Skip to content

ashleybarkworth/biometric-bot-detection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
app
app
 
 
bot
bot
 
 
classification
classification
 
 
data
data
 
 
feature_extraction
feature_extraction
 
 
plots
plots
 
 
screenshots
screenshots
 
 
util
util
 
 
README.md
README.md
 
 

Repository files navigation

Bot Detection Using Behavioural Biometrics

This program, developed with Rehnuma Tabassum, was part of our capstone project 'Detecting IMAP Credential Stuffing Bots Using Behavioural Biometrics' as part of our requirement for the Master of Applied Cybersecurity at the University of New Brunswick. The goal of this project was to mitigate credential stuffing attacks against the IMAP protocol, which has become a significant problem in recent years. For companies that still require legacy protocols like IMAP, which do not support multi-factor authentication (MFA), for their email portals, disabling IMAP is not an option, so alternative solutions are required.

As most credential stuffing attacks are carried out by bots, we proposed a supervised learning system that detects credential stuffing bots using two kinds of behavioural biometrics: mouse and keystroke dynamics. The system records a user’s mouse and keystroke events while they complete three tasks in a graphical user interface (GUI) application. To test our system, we developed two types of bots: a simple bot which makes no attempt to appear human, and an advanced bot that uses techniques to simulate human-like mouse and keyboard motions. We evaluated our system using the Random Forest (RF), Decision Tree (DT), Support Vector Machine (SVM), and K-Nearest Neighbors (KNN) algorithms and compared them against two data sets: one containing human and simple bot data, and one containing human and advanced bot data. We evaluated our system with 5-fold cross validation and achieved accuracies of roughly 96% for both data sets.

Overview

There are multiple modules in the program:

  • app is the GUI with the three tasks to complete, namely:
    • Typing a specified word 10 times
    • Clicking a moving ball 10 times
    • Sorting 8 fruits and animals into boxes
  • bot contains two bot scripts that are meant to be run simultaneously with the GUI program to complete the tasks automatically
  • feature_extraction calculates the various mouse and keystroke features from the user's mouse and keystroke data
  • classification creates the feature data sets, implements the learning algorithms, and runs the cross validation to calculate four scores:
    • Precision
    • Recall
    • Accuracy
    • F-score
  • util contains helper functions

Dependencies

  • Pillow
  • PyAutoGUI
  • Matplotlib
  • NumPy
  • OpenCV
  • Pandas
  • pynput
  • Scikit-learn
  • SciPy

How to Use

Running the app

To run the app without the bots:

python3 app/app.py human

To run the app with the simple bot, open two terminal windows or tabs:

# Run this in the first window/tab
python3 app/app.py simple
# Run this in the second window/tab
python3 bot/simple_bot.py

Similarly, to run the app with the advanced bot:

# Run this in the first window/tab
python3 app/app.py advanced
# Run this in the second window/tab
python3 bot/advanced_bot.py

The mouse and keystroke data are saved under data/events/.

Running the Feature Extraction

python3 feature_extraction/extract_features.py

The mouse and keystroke features are saved under data/features*.

Running the cross validation

python3 classification/classification.py

About

A supervised learning system to distinguish humans from bots using mouse/keystroke data

Topics

machine-learning bots biometric-identification tkinter-gui

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages