Computer Intrusion Detection

Existing protection strategies rely on the combination of several security mechanisms including single or multifactor authentication (e.g. password, OTP token, biometrics), firewall, access control, intrusion detection system (IDS), anti-virus, and so on. Although these mechanisms help enhancing system security, they have failed to stop or detect in timely fashion several high profile hacking incidents that occurred lately, which is a strong indication that there are some important pieces missing in the current protection strategies. One of these missing pieces is the inability of the existing technologies to deal adequately with authentication circumvention attacks. Authentication controls can be bypassed by skipping the regular login page and calling directly an internal page or service that should be accessed only by authenticated subjects using schemes such as social engineering, phishing, and man-in-the-middle or man-in-the-browser attacks. 

BioTracker, through biometric-based continuous authentication (CA), can assist organizations in protecting their networks effectively against authentication circumvention attacks.

Biometric-based continuous authentication consists of authenticating the user repeatedly and unobtrusively throughout a computing session by collecting and processing biometric information. This ensures that the user always remains the same from the initial login time (where he claims a certain identity) to the end of the session. While the primary goal of CA is to discriminate accurately between different users, it can be leveraged to discriminate effectively between human-driven activities and malicious software robot-driven activities.

BioTracker client application runs on desktops and laptops that need to be protected as a lightweight and transparent background process which does not interfere at all with regular user activities. For computer threat monitoring, BioTracker plays a role that places it somewhere in-between a traditional host-based intrusion detector and a virus detector. BioTracker can help monitor a wide variety of computer threats including Advanced Persistent Threat (APT), Masquerade, Man-In-The-Middle, brute force login, and botnets.