Title: A Novel Biometric Scheme for Risk-Based Authentication in Web Environments
Professor Mohammad S. Obaidat
IEEE Fellow and SCS Fellows
Past President, The Society for Modeling and Simulation International (SCS)
Past Advisor to the President of Philadelphia University for Research, Development and Information Technology
Past Chairman of the Computer Science & Software Engineering Department and Director of the Graduate Program, Monmouth University, NJ, USA
Editor-in-Chief, Wiley International Journal of Communication Systems
Editor-in-Chief, Journal of Information Processing
Editor-in-Chief, FTRA Journal of Convergence
Distinguished Lecturer of ACM (1995-Present)
Distinguished Lecturer of SCS (2006-Present)
Distinguished Speaker of IEEE Communications Society (2013-Presnet)
Distinguished Speaker of IEEE Computer Society (1994-1997)
http://www.theobaidat.com/; or http://bluehawk.monmouth.edu/mobaidat/
Existing risk-based authentication systems rely on basic web communication information such as the source IP address or the velocity of transactions performed by a specific account, or originating from a certain IP address. Such information can easily be spoofed, and as such, put in question the robustness and reliability of the proposed systems.
Risk-based authentication can be applied from two different perspectives: proactively and reactively. When applied proactively, risk-based authentication can be integrated with the login process and used to block from the beginning access to users flagged as risky. In contrast, reactive risk-based authentication can be used to identify and revert ongoing or completed transactions considered as risky.
Although proactive risk-based authentication may be considered as more desirable than reactive risk-based authentication, the cost of a misclassification error is far greater in the former than in the latter. In other words, more stringent accuracy requirements underlie proactive approaches compared to reactive ones. Actually, each category is adequate for specific scenarios. While proactive risk based authentication is important in situations where confidentiality is essential such as in military or intelligence transactions, reactive risk-based authentication may be enough in situations where integrity is the primary concern. For instance, in online banking transactions, malicious transactions (e.g. illegal transfer between accounts) can be reverted (immediately) by the end of the session if the user is classified as risky.
In this talk, we propose a new online biometric risk-based authentication system that provides more robust user identity information by combining mouse dynamics and keystroke dynamics biometrics in a multimodal framework. Experimental evaluation of our proposed model with 24 participants yields an Equal Error Rate of 8.21%, which is promising considering that we are dealing with free text and free mouse movements, and the fact that many web sessions tend to be very short. Moreover, we believe this performance is adequate for reactive risk-based authentication, where the goal is not to prevent the user from using the system, but rather to identify malicious sessions and trigger appropriate risk mitigation measures.
Biography: Mohammad S. Obaidat (IEEE Fellow and SCS Fellow) is an internationally well-known academic/researcher/ scientist. He received his Ph.D. and M. S. degrees in Computer Engineering with a minor in Computer Science from The Ohio State University, Columbus, Ohio, USA. Dr. Obaidat is currently a full Professor of Computer Science at Monmouth University, NJ, USA. Among his previous positions are Advisor to the President of Philadelphia University for Research, Development and IT, President of SCS, Chair of the Department of Computer Science and Director of the Graduate Program at Monmouth University and a faculty member at the City University of New York. He has received extensive research funding and has published over Fifteen (15) books and over Five Hundred and Sixty (560) refereed technical articles in scholarly international journals and proceedings of international conferences, and currently working on three more books. Professor Obaidat has served as a consultant for several corporations and organizations worldwide.
Mohammad is the Editor-in-Chief of 3 scholarly journals and is also an editor, advisory editor of numerous international journals and transactions including IEEE journals/transactions. He has chaired numerous international conferences and given numerous keynote speeches all over the world. He has guest edited numerous special issues of scholarly journals such as IEEE Transactions on Systems, Man and Cybernetics, SMC, IEEE Wireless Communications, IEEE Systems Journal, SIMULATION: Transactions of SCS, Elsevier Computer Communications Journal, Journal of C & EE, Wiley Security and Communication Networks, Journal of Networks, and International Journal of Communication Systems, among others. Obaidat has served as the steering committee chair, advisory Committee Chair and program chair of numerous international conferences.
He is the founder of two well-known international conferences: The International Conference on Computer, Information and Telecommunication Systems (CITS) and the International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS). He is also the co-founder of the International Conference on Data Communication Networking, DCNET.
Between 1994-1997, Obaidat has served as distinguished speaker/visitor of IEEE Computer Society. Since 1995 he has been serving as an ACM distinguished Lecturer. He is also an SCS distinguished Lecturer. Between 1996-1999, Dr. Obaidat served as an IEEE/ACM program evaluator of the Computing Sciences Accreditation Board/Commission, CSAB/CSAC. He has served as the Scientific Advisor for the World Bank/UN Digital Inclusion Workshop- The Role of Information and Communication Technology in Development. Between 1995-2002, he has served as a member of the board of directors of the Society for Computer Simulation International. Between 2002-2004, he has served as Vice President of Conferences of the Society for Modeling and Simulation International SCS. Between 2004-2006, Prof. Obaidat has served as Vice President of Membership of the Society for Modeling and Simulation International SCS. Between 2006-2009, he has served as the Senior Vice President of SCS. Between 2009-2011, he served as the President of SCS.
Prof. Obaidat received several best papers awards for his papers selected as best papers in IEEE International Conferences including best paper awards in IEEE AICCSA 2009, IEEE GLOBCOM 2009, and DCNET 2011 international conferences. Prof. Obaidat has been awarded a Nokia Research Fellowship and the distinguished Fulbright Scholar Award. He received the SCS Outstanding Service Award for his excellent leadership, services and technical contributions. Dr. Obaidat received very recently the Society for Modeling and Simulation Intentional (SCS) prestigious McLeod Founder's Award in recognition of his outstanding technical and professional contributions to modeling and simulation. He received in Dec 2010, the IEEE ComSoc- GLOBECOM 2010 Outstanding Leadership Award for his outstanding leadership of Communication Software Services and Multimedia Applications Symposium, CSSMA 2010. He received very recently the Society for Modeling and Simulation International's (SCS) prestigious Presidential Service Award for his outstanding unique, long-term technical contributions and services to the profession and society.
He has been invited to lecture and give keynote speeches worldwide. His research interests are: wireless communications and networks, security of communication networks, information and computer systems, security of e-based systems, telecommunications and Networking systems, performance evaluation of computer systems, algorithms and networks, green ICT, high performance and parallel computing/computers, applied neural networks and pattern recognition, adaptive learning and speech processing. During the 2004/2005, he was on sabbatical leave as Fulbright Distinguished Professor and Advisor to the President of Philadelphia University in Jordan, Dr. Adnan Badran. The latter became the Prime Minister of Jordan in April 2005 and served earlier as Deputy Director General of UNESCO. Prof. Obaidat is a Fellow of the Society for Modeling and Simulation International SCS, and a Fellow of the Institute of Electrical and Electronics Engineers (IEEE). For more information: http://bluehawk.monmouth.edu/mobaidat/.