mouse dynamics and widget interactions as behavioral biometric modalities for user authentication. The paper synthesizes 123 research papers spanning from 1897 to 2023, establishing mouse dynamics as an inexpensive, unobtrusive alternative to physiological biometrics. Unlike facial recognition or fingerprints that require specialized hardware, mouse dynamics leverage existing computer infrastructure by analyzing how users interact with GUI elements through movement patterns, speed, acceleration, and other trajectory features.

The authors contextualize mouse dynamics within human psychology, drawing on experimental psychology theories such as Fitts’ law (predicting movement time based on distance and target width) and Hick’s law (relating response time to decision complexity). These foundational concepts explain why individual mouse behavior patterns are unique and difficult to impersonate. The survey demonstrates that mouse dynamics can achieve excellent authentication performance (FAR < 1% in many studies) while remaining completely transparent to users during normal computer operations.

Widget interactions, a closely related but distinct modality, extend authentication to include what users interact with (buttons, icons, widgets) alongside how they interact with these elements. This combination provides additional discriminative features beyond pure mouse movement analysis, though the two modalities are often studied together or independently depending on the application context.

Kluczowe Wnioski

  • Mouse dynamics is a mature behavioral biometric modality with over two decades of research showing consistently high authentication performance (EER often below 5%)
  • Deep learning approaches (CNN, LSTM, neural networks) are emerging as superior alternatives to traditional machine learning methods, with some models achieving near-perfect authentication rates
  • Data collection methodology significantly impacts system performance: completely free data collection more accurately reflects real-world user behavior compared to fixed static sequences
  • No standardized benchmarking across public datasets exists, limiting direct comparisons between research efforts and reducing generalizability
  • Widget interactions represent an underexplored but promising extension that can provide superior discrimination by incorporating GUI context
  • Psychological foundations from HCI research (Fitts’ and Hick’s laws) remain largely unexploited despite high potential for feature engineering and system improvement
  • Interoperability and device variation pose significant challenges, with different mice, screen resolutions, and computing environments affecting authentication reliability
  • Mouse dynamics is unlikely to serve as a primary authentication modality alone but shows promise as a complementary multi-modal authentication method

Metodologia

The survey employed systematic literature review methodology, collecting papers via Google Scholar using targeted search queries (“mouse authentication” AND “survey”, “mouse dynamics” AND various security-related terms). Papers were selected using dual criteria: papers with high citation count (>50 citations) and recent papers (post-2015) with lower citations. The final corpus of 123 papers was analyzed across multiple dimensions including data collection tasks, feature extraction methods, public datasets, algorithmic approaches (statistical, machine learning, deep learning), fusion techniques, and performance metrics.

Główne Koncepcje

  • Behavioral Biometrics: Authentication based on unique behavioral patterns rather than physiological characteristics, including mouse dynamics, keystroke dynamics, gait, and online widget interactions
  • Mouse Dynamics: Quantitative analysis of mouse movement patterns including velocity, acceleration, curvature, jitter, and trajectory characteristics
  • Mouse Actions: Aggregated behaviors combining raw mouse events into meaningful units: Mouse Movement (MM), Drag-and-Drop (DD), Point-and-Click (PC), Click (C), and Scroll (S)
  • Features: Mathematical descriptors extracted from raw mouse data, including temporal features (elapsed time), spatial features (traveled distance, deviation), kinematic features (velocity, acceleration, curvature), and statistical features (mean, standard deviation, skewness, kurtosis)
  • Widget Interactions: Authentication based on spatio-temporal and temporal characteristics of user interactions with specific GUI components (buttons, icons, dialogs, windows)
  • Continuous Authentication: Real-time verification of user identity throughout a session, as opposed to single-factor authentication at login
  • Fitts’ Law: Fundamental principle relating movement time to distance and target size, applicable to mouse authentication feature engineering
  • Hick’s Law: Principle relating decision response time to number of choices, with potential applications to widget interaction authentication

Wyniki

The survey demonstrates that mouse dynamics authentication has evolved from simple distance metrics to sophisticated deep learning approaches:

Performance Summary: Best-performing systems achieve False Acceptance Rate (FAR) < 1% with False Rejection Rate (FRR) < 1% in controlled scenarios. On open datasets like Balabit, performance ranges from EER 0.1% to 18.8% depending on algorithm and experimental design.

Algorithm Effectiveness: Deep learning models (CNN, LSTM, neural networks) increasingly outperform traditional machine learning approaches. For example, 2D-CNN achieved AUC 0.96 and EER 0.10 on Balabit dataset, while top machine learning classifiers achieved AUC around 0.89-0.99.

Data Collection Impact: Completely free data collection yields more realistic authentication performance than fixed static sequences or controlled laboratory settings. Studies using completely free collection show good generalization to real-world deployment scenarios.

Feature Importance: Mouse movement (MM) features dominate most systems, with trajectory-based features (velocity, acceleration, curvature) proving most discriminative. Widget-specific features add modest but measurable improvement in some systems.

Scalability: System performance stabilizes around 22 genuine users, with error rates remaining relatively constant as user population increases beyond this threshold.

Przydatne Cytaty

“Behavioral biometric modalities such as mouse dynamics…can bolster the security of existing authentication systems because of their ability to distinguish an individual based on their unique features. As a result, it can be difficult for an imposter to impersonate these behavioral biometrics, making them suitable for authentication.” (p. 1)

“Unlike existing knowledge-based authentication, such as passwords, that are based on ‘what you know’, these behavioral biometrics verify a user’s identity based on ‘what you are’.” (p. 2)

“From the empirical perspective, conducting experiments should be geared towards more realistic approaches, such as app agnostic or completely free data collection, to represent the authentic behavior of a user.” (p. 8)

“Deep learning models outperformed the machine learning models in accuracy, with ANN performing the best out of all of them.” (p. 19)

“Mouse dynamics is unlikely for mouse dynamics to act as a primary authentication modality alone. Therefore, future work is needed to investigate how mouse dynamics may complement other identification and authentication methods.” (p. 27)

Datasety

The survey identifies 8 publicly available mouse dynamics datasets:

  • Chaoshen-1: 58 subjects, 17.4k samples per user (fixed static sequence)
  • Chaoshen-2: 28 subjects, 90k mouse actions over 30 sessions (app agnostic semi-controlled)
  • ISOT: 48 subjects, 45 sessions per user for 9 weeks / 284 hours raw data (completely free)
  • Balabit: 10 subjects, avg 937 training actions, avg 50 test actions (completely free)
  • DFL: 21 subjects, 1k mouse actions (completely free)
  • BB-MAS: 117 subjects with mouse, typing, gait, swipe data (fixed static sequence)
  • TWOS: 24 subjects, 320 hours active participation with imposter and insider attack data (app restricted continuous)
  • Minecraft Dataset: 10-40 subjects, 20 minutes raw data per user (fixed static sequence)

Powiązane Tematy

  • Keystroke dynamics and other behavioral biometrics
  • Multi-modal authentication fusion
  • Human-Computer Interaction (HCI) principles and design
  • Experimental psychology: Fitts’ law and Hick’s law
  • Machine learning and deep learning algorithms
  • Continuous authentication systems
  • Security and privacy in computer systems
  • Intrusion detection and insider threat detection
  • Spoof attacks and adversarial robustness
  • GUI-based authentication systems
  • Biometric template protection and privacy
  • Touchscreen and touchpad authentication
  • Gait recognition and other behavioral modalities

Notatki

The survey reveals several important research gaps and opportunities. Psychology has been largely ignored in behavioral biometric research despite offering significant potential through foundational concepts like Fitts’ and Hick’s laws. No comprehensive benchmarking framework exists across public datasets, limiting direct algorithm comparison. The field would benefit from standardized evaluation protocols, investigation of device interoperability effects, exploration of Fitts’ law applications to authentication, and research on extending mouse dynamics to modern input devices (trackpads, touchscreens, touch panels on mobile devices). Additionally, mouse dynamics would benefit from formal investigation of complementary authentication scenarios, particularly as second factors in multi-factor authentication schemes where it could provide continuous re-authentication without user burden.

The papers identifies challenges including: data interoperability issues across different computer/mouse/screen combinations, lack of psychology-informed feature engineering, absence of standardized public benchmarks, need for intra-subject and inter-subject variability studies, vulnerability to synthetic data attacks and replay attacks, and unclear real-world deployment scenarios. Future work should investigate trackpad-based authentication (increasingly common on laptops), touchscreen and mobile device authentication, and formal multi-modal fusion approaches combining mouse dynamics with other authentication factors.

Elementów w folderze: 0.