An empirical evaluation of online continuous authentication and anomaly detection using mouse clickstream data analysis

Abstract

While the password-based authentication used in social networks, e-mail, e-commerce, and online banking is vulnerable to hackings, biometric-based continuous authentication systems have been used successfully to handle the rise in unauthorized accesses. In this study, an empirical evaluation of online continuous authentication (CA) and anomaly detection (AD) based on mouse clickstream data analysis is presented. This research started by gathering a set of online mouse-dynamics information from 20 participants by using software developed for collecting mouse infor-mation, extracting approximately 87 features from the raw dataset. In contrast to previous work, the efficiency of CA and AD was studied using different machine learning (ML) and deep learning (DL) algorithms, namely, decision tree classifier (DT), k-nearest neighbor classifier (KNN), random forest classifier (RF), and convolutional neural network classifier (CNN). User identification was deter-mined by using three scenarios: Scenario A, a single mouse movement action; Scenario B, a single point-and-click action; and Scenario C, a set of mouse movement and point-and-click actions. The results show that each classifier is capable of distinguishing between an authentic user and a fraud-ulent user with a comparatively high degree of accuracy.