Applications of GUI Usage Analysis

Abstract

In the realm of computer security, a masquerade attack is a form of attack wherein the attacker deceives the victim, causing them to believe they are someone other than who they are. One particularly dangerous form of masquerade attack occurs when an attacker begins using an unattended and unlocked computer workstation. This form of masquerade attack is particularly troubling because it requires no technical expertise to perform. Though proper adherence to organizational security policies can mitigate this risk, new technologies are needed to completely defend against this type of attack.

This dissertation presents the results of a study into the potential suitability of GUI Usage Analysis as an authentication mechanism which can be used as a defense against masquerade attacks. Previous attempts at authenticating the current user of a computer system have focused on typing patterns and mouse movements. GUI Usage Analysis does not focus on the user’s physical interaction with the computer system, but instead on how the user manipulates the windows, icons, menus, and pointers that comprise a graphical user interface.

Results are presented showing the feasibility of employing GUI Usage Analysis as a means of authenticating the user of a computer system. Furthermore, results are also presented demonstrating the effectiveness of using GUI Usage Analysis as a means of identification with the goal of identifying a potential attacker. Finally, the results obtained here are compared to other previously published masquerade detection techniques.