The fragility of password-based authentication has been recognized and studied for several decades. It is an increasingly common industry practice to profile users based on their sessions context, such as IP ranges and Browser type in order to build a risk profile on an incoming authentication attempt. On the other hand, behavioral dynamics such as mouse and keyword features have been proposed in the scientific literature order to improve authentication, but have been shown most effective in continuous authentication scenarios. In this paper we propose to combine both fingerprinting and behavioral dynamics (for mouse and keyboard) in order to increase security of login mechanisms. We do this by using machine learning techniques that aim at high accuracy, and only occasionally raise alarms for manual inspection. We evaluate our approach on a dataset containing mouse, keyboard and session context information of 24 users and simulated attacks. We show that while context analysis and behavioural analysis on their own achieve around 0.7 accuracy on this dataset, a combined approach reaches up to 0.9 accuracy using a linear combination of the outcomes of the single models.

基于密码的身份验证的脆弱性已经被认识并研究了数十年。根据用户的会话上下文（例如IP范围和浏览器类型）对用户进行配置文件，以基于传入的身份验证尝试建立风险配置文件，这是一种越来越普遍的行业惯例。另一方面，在科学文献中已经提出了诸如鼠标和关键字特征之类的行为动态，以改善身份验证，但是在连续身份验证场景中，这种行为动态已被证明是最有效的。在本文中，我们建议将指纹和行为动力学（用于鼠标和键盘）结合起来，以提高登录机制的安全性。我们通过使用针对高精度的机器学习技术来做到这一点，并且仅偶尔发出警报以进行手动检查。我们对包含24个用户的鼠标，键盘和会话上下文信息以及模拟攻击的数据集评估我们的方法。我们显示，虽然上下文分析和行为分析本身在该数据集上实现了约0.7的准确性，但使用单个模型的结果的线性组合，组合的方法可以达到0.9的准确性。