A Dynamic Authentication Mechanism for Real-Time Network Security

Computers networks are only as secure as the weakest computer system attached to them. Thus, the authentication method used by computers on the network affects its safety. Static authentication methods are applied only once at the beginning of a user session. Unfortunately, these methods provide no protection from the interactions a user has after they are logged on and using the system. An ongoing dynamic authentication supplements an intrusion detection system by recognizing a masquerader, or a legitimate user´s change of intent. In this paper, we statistically analyze the underlying distributions of the time between user commands and develop an analytic model that emulates the underlying mathematical properties of user behaviors. From this, we show how the probabilities of users executing a sequence of commands during a session can be ascertained. Finally, via our experimental results, we show how the efficacy of dynamic authentication schemes in networked computing environments can be improved by incorporating our techniques.