Active authentication using scrolling behaviors

This paper addresses active authentication using scrolling behaviors for biometrics and assesses different classification and clustering methods that leverage those traits. The dataset used contained event-driven temporal data captured through monitoring users´ reading habits. The derived feature set is mainly composed of users´ scrolling events and their derivatives (changes) and 5-gram sequencing of scrolling events to increase the number of feature extracted and their context. Classification performance in terms of both accuracy and Area under the Curve (AUC) for Receiver Operating Characteristic (ROC) curve is first reported using several classification methods including Random Forests (RF), RF with SMOTE (for unbalanced dataset) and AdaBoost with Decision Stump and ADTree. The best performance was obtained, however, using k-means clustering with two methods used to authenticate users: simple ranking and profile standard error filtering, with the latter achieving a success rate of 83.5%. Our use of k-means represents a novel non-intrusive approach of active and continuous re-authentication to counter insider-threat. Our main contribution comes from the features considered and their coupling to k-means to create a novel state-of-the art active user re-authentication method.