Quality-Driven Fusion of Contextual and Behavioral Scoring for Risk-Based Authentication

Authors

DOI:

https://doi.org/10.31649/1997-9266-2026-186-3-61-69

Keywords:

risk-based authentication, contextual login features, behavioral biometric features, keystroke dynamic, behavioral pattern quality assessment, risk assessment fusion, threshold decision-making, additional verification, access control, information security

Abstract

The article considers improving the efficiency of risk-based authentication during system login by combining two data sources: contextual features of the login attempt and behavioral biometric features generated based on the dynamics of keystrokes. It is shown that traditional approaches to combining contextual and behavioral scoring often do not take into account the quality of the behavioral sample, although it is it that significantly affects the reliability of the final decision. This is especially important for the practical application of RBA, where even a slight shift in the risk assessment can lead either to unreasonably complicating the login for a legitimate user or to reducing the system's ability to timely detect suspicious access attempts. Autofill fields, short passwords, event skipping, differences between input devices, changing keyboard layouts, browser features, and other factors can reduce the reliability of the behavioral channel and increase the frequency of false positives. In this regard, an approach is proposed in which the contribution of behavioral features to the final risk assessment is determined taking into account the quality of the received sample. A formal model of merging contextual and behavioral risk assessments has been developed, as well as an algorithm for setting decision thresholds for the modes of allowing access, additional verification, and denial of access. Experimental verification was performed on synthetic data and the open CMU Keystroke Dynamics Benchmark set. Comparison with basic fusion schemes showed that taking into account the quality of the sample allows for more adaptive use of the behavioral channel depending on the degree of its informativeness. The results obtained showed that the proposed approach allows for reducing the number of unnecessary additional checks without deteriorating the controlled level of security, and in conditions of low quality of behavioral data provides an even more tangible gain. The proposed solution is focused on increasing the stability of authentication without excessively increasing the load on the user. This confirms the feasibility of explicitly considering the quality of the behavioral pattern when building risk-based authentication systems and configuring their decision-making rules.

Author Biography

D. P. Kurnitskiy, Vinnytsia National Technical University

Post-Graduate Student of the Chair of Automation and Intelligent Information Technologies

References

ISO/IEC 29794-1:2016, Information technology – Biometric sample quality - Part 1: Framework. Geneva: International Organization for Standardization, 2016. [Electronic resource]. Available: https://www.iso.org/standard/66632.html .

C. Guo, G. Pleiss, Y. Sun, and K. Q. Weinberger, “On Calibration of Modern Neural Networks,” in Proceedings of the 34th International Conference on Machine Learning, Proceedings of Machine Learning Research, vol. 70, 2017, pp. 1321-1330. [Electronic resource]. Available: http://proceedings.mlr.press/v70/guo17a.html .

X. Tong, Y. Feng, and J. J. Li, “Neyman-Pearson classification algorithms and NP receiver operating characteristics,” Science Advances, vol. 4, no. 2, Art. pp. 1659, 2018. https://doi.org/10.1126/sciadv.aao1659 .

H. Khan, U. Hengartner, and D. Vogel, “Mimicry Attacks on Smartphone Keystroke Authentication,” ACM Transactions on Privacy and Security, vol. 23, no. 1, Art. 2, pp. 1-34, 2020. https://doi.org/10.1145/3372420 .

K. S. Killourhy, and R. A. Maxion, “Keystroke Dynamics - Benchmark Data Set.” [Online]. Carnegie Mellon University, 2009. [Electronic resource]. Available: https://www.cs.cmu.edu/~keystroke/ .

I. Traore, I. Woungang, M. S. Obaidat, Y. Nakkabi, and I. Lai, “Combining Mouse and Keystroke Dynamics Biometrics for Risk-Based Authentication in Web Environments,” in 2012 Fourth International Conference on Digital Home, Guangzhou, 2012, pp. 138-145. https://doi.org/10.1109/ICDH.2012.59 .

J. Solano, L. D. Camacho, A. Correa, C. Deiro, J. Vargas, and M. Ochoa, “Risk-Based Static Authentication in Web Applications with Behavioral Biometrics and Session Context Analytics,” in Applied Cryptography and Network Security Workshops: ACNS 2019 Satellite Workshops, SiMLA, Cloud S&P, AIBlock, and AIoTS, J. Zhou et al., Eds. Bogota, Colombia, 2019, vol. 11605, pp. 3-23. https://doi.org/10.1007/978-3-030-29729-9_1 .

F. Monrose, and A. D. Rubin, “Keystroke dynamics as a biometric for authentication,” Future Generation Computer Systems, vol. 16, no. 4, pp. 351-359, 2000. https://doi.org/10.1016/S0167-739X(99)00059-X .

K. S. Killourhy, and R. A. Maxion, “Comparing Anomaly-Detection Algorithms for Keystroke Dynamics,” in 2009 IEEE/IFIP International Conference on Dependable Systems & Networks, 2009, pp. 125-134. https://doi.org/10.1109/DSN.2009.5270346 .

R. Giot, C. Rosenberger, and B. Dorizzi, “Hybrid Template Update System for Unimodal Biometric Systems,” in 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems, 2012, pp. 1-7. https://doi.org/10.1109/BTAS.2012.6374551 .

J. C. Platt, “Probabilistic Outputs for Support Vector Machines and Comparisons to Regularized Likelihood Methods,” in Advances in Large Margin Classifiers. Cambridge, MA: MIT Press, 1999, pp. 61-74. [Electronic resource]. Available: https://www.microsoft.com/en-us/research/publication/probabilistic-outputs-for-support-vector-machines-and-comparisons-to-regularized-likelihood-methods/ .

Y. Geifman, and R. El-Yaniv, “Selective Classification for Deep Neural Networks,” CoRR, Abs/1705.08500, 2017. [Electronic resource]. Available: https://arxiv.org/abs/1705.08500 .

T. M. Mitchell, “Generative and Discriminative Classifiers: Naive Bayes and Logistic Regression.” Draft chapter for the second edition of Machine Learning. Carnegie Mellon University, 2020. [Electronic resource]. Available: https://www.cs.cmu.edu/~tom/mlbook/NBayesLogReg.pdf

R. A. Jacobs, M. I. Jordan, S. J. Nowlan, and G. E. Hinton, “Adaptive Mixtures of Local Experts,” Neural Computation, vol. 3, pp. 79-87, 1991. https://doi.org/10.1162/neco.1991.3.1.79 .

B. Efron, and R. J. Tibshirani, An Introduction to the Bootstrap. Boca Raton, FL: Chapman & Hall, 1994, 456 p. [Electronic resource]. Available: https://www.routledge.com/An-Introduction-to-the-Bootstrap/Efron-Tibshirani/p/book/9780412042317 .

C. J. Clopper, and E. S. Pearson, “The Use of Confidence or Fiducial Limits Illustrated in the Case of the Binomial,” Biometrika, vol. 26, no. 4, pp. 404-413, 1934. https://doi.org/10.1093/biomet/26.4.404 .

A. N. Angelopoulos, S. Bates, A. Fisch, L. Lei, and T. Schuster, “Conformal Risk Control,” CoRR, Abs/2208.02814, 2022. https://doi.org/10.48550/arXiv.2208.02814 .

P. H. Pisani, R. Giot, A. C. P. L. F. Carvalho, and A. C. Lorena, “Enhanced template update: Application to keystroke dynamics,” Computers & Security, vol. 60, pp. 134-153, 2016. https://doi.org/10.1016/j.cose.2016.04.004 .

R. Giot, M. El-Abed, and C. Rosenberger, “GREYC Keystroke: A Benchmark for Keystroke Dynamics Biometric Systems,” in 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems, Washington, DC, 2009, pp. 1-6. https://doi.org/10.1109/BTAS.2009.5339051 .

B. Bhana, and S. Flowerday, “Passphrase and keystroke dynamics authentication: Usable security,” Computers & Security, vol. 96, Art. 101925, 2020. https://doi.org/10.1016/j.cose.2020.101925 .

J. Kim, and P. Kang, “Freely typed keystroke dynamics-based user authentication for mobile devices based on heterogeneous features,” Pattern Recognition, vol. 108, Art. 107556, 2020. https://doi.org/10.1016/j.patcog.2020.107556 .

Y. Liang, S. Samtani, B. Guo, and Z. Yu, “Behavioral biometrics for continuous authentication in the internet-of-things era: an artificial intelligence perspective,” IEEE Internet of Things Journal, vol. 7, no. 9, pp. 9128-9143, 2020. https://doi.org/10.1109/JIOT.2020.3004077 .

L. S. Dasu, M. Dhamija, G. Dishitha, A. Vivekanandan, and V. Sarasvathi, “Defending Against Identity Threats Using Risk-Based Authentication,” Cybernetics and Information Technologies, vol. 23, no. 2, pp. 105-123, 2023. https://doi.org/10.2478/cait-2023-0016 .

Y. Yang, B. Guo, Y. Liang, K. Zhao, and Z. Yu, “Cross-device free-text keystroke dynamics authentication using federated learning,” Personal and Ubiquitous Computing, vol. 28, no. 3-4, pp. 491-505, 2024. https://doi.org/10.1007/s00779-024-01832-6 .

Downloads

Abstract views: 10

Published

2026-07-06

How to Cite

[1]
D. P. Kurnitskiy, “Quality-Driven Fusion of Contextual and Behavioral Scoring for Risk-Based Authentication”, Вісник ВПІ, no. 3, pp. 61–69, Jul. 2026.

Issue

Section

SOFTWARE ENGINEERING AND CYBERSECURITY

Metrics

Downloads

Download data is not yet available.