Tag Archives: model human online behavior

Your Typing Discloses Who You Are: Behavioral Biometrics

Behavioural biometrics make it possible to identify an individual’s “unique motion fingerprint”,… With the right software, data from a phone’s sensors can reveal details as personal as which part of someone’s foot strikes the pavement first, and how hard; the length of a walker’s stride; the number of strides per minute; and the swing and spring in the walker’s hips and step. It can also work out whether the phone in question is in a handbag, a pocket or held in a hand.

Using these variables, Unifyid, a private company, sorts gaits into about 50,000 distinct types. When coupled with information about a user’s finger pressure and speed on the touchscreen, as well as a device’s regular places of use—as revealed by its gps unit—that user’s identity can be pretty well determined, ction….Behavioural biometrics can, moreover, go beyond verifying a user’s identity. It can also detect circumstances in which it is likely that a fraud is being committed. On a device with a keyboard, for instance, a warning sign is when the typing takes on a staccato style, with a longer-than-usual finger “flight time” between keystrokes. This, according to Aleksander Kijek, head of product at Nethone, a firm in Warsaw that works out behavioural biometrics for companies that sell things online, is an indication that the device has been hijacked and is under the remote control of a computer program rather than a human typist…

Used wisely, behavioural biometrics could be a boon…Used unwisely, however, the system could become yet another electronic spy on people’s privacy, permitting complete strangers to monitor your every action, from the moment you reach for your phone in the morning, to when you fling it on the floor at night.

Excerpts from Behavioural biometrics: Online identification is getting more and more intrusive, Economist, May 23, 2019

Biometrics: Behavioral and Physical

From DARPA pdf document available at  FedBizOpps. Gov Enhanced Attribution
Solicitation Number: DARPA-BAA-16-34

Malicious actors in cyberspace currently operate with little fear of being caught due to the fact that it is extremely difficult, in some cases perhaps even impossible, to reliably and confidently attribute actions in cyberspace to individuals. The reason cyber attribution is difficult stems at least in part from a lack of end-to-end accountability in the current Internet infrastructure…..The identities of malicious cyber operators are largely obstructed by the use of multiple layers of indirection… The lack of detailed information about the actions and identities of the adversary cyber operators inhibits policymaker considerations and decisions for both cyber and non-cyber response options (e.g., economic sanctions under EO-13694).

The DARPA’s Enhanced Attribution program aims to make currently opaque malicious cyber adversary actions and individual cyber operator attribution transparent by providing high-fidelity visibility into all aspects of malicious cyber operator actions and to increase the Government’s ability to publicly reveal the actions of individual malicious cyber operators without damaging sources and methods….

The program seeks to develop:

–technologies to extract behavioral and physical biometrics from a range of devices and
vantage points to consistently identify virtual personas and individual malicious cyber
operators over time and across different endpoint devices and C2 infrastructures;
–techniques to decompose the software tools and actions of malicious cyber operators into semantically rich and compressed knowledge representations;
–scalable techniques to fuse, manage, and project such ground-truth information over time,toward developing a full historical and current picture of malicious activity;

–algorithms for developing predictive behavioral profiles within the context of cyber campaigns; and
–technologies for validating and perhaps enriching this knowledge base with other sources of data, including public and commercial sources of information.

Excerpts from Enhanced Attribution, Solicitation Number: DARPA-BAA-16-34, April 22, 2016

Exploiting Digital Fingerprints: Military

Backed by a $5.6 million grant from the US Defense Advanced Research Projects Agency, a  team at Stanford is embarking on a four-year project to better understand and model complex communication patterns in social networks in real time…The new project is called MEGA: Modern Graph Analysis for Dynamic Networks, and is led by Associate Professor Ashish Goel.   A team of seven principal investigators… will develop algorithms which model human communication and detect subtle patterns in huge data sets from social media.

DARPA is interested because, from a national security standpoint, big data holds the promise of recognizing threats in unusual or suspicious social interactions of terrorists and other foreign adversaries.   Our daily social communication is spread across many forms of interaction. E-mails, tweets, text messages and Facebook posts define our modern social lives. More than ever, information about this correspondence and behavior can be collected, stored, and made available to computer scientists.With access to billions of tweets, e-mails and text messages, a project like MEGA can build reliable mathematical models of social phenomena, like the way news spreads through a network for instance, or even how people choose their social connections, Goel said.

One goal of the MEGA project is to model human online behavior and find how it shapes social networks… The second component of MEGA’s research: writing the step-by-step procedures for processing distributed data in real time….Some of their algorithms and programs will be passed directly to DARPA to be used in a security context…

Excerpt, DARPA Grant Will Help Stanford Dig Deep into the Big Data in Social Networks, Stanford.edu, April 24, 2013