Dissertation/Thesis Abstract

Behavioral Biometrics and the Insider Threat
by Rash, Matthew, M.S., Utica College, 2017, 60; 10273200
Abstract (Summary)

Insider attacks affect organizations globally and cost substantial time, money, trust, and customer confidence. They can be carried out by malicious insiders or unintentionally by accidental insiders. They are also exceptionally hard to detect and prevent. Current events, such as the leaks by NSA whistleblower Edward Snowden, highlight the risks that insider threats pose to organizations, including national governments. Stolen and abused credentials are two vectors used by insider attacks. Many recent breaches, including OPM in May 2015, were due to compromised passwords. Authentication schemes such as password, passphrase, and PIN codes are knowledge-based methods which are easy to hack and even easier for insiders to compromise. Furthermore, these authentication methods are single-point events not providing any additional user verification after an initial login. Behavioral-based biometrics, such as keystroke, mouse, and touch dynamics, can provide authentication systems based on who we are rather than what we know. Behavioral biometrics can be utilized in a continuous mode to verify a user actively throughout a session. This research project found that technologically, behavioral-based biometric systems can provide continuous user authentication with high levels of effectiveness. Although, the low number of academic studies utilizing real-world conditions highlights the need for additional large-scale case studies. A lack of industry standards for handling biometric data also underlines the low level of maturity of biometric-based systems. Additionally, privacy laws are divergent around the globe on the usage of biometric data. Laws even differ from state to state in the U.S. This lack of standardization makes litigation a high concern for organizations who might want to implement biometric systems.

Indexing (document details)
Advisor: Riddell, Christopher M.
Commitee: Smith, Kevin
School: Utica College
Department: Cybersecurity
School Location: United States -- New York
Source: MAI 56/04M(E), Masters Abstracts International
Subjects: Criminology
Publication Number: 10273200
ISBN: 9781369757927
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy