View article

Data theft is a growing threat to consumers and organizations which existing security safeguards do not sufficiently address. In particular, existing authentication mechanisms are frequently bypassed or circumvented although in situations where attacks are launched by malicious insiders who already possess valid credentials. We propose methods to enhance existing authentication paradigms with continuous active authentication. Our system adds additional levels of security without burdening the user with more credentials to manage. We utilize two complementary authentication modalities to validate user-identity: (1) behavior profiling for user-system interaction, and (2) baiting adversaries using automatically distributed file-decoy tripwires. We present the results from a 160-subject user study used to validate our system. Our results show that the presence of decoy documents on a system does not interfere with …