Thesis Format
Monograph
Degree
Master of Engineering Science
Program
Electrical and Computer Engineering
Supervisor
Ouda, Abdelkader
Abstract
Anomaly detection is quickly becoming a very significant tool for a variety of applications such as intrusion detection, fraud detection, fault detection, system health monitoring, and event detection in IoT devices. An application that lacks a strong implementation for anomaly detection is user trait modeling for user authentication purposes. User trait models expose up-to-date representation of the user so that changes in their interests, their learning progress or interactions with the system are noticed and interpreted. The reason behind the lack of adoption in user trait modeling arises from the need of a continuous flow of high-volume data, that is not available in most cases, to achieve high-accuracy detection. This research provides new insight into anomaly detection techniques through Big Data utilization. Three classification approaches are presented for anomaly detection techniques that are aligned with Big Data characteristics: volume, variety and velocity. The classification is supported by applications of machine learning techniques, such as K-means, Hidden Markov Model, Gaussian Distribution and Auto-encoder neural network, with an aim to recommend best techniques to model user behaviour in an adaptive environment. An ingenious implementation of machine learning techniques has been presented that automatically and accurately builds a unique pattern of the users’ behaviour. With Big Data characteristics, anomaly detection techniques have become more suitable tools for user trait modeling. A solution model is designed and implemented based on anomaly detection outcomes utilizing user traits for an existing user authentication framework. User traits will be modeled by creating a security user profile for each individual user. This profile is structured and developed to be a seed for a strong real-time user authentication method. The implementation comprises four main steps: prediction of rare user actions, filter security potential actions, build/update user profile, and generate a real-time (i.e., just in time) set of challenging questions. Real-world scenarios have been given showing the benefits of these challenging questions in building secure knowledge-based user authentication systems.
Summary for Lay Audience
Anomaly detection is quickly becoming a very significant tool for a variety of applications such as intrusion detection, fraud detection, fault detection, system health monitoring, and event detection in IoT devices. An application that lacks a strong implementation for anomaly detection is user trait modeling for user authentication purposes. User trait models expose up-to-date representation of the user so that changes in their interests, their learning progress or interactions with the system are noticed and interpreted. The reason behind the lack of adoption in user trait modeling arises from the need of a continuous flow of high-volume data, that is not available in most cases, to achieve high-accuracy detection. This research provides new insight into anomaly detection techniques through Big Data utilization. Three classification approaches are presented for anomaly detection techniques that are aligned with Big Data characteristics: volume, variety and velocity. The classification is supported by applications of machine learning techniques, such as K-means, Hidden Markov Model, Gaussian Distribution and Auto-encoder neural network, with an aim to recommend best techniques to model user behaviour in an adaptive environment. An ingenious implementation of machine learning techniques has been presented that automatically and accurately builds a unique pattern of the users’ behaviour. With Big Data characteristics, anomaly detection techniques have become more suitable tools for user trait modeling. A solution model is designed and implemented based on anomaly detection outcomes utilizing user traits for an existing user authentication framework. User traits will be modeled by creating a security user profile for each individual user. This profile is structured and developed to be a seed for a strong real-time user authentication method. The implementation comprises four main steps: prediction of rare user actions, filter security potential actions, build/update user profile, and generate a real-time (i.e., just in time) set of challenging questions. Real-world scenarios have been given showing the benefits of these challenging questions in building secure knowledge-based user authentication systems.
Recommended Citation
Abu Sulayman, Iman, "Design and Implementation of Anomaly Detections for User Authentication Framework" (2019). Electronic Thesis and Dissertation Repository. 6732.
https://ir.lib.uwo.ca/etd/6732