Hardware and User Profiling for Multi-factor Authentication
Most software applications rely on the use of user-name and passwords to authenticate end users. This form of authentication, although used ubiquitously, is widely considered unreliable due to the users inability to keep them secret; passwords being prone to dictionary or rainbow-table attacks; as well as the ease with which social engineering techniques can obtain passwords. This can be mitigated by combining a variety of diferent authentication mechanisms, for example biometric authentication such as fingerprint recognition or physical tokens such as smart cards. The resulting multifactor authentication is typically stronger than any of the techniques used individually. However, it may still be expensive or prohibited to implement and more dificult to deploy due to additional accessories cost, e.g, finger print reader. Multi-modal biometric systems are those which utilise or are capable of utilising, more than one physiological or behavioural characteristic for enrolment, verification, or identification. So, in this research we present a multi-factor authentication scheme that is based on the user's own hardware environment, e.g. laptop with fingerprint reader, thus avoiding the need of deploying tokens and readily available biometrics, e.g., user keystrokes. The aim is to improve the reliability of the authentication using a multi-factor approach without incurring additional cost or making the deployment of the solution overly complex. The presented approach in this research uses unique sequential hardware information available from the user's environment to profile user behaviour. This approach improves upon password mechanisms by introducing a novel Hardware Authentication and User Profiling (HAUP) in form of Multi-Factor Authentication MFA that can be easily integrated into the traditional authentication methods. In addition, this approach observes the advantage of the correlation between user behaviour and hardware environment as an implicit veri_cation identity procedure to discriminate username and password usage, in particular hardware environment by specific pattern. So, the proposed approach uses hardware information to profile the user's environment when user-name and password are typed as part of the log-in process. These Hardware Manufacture Serial Part Numbers (HMSPNs) profiles are then correlated with the users behaviour, e.g., key-stroke behaviour that allows the system to profile user's behaviour dependent on their environment. As a result of this approach, the access control system can determine a particular level of trust for each user and base access control decisions on it in order to reduce potential identity fraud.
- PhD