Hardening of a Continuous Behavior-based Authentication Distributed System

  1. Julian González Muñoz 1
  2. Mario Casado 1
  3. Daniel Garabato 1
  4. Francisco J. Novoa 1
  5. Carlos Dafonte 1
  1. 1 Universidade da Coruña
    info

    Universidade da Coruña

    La Coruña, España

    ROR https://ror.org/01qckj285

Libro:
VI Congreso XoveTIC: impulsando el talento científico
  1. Manuel Lagos Rodríguez (ed. lit.)
  2. Álvaro Leitao Rodríguez (ed. lit.)
  3. Tirso Varela Rodeiro (ed. lit.)
  4. Javier Pereira Loureiro (coord.)
  5. Manuel Francisco González Penedo (coord.)

Editorial: Servizo de Publicacións ; Universidade da Coruña

Año de publicación: 2023

Congreso: XoveTIC (6. 2023. A Coruña)

Tipo: Aportación congreso

Resumen

Password-based traditional authentication systems are increasingly insufficient when it comes to providing security and checking the identity of the authenticated user. What happens when the password of an user has been stolen or an active user is not the same user who authenticated firstly? A distributed system using AI (Artificial Intelligence) acting as a second factor authentication method by analyzing user’s mouse events has to provide confidentiality and integrity in order to protect against different attacks such as Man-In-The-Middle that allow sniffing or data tampering, resulting in an identity spoof. In order to grant integrity and confidentiality, encryption and authentication must be implemented. Authentication is used to allow one node to produce or consume data from an existent message stream and encryption in order to avoid exposing these data to external agents. PKI (Public Key Infrastructure) system is widely used over the internet, so it is a trusty authentication and encryption framework. By using PKI in this project, hardening is performed by creating with OpenSSL a trusted Certificate Authority that issues and signs the certificates used by each node in the distributed system. Trust in this Certificate Authority is implemented by creating keystores and truststores for each node with keytool. This project resulted in a secure communication system preventing data from being sniffed or tampered