| In recent years, Attacks from internal staff have brought great harm to many companies, organizations and government agencies. One of the most commonly used means of internal threats is identity spoofing attack, it is very difficult to detect. Therefore, it has great practical significance to study how to detect identity spoofing attack.Secure instant messaging system is our project, and it is a subsystem of the government of Hubei provincial e-government system, whose information security is one of the core issues of e-government. This system's existing authentication methods including USB Key and dynamic rations certification, which can only be a one-time pre-authentication, Existing continuous authentication technology ubiquitous long certification period, large amount of data, scenarios and other issues is limited, and it can't be real-time authentication. But a malicious insider just needs little operating within a few seconds can destroy the computer of other employees, such as implanting Trojan horses, sending e-mail, copying files, etc.To improve the security of instant messaging system status detection technology, and in order to solve the problem of existing continuous authentication technologies need much time, this paper proposes a method of authentication based on intervention scene. Constructing dynamic authentication scenarios by injecting mouse cursor unusual events to capture user's mouse behavior under abnormal scenarios to authentication at the right time, such as trying to enter key positions, security software detecting an abnormal, etc.To solve the problem of small amount of data susceptible to be effected by mood, fatigue, hardware changes and other factors. This paper puts forward a method of authentication based on fixed scenes which is built by memory game. When continuous authentication based on dynamic scenes are abnormal, the system will guide the user authentication based on fixed scene.Applying to a secure instant messaging system combined authentication based on dynamic scene and fixed scenes. An identity verification experiment, in which 10 participants were involved, showed that the performance of proposed method was encouraging with FAR of 3.35% and FRR of 2.87% and authentication time of 5.6s for authentication based on dynamic scenes. The performance of authentication based on fixed scenes is that the FAR is 3.0% and the FRR is 0.97% and the time is 13.8s.This experiment shows that the method is not only used for any application but also is real-time, and it has a better accuracy. |
PDF Full Text Request