Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BIForum 2017 - Keystroke Analysis for Fraud Det...

Valerio Maggio
November 15, 2017
Research
0
260

BIForum 2017 - Keystroke Analysis for Fraud Detection

User identification is a fundamental, but yet an open problem in fraud detection.
Traditional approaches resort to user account information or browsing history.
However, such information can pose security and privacy risks, and it is not robust as can
be easily changed, e.g., the user changes to a new device or using a different application.
Monitoring biometric information including a user’s typing behaviours tends to produce
consistent results over time while being less disruptive to user’s experience.

In this talk I will present the Machine Learning pipeline I set up to prevent frauds in user
authentications. Challenges for processing and filtering real user data
accessing bank accounts from web and mobile devices will be discussed, along
with the deep neural networks adopted to learn to detect impostors.
During the talk, I will present the Pythonic tools (e.g. `pandas`) and data formats
(i.e. `hdf5` and `json`) I used to collect and store data, as well as those to
configure the machine learning process (i.e. `scipy.cluster`, `sklearn` and `keras`).

The talk is meant for data scientists, as well as for practitioners with no specific background in
machine or deep learning. Basic knowledge of `pandas` and other `numpy` based
scientific libraries is assumed.

Valerio Maggio

November 15, 2017
Tweet

More Decks by Valerio Maggio

See All by Valerio Maggio
PPML PyConIT24
leriomaggio
0
71
The Hitchhiker's Guide to D&D 🐉
leriomaggio
1
150
Privacy Preserving Machine Learning (PPML) @ SciPy 2023
leriomaggio
0
280
Pythonic functional itertools for your data challenge
leriomaggio
0
76
Actionable Machine Learning in the Browser with PyScript
leriomaggio
0
330
PPML Mozfest23
leriomaggio
1
90
Evaluating Machine Learning Models Class
leriomaggio
0
58
Intro to Deep Learning Class
leriomaggio
0
69
Evaluating Machine Learning Models - PyData Global 2022
leriomaggio
0
250

Other Decks in Research

See All in Research
Leveraging LLMs for Unsupervised Dense Retriever Ranking (SIGIR 2024)
kampersanda
2
200
Whoisの闇
hirachan
3
140
KDD論文読み会2024: False Positive in A/B Tests
ryotoitoi
0
200
VisFocus: Prompt-Guided Vision Encoders for OCR-Free Dense Document Understanding
sansan_randd
1
250
LLM時代にLabは何をすべきか聞いて回った1年間
hargon24
1
500
大規模言語モデルのバイアス
yukinobaba
PRO
4
710
Introducing Research Units of Matsuo-Iwasawa Laboratory
matsuolab
0
940
20241115都市交通決起集会 趣旨説明・熊本事例紹介
trafficbrain
0
270
Global Evidence Summit (GES) 参加報告
daimoriwaki
0
160
12
0325
0
190
Human-Informed Machine Learning Models and Interactions
hiromu1996
2
480
ECCV2024読み会: Minimalist Vision with Freeform Pixels
hsmtta
1
150

Featured

See All Featured
BBQ
matthewcrist
85
9.3k
Music & Morning Musume
bryan
46
6.2k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
44
2.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
Navigating Team Friction
lara
183
14k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
246
1.3M
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
720
Happy Clients
brianwarren
98
6.7k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
How to train your dragon (web standard)
notwaldorf
88
5.7k

Transcript

  1. Keystroke Behavioural Analysis For Fraud Detection Valerio Maggio @leriomaggio Data

    Scientist and Researcher Fondazione Bruno Kessler (FBK)
 Trento, Italy

  2. Two Common forms of Frauds Account Hijacking Card Faking

  3. Account Hijacking Account Hijacking User Identification

  4. User Identification

  5. Keystroke Dynamics Keystroke dynamics consists in analysing the way a

    user types by monitoring keyboard inputs thousand of times per second, and processing this data through an algorithm, which then defines a pattern for future comparison Identifying an individual based on their way of typing on a physical or virtual keyboard

  6. Keystroke Dynamic Analysis Time between two key pressures 
 Down-Down

    Time Time between one pressure and one release- 
 Dwell Time Time between one release and one pressure
 Flight Time Time between two key release
 Up-Up Time

  7. Keystroke Patterns Leaning : State of the Art

  8. Data Pipeline: (1) Data Collection Time between two key pressures

    
 Down-Down Time Time between one pressure and one release- 
 Dwell Time Time between one release and one pressure
 Flight Time Time between two key release
 Up-Up Time

  9. Data Pipeline: (2) Feature Extraction Time between two key pressures

    Time between one pressure and one release Time between one release and one pressure Time between two key release TimeShifting key-presses - if deletions happen Only Data leading to a Successful Login

  10. Feature Analysis & Data Preparation

  11. Feature Analysis & Data Preparation

  12. Feature Analysis & Data Preparation 1. Analyse Feature Distribution 2.

    Rank users accordingly
  13. None

  14. Up-Up Time - Username Field - web vs app

  15. Up-Up Time - Password Field - web vs app

  16. Dwell Time - Username Field - web vs app

  17. Dwell Time - Password Field - web vs app

  18. Data Cleaning Complexity-Invariant Distance Measure

  19. Data Cleaning Complexity-Invariant Distance Measure

  20. Feature Scaling Original 
 Feature Data MinMax Scaling Standard Scaling

  21. Data Preparation All feature Combinations HDF5 format

  22. Data Analysis Protocol (DAP) Reduce the 
 Selection Bias!! 80%

    20% Use separately for 
 HyperParams Search Don’t Mix

  23. Keystroke Patterns (Classical) Machine Learning … …

  24. Deep Keystroke Learning Deep AutoEncoder Encoder Decoder … Classification Deep

    Network One AutoEncoder + FC Network Outlier Detector (per user)

  25. Deep Keystroke Learning
 User Identification Deep AutoEncoder Encoder Decoder …

    Classification Deep Network Confusion Classification Matrix Avg. Accuracy Score: 0.999090 One AutoEncoder + FC Network Outlier Detector (per user) Avg. FPR: 0.002246

  26. Outlier Detection

  27. Feature Importance rf.fit(X,y_DL)

  28. Conclusions and Take Aways • Data Processing and Cleaning is

    never painless • 80% of the time for Data Science Processing • 20% is for Machine/Deep Learning Code • 90% of which is looking for Optimum HyperParameters 
 (exp. for Deep Learning) • Use Unsupervised Approaches to get useful insights on the data • Feature Scaling is paramount • Beware of the Selection Bias (Multiple Time K-Fold CV) • DL is not silver bullet

  29. Thanks a lot for your kind attention +ValerioMaggio [email protected] it.linkedin.com/in/valeriomaggio

    @leriomaggio