There are billions of mobile phones and computers in use globally. The value of these devices cannot be measured only by their retail price. They hold invaluable data of individuals, organizations, military, and governments. Therefore, the security of these devices should not be limited to authentication and authorization mechanism. Post authentication techniques to detect intruders are an absolute necessity in these systems.
Some of the frequently used
authentication mechanisms are passwords or a PIN, fingerprints, or face
recognition. however, attackers have already found loopholes in these
mechanisms and these devices remain vulnerable to intruders. Attackers are
often capable of cracking passwords and pins by brute force attacks, social
engineering techniques, or by just simply shoulder surfing. It has proven
multiple times that a mare scotch tape or lipstick can be used to recreate a
fingerprint and bypass the authentication. Furthermore, Face recognition is
proven to be bypassed by 3D printed masks or deep fakes. Besides these
authentication mechanisms have little to do in case of a remote access attack.
In addition, the main contributing factor for these systems being vulnerable
regardless of a strong authentication mechanism is the Human Error. It is founded
in an IBM study that 95% of the time Human Error is the main reason for
security breaches. In most cases it is due to users of these systems does not
fully comprehend the value or the importance of these security measures. On the
other hand, people tend to completely ignore the authentication mechanisms and
remove these security options due to its requirement of continuous user input
every time a user logs in.
By using multiple authentication
mechanisms and combinations of what user know or have with biometric
identification, can mitigate the risk of an intruder attack up to some level.
However, as stated above these mechanisms are bypassable. Anti-spyware and
virus guards can be installed on these devices in case of a remote access
attack. Furthermore, conducting awareness programs and educating people on
social engineering attacks and the importance of currently available security
measures is effective as well. However, regardless of these detection,
prevention, and mitigation methods, frequent data intrusion attacks leading to
data breaches can be seen in these devices.
A much suitable solution for this
problem would be a post-authentication mechanism to detect an intruder. My
bachelor's research was based on this concept and me and my team researched
intruder detection through user behavior on mobile devices. Patterns of user
behavior such as keystroke dynamics, Application usage, and geolocation details
can be used to differentiate normal from anomalous behavior. The same concept
can be applied to computer systems as well. A training period should be given
to the behavioral analysis system to collect data and train the algorithms.
Thereafter the process would run in the background monitoring the user behavior
continuously and would not interrupt a user other than when an anomaly is
detected. In the case of such an incident, the data of the device can be
encrypted automatically. By using this mechanism users would not be interrupted
or have to provide any input. Even though an attacker could bypass the
authentication mechanisms, the device would still be able to detect irregular
behavior. Monitoring user behavior patterns would also be useful in remote
access attacks as well.
This system would need both high
storage capacity and processing power in the devices. Therefore partial
installation should be done in a cloud platform that can store and process the
collected data. This post-authentication intrusion detection system is proposed
to embed as an inbuilt application in computer and mobile devices.
References
Chandrasekara P., Abeywardana H., Rajapaksha S.,
Parameshwaran S., Yapa Abeywardana K. (2020) Behavior and Biometrics Based
Masquerade Detection Mobile Application. In: Arai K., Kapoor S., Bhatia R.
(eds) Intelligent Computing. SAI 2020. Advances in Intelligent Systems and
Computing, vol 1230. Springer, Cham.
https://doi.org/10.1007/978-3-030-52243-8_32
No comments:
Post a Comment