A 2016 report by RSA found that 27% of all electronic crime were suspected or known to be caused by insiders. Furthermore, 30% of the damage done by insiders were worse than damage done by outsiders. Our goal was to use behavioral biometrics to determine if an unauthorized user is accessing a computer.
What it does
Koios is tool which collects mouse movement and keyboard clicks. Information such as velocity, acceleration, curvature, and even the time you hold a mouse button down is collected.
How we built it
The Koios IO monitor program is built using C. The graphical user interface is made with JavaFX, and the processing is handled through Python, Pandas, and Numpy.
Challenges we ran into
Initially we tried to implement the IO monitor using Python, but this was too slow. We opted with C (using X11) and used a special software tool to attach the monitor to a CPU.
Getting enough user data in a 24 hour time period is hard and studies have shown that in order to reduce the false acceptance rate and false rejection rate to ~2% we would have needed around 12 hours of data from each participant.
Accomplishments that we're proud of
Initial tests show that even though we do not have near enough data, a model is able to somewhat learn. The biggest hurdle was turning the raw data (x,y, timestamp etc) into usable data for our model.
What we learned
Keras, Pandas, JavaFX, Numpy
What's next for Koios
First we need to gather enough data to confidently use the model.
In addition, we would have liked to allow easy deployment and the ability to securely email a system admin when an anomaly is detected.
We would like to combine this technology with One-Shot-Learning, which is commonly used in facial recognition.