Resumen de Hardening of a Continuous Behavior-based Authentication Distributed System

Julian González Muñoz, Mario Casado, D. Garabato, Francisco Javier Nóvoa de Manuel , Carlos Dafonte

• Password-based traditional authentication systems are increasingly insufficient when it comes to providing security and checking the identity of the authenticated user. What happens when the password of an user has been stolen or an active user is not the same user who authenticated firstly? A distributed system using AI (Artificial Intelligence) acting as a second factor authentication method by analyzing user’s mouse events has to provide confidentiality and integrity in order to protect against different attacks such as Man-In-The-Middle that allow sniffing or data tampering, resulting in an identity spoof. In order to grant integrity and confidentiality, encryption and authentication must be implemented. Authentication is used to allow one node to produce or consume data from an existent message stream and encryption in order to avoid exposing these data to external agents. PKI (Public Key Infrastructure) system is widely used over the internet, so it is a trusty authentication and encryption framework. By using PKI in this project, hardening is performed by creating with OpenSSL a trusted Certificate Authority that issues and signs the certificates used by each node in the distributed system. Trust in this Certificate Authority is implemented by creating keystores and truststores for each node with keytool. This project resulted in a secure communication system preventing data from being sniffed or tampered