Результаты исследований: Публикации в книгах, отчётах, сборниках, трудах конференций › статья в сборнике материалов конференции › Рецензирование
MLE-RBA: A Machine Learning-Empowered Risk-Based Authentication Algorithm. / Матюшин, Юрий Сергеевич; Корхов, Владимир Владиславович.
Computational Science and Its Applications – ICCSA 2025 Workshops. 2025. стр. 325–339 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Том 15894).Результаты исследований: Публикации в книгах, отчётах, сборниках, трудах конференций › статья в сборнике материалов конференции › Рецензирование
}
TY - GEN
T1 - MLE-RBA: A Machine Learning-Empowered Risk-Based Authentication Algorithm
AU - Матюшин, Юрий Сергеевич
AU - Корхов, Владимир Владиславович
PY - 2025/6/28
Y1 - 2025/6/28
N2 - Risk-Based Authentication (RBA) is a dynamic authentication approach that assesses login attempts based on contextual risk factors. Traditional RBA implementations, such as Freeman et al.’s Naïve Bayes method, provide adaptive security but have limitations in precision and adaptability. In this study, we propose an enhanced RBA method leveraging machine learning to improve risk assessment accuracy. We design and implement MLE-RBA, an ML-empowered RBA system using a LightGBM classifier trained on a user login dataset, incorporating feature engineering, anomaly detection, and data balancing techniques. Our approach is evaluated against Freeman’s method and the SIMPLE heuristic, with performance measured in terms of Equal Error Rate (EER) and other key metrics. Experimental results show that our ML-based approach achieves a lower EER, demonstrating improved authentication accuracy while maintaining usability. Despite its effectiveness, we emphasize that RBA, even when enhanced with ML, should not replace primary authentication mechanisms but rather serve as a supplementary layer to improve security. Our findings contribute to the ongoing development of adaptive authentication strategies, highlighting ML's potential in optimizing RBA systems.
AB - Risk-Based Authentication (RBA) is a dynamic authentication approach that assesses login attempts based on contextual risk factors. Traditional RBA implementations, such as Freeman et al.’s Naïve Bayes method, provide adaptive security but have limitations in precision and adaptability. In this study, we propose an enhanced RBA method leveraging machine learning to improve risk assessment accuracy. We design and implement MLE-RBA, an ML-empowered RBA system using a LightGBM classifier trained on a user login dataset, incorporating feature engineering, anomaly detection, and data balancing techniques. Our approach is evaluated against Freeman’s method and the SIMPLE heuristic, with performance measured in terms of Equal Error Rate (EER) and other key metrics. Experimental results show that our ML-based approach achieves a lower EER, demonstrating improved authentication accuracy while maintaining usability. Despite its effectiveness, we emphasize that RBA, even when enhanced with ML, should not replace primary authentication mechanisms but rather serve as a supplementary layer to improve security. Our findings contribute to the ongoing development of adaptive authentication strategies, highlighting ML's potential in optimizing RBA systems.
KW - Cybersecurity
KW - Machine Learning
KW - Risk-Based Authentication
UR - https://www.mendeley.com/catalogue/075575a7-d3f5-30d2-b2a9-9fca7fc237e4/
U2 - 10.1007/978-3-031-97648-3_22
DO - 10.1007/978-3-031-97648-3_22
M3 - Conference contribution
SN - 9783031976476
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 325
EP - 339
BT - Computational Science and Its Applications – ICCSA 2025 Workshops
Y2 - 30 June 2025 through 3 July 2025
ER -
ID: 138833318