Special Offers
- Acquire a Source of Open Access (OA) APC Funding for Your Institution Through
  IGI Global's OA Fee Waiver (Offset Model) Initiative
  For any library that invests in IGI Global's InfoSci-Books and/or InfoSci-Journals databases, IGI Global will match the library’s investment with a fund of equal value to go toward subsidizing the OA APCs for their faculty patrons when their work is submitted/accepted under OA into an IGI Global journal.
  Learn More
- Subscribe to the Latest Research Through IGI Global's InfoSci-OnDemand Plus
  InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 100,000+ peer-reviewed book chapters and 25,000+ scholarly journal articles that spans across 350+ topics in 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.
  Subscribe
- Purchase the Encyclopedia of Information Science and Technology, Fourth Edition
  and Receive Complimentary E-Books of Previous Editions
  When ordering directly through IGI Global's Online Bookstore, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.
  Purchase
- Create a Free IGI Global Library Account to Receive an Additional 5% Discount on All Purchases
  Exclusive benefits include one-click shopping, flexible payment options, free COUNTER 5 reports and MARC records, and a 5% discount on single all titles, as well as the award-winning InfoSci^®-Databases.
  Sign Up Now!
- Receive a 20% Discount on All Publications Purchased Through
  IGI Global’s Online Bookstore
  This discount cannot be combined with any other offer and is only valid when purchasing directly through IGI Global. (Exclusion of select titles and products may apply).
  Browse Publications
Books
Journals
InfoSci^®-Databases
Articles/Chapters
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - Fair Use Policy
  - Open Access Publishing
  - Editorial Services
  - FAQ
Catalogs
About Us
Newsroom

A Novel Software System Protection Scheme Based on Behavior and Context Monitoring

Shen Fu (Iowa State University, USA), Mathew L. Wymore (Iowa State University, USA), Ting-Wei Chang (Iowa State University, USA) and Daji Qiao (Iowa State University, USA)

Source Title: International Journal of Systems and Software Security and Protection (IJSSSP) 10(1)

DOI: 10.4018/IJSSSP.2019010102

OnDemand PDF Download:

$37.50

Abstract

The restriction of access to software systems is more important than ever. Yet, most primary authentication methods are still largely based on passwords, which are vulnerable to various attacks such as phishing scams and keyloggers. Advanced methods of behavior-based authentication exist, but most are platform-specific and are not generally applicable. In this article, the authors propose a generic continuous authentication scheme for software systems, which supplements existing authentication schemes and works as an auxiliary layer to provide additional protection against impostors. The kernel of their scheme is a novel monitoring engine that detects impostors in real-time based on behavior and context information. The authors evaluate their scheme on a dataset consisting of real users' historical records provided by their industrial partner, and the results demonstrate that the approach achieves a high classification accuracy with only a short delay in detection, allowing for real-time, continuous authentication.

Article Preview

Top

Introduction

Motivation

News stories about security and data breaches of software systems have become commonplace. Yet companies and individuals continue to store an increasing amount of critical information on particularly vulnerable systems, such as web services. Therefore, restricting access to software systems is more important than ever. However, many of these systems are accessible from anywhere in the world and are protected with only a password.

But passwords are becoming more vulnerable as the Internet grows and attacking schemes such as phishing scams and keyloggers become more prevalent. Even the most secure password-based system can be easily hacked if a malicious individual obtains the login information of a legitimate user, or physically accesses an unattended device with an active user session. Therefore, the authors are motivated to seek innovative user authentication schemes for software systems that can provide security beyond passwords, especially for those vulnerable cloud systems. Furthermore, these schemes should be as generic as possible in order to be applicable to a wide range of systems.

Complete Article List

Search this Journal:

Reset

Open Access Articles: Forthcoming

Volume 11: 2 Issues (2020): Forthcoming, Available for Pre-Order

Volume 10: 2 Issues (2019): 1 Released, 1 Forthcoming

Volume 9: 4 Issues (2018)

View Complete Journal Contents Listing

MLA

APA

Chicago

Export Reference

A Novel Software System Protection Scheme Based on Behavior and Context Monitoring

Abstract

Introduction

Motivation

Complete Article List