Learning from Biometric Fingerprints to prevent Cyber Security Threats
0 likes15 views
The document discusses the application of machine learning in cybersecurity, specifically focusing on keystroke dynamics for user identification. It outlines the steps for implementing applied machine learning, including data collection, preparation, model training, prediction, and deployment. Additionally, it highlights the process of analyzing typing patterns to detect anomalies for fraud prevention.
Learning from Biometric Fingerprints to prevent Cyber Security Threats
- 1. LOREM I P S U M LEARNING FROM BIOMETRICS To prevent #CyberSecurity 🕵 threats Valerio Maggio @leriomaggio Data Scientist & Pythonistas @ FBK vmaggio@fbk.eu
- 2. DOLOR S I T A M E T SORRY, WHO? • Post Doc Researcher • Background in CS • Interested in Machine & Deep Learning • Core in Biomedicine & Environment here We’re looking for students for Internship & (PhD) Thesis • Applied Machine Learning (a.k.a. Data Science) https://mpbalab.fbk.eu
- 3. DONEC F I N I B U S A C • Geek & Nerd • Fellow Pythonista since 2006 this is a better me !-) SORRY, WHO? 100K points if you get this pun !-) github.com/leriomaggio
- 7. NULLA C O N G U E S A P I E N WHAT THE CLOUDS SAY
- 8. VITAE A U G U E C O N S E C T E T U R WHAT THE CLOUDS KEEP SAYING…
- 9. AT CONVALLIS M I A U C T O R . WHAT THE CLOUDS STILL SAY…
- 10. FUSCE F E U G I A T WHAT THE CLOUDS FINALLY SAY! Learning from Data for future predictions
- 12. SED SUSCIPIT I N E L I T M O L L I S SUPERVISED SETTING • Input Data are accompanied with labels the ML model can learn from • i.o.w. labels are reference for the model to estimate the expected outcomes
- 14. HOUSE PRICES ESTIMATION Labels are Real numbers
- 15. FRINGILLA M A E C E N A S G R A V I D A S UNSUPERVISED SETTING • No label is provided • Learning directly from data • e.g. Clustering
- 16. CLUSTERING
- 17. FUSCE F E U G I A T WHAT THE CLOUDS FINALLY SAY!
- 18. EU TURPIS V O L U P T A T
- 19. Let’s play with all of this!
- 21. IPSUM E G E T A U C T O R APPLIED ML IN 5 STEPS • Collect the Data 1. Look at the Data & Clean the Data 2. Prepare the data 3. Train your model(s) 4. Predict using your best model using unseen data (namely: data NOT used in training) 5. Deploy your system in production
- 23. TWO COMMON FRAUDS Account Hijacking Card Faking
- 24. TWO COMMON FRAUDS Account Hijacking User Identification
- 26. KEYSTROKE DYNAMICS Keystroke dynamics consists in analysing the way a user types by monitoring keyboard inputs thousand of times per second, and processing this data through an algorithm, which then defines a pattern for future comparison Identifying an individual based on their way of typing on a physical or virtual keyboard
- 27. KEYSTROKE DYNAMICS Time between two key pressures Time between one pressure and one release Time between one release and one pressure Time between two key release Intuition: Users have unique ways to type on keyboards (i.e. typing patterns)
- 28. KEYSTROKE DYNAMIC Time between two key pressures Down-Down Time Time between one pressure and one release- Dwell Time Time between one release and one pressure Flight Time Time between two key release Up-Up Time
- 30. DATA COLLECTION Time between two key pressures Down-Down Time Time between one pressure and one release- Dwell Time Time between one release and one pressure Flight Time Time between two key release Up-Up Time • Dataset Statistics: • 50 different users • 450+ patterns each
- 31. DONEC M E N U S U R N A STEP 1: LOOK AT THE DATA AND CLEAN THEM
- 32. UP-UP TIME - USERNAME FIELD - WEB VS APP
- 33. UP-UP TIME - PASSWORD FIELD - WEB VS APP
- 34. DWELL TIME - USERNAME FIELD - WEB VS APP
- 35. DWELL TIME - PASSWORD FIELD - WEB VS APP
- 37. FEATURE SCALING (NORMALISATION) Original Feature Data MinMax Scaling Standard Scaling
- 38. PULVINAR V I T A E E L I T . STEP 2:PREPARE THE DATA TRAIN-TEST CUT
- 39. WHAT WE DO
- 40. WHAT WE REALLY DO K-Fold Cross Validation
- 41. VIVAMUS F I N I B U S R I S U S STEP 3-4:TRAIN AND TEST ML MODEL
- 42. Deep AutoEncoder Encoder Decoder … Classification Deep Network One AutoEncoder + FC Network Outlier Detector (per user) DEEPKS
- 43. Deep AutoEncoder Encoder Decoder DEEPKS 1. AUTOENCODER Trained on genuine keystroke patterns Unsupervised Machine (Deep) Learning
- 44. Deep AutoEncoder Encoder Decoder DEEPKS 2. DISCRIMINATOR Trained on genuine & adversarial patterns
- 45. EVALUATION METRICS Confusion Matrix over ~5200 samples
- 46. SAMPLE SIZE TEST Q: How many patterns would I need to be confident about the accuracy of the model ?
- 48. NON DIAM B L A N D I T F E R M E N T U M . STEP 5:DEPLOY YOUR SOLUTION
- 49. Models Database Model Service Feature Database Data Collector Feature Detection Orchestration Model Training Service Feature Extraction Alarms Dashboard Models Models Features + Labels Features Features Raw Data Alarm Prediction Request Labels 1 2 3 9 SOC Alarms Database 4 5 6 7 Score Confirmation/ Rejection Features 8 10 11 12
- 50. API Engine Feature extractor DL Model {json} Raw data, features, predictions
- 51. SHAMELESS PLUG
- 53. EUROSCIPY 2018 Fondazione Bruno Kessler | Associazione Python Italia University of Trento Northern Italy | Trentino Region Tentative dates: Aug. 28 - Sept. 01 2018 Be posted on euroscipy.org
- 54. trento.python.it Next Meetup: Feb, 22 2018 - h19:00 ➡ @Clab
- 56. THANK YOU! 🍻 Now it’s time for Cheers 🥓 @leriomaggio vmaggio@fbk.eu