User Behavioral Modeling of Web-based Systems for Continuous User Authentication

Authentication plays an important role in how we interact with computers, mobile devices, the web, etc. The idea of authentication is to uniquely identify a user before granting access to system privileges. For example, in recent years more corporate information and applications have been accessible via the Internet and Intranet. Many employees are working from remote locations and need access to secure corporate files. During this time, it is possible for malicious or unauthorized users to gain access to the system. For this reason, it is logical to have some mechanism in place to detect whether the logged-in user is the same user in control of the user's session. Therefore, highly secure authentication methods must be used. We posit that each of us is unique in our use of computer systems. It is this uniqueness that is leveraged to "continuously authenticate users" while they use web software. To monitor user behavior, n-gram models are used to capture user interactions with web-based software. This statistical language model essentially captures sequences and sub-sequences of user actions, their orderings, and temporal relationships that make them unique by providing a model of how each user typically behaves. Users are then continuously monitored during software operations. Large deviations from "normal behavior" can possibly indicate malicious or unintended behavior. This approach is implemented in a system called Intruder Detector (ID) that models user actions as embodied in web logs generated in response to a user's actions. User identification through web logs is cost-effective and non-intrusive. We perform experiments on a large fielded system with web logs of approximately 4000 users. For these experiments, we use two classification techniques; binary and multi-class classification. We evaluate model-specific differences of user behavior based on coarse-grain (i.e., role) and fine-grain (i.e., individual) analysis. A specific set of metrics are used to provide valuable insight into how each model performs. Intruder Detector achieves accurate results when identifying legitimate users and user types. This tool is also able to detect outliers in role-based user behavior with optimal performance. In addition to web applications, this continuous monitoring technique can be used with other user-based systems such as mobile devices and the analysis of network traffic.

CHARACTERIZATION OF RADIATION DAMAGE TO A NOVEL PHOTONIC CRYSTAL SENSOR

New methods of nuclear fuel and cladding characterization must be developed and implemented to enhance the safety and reliability of nuclear power plants. One class of such advanced methods is aimed at the characterization of fuel performance by performing minimally intrusive in-core, real time measurements on nuclear fuel on the nanometer scale. Nuclear power plants depend on instrumentation and control systems for monitoring, control and protection. Traditionally, methods for fuel characterization under irradiation are performed using a “cook and look” method. These methods are very expensive and labor-intensive since they require removal, inspection and return of irradiated samples for each measurement. Such fuel cladding inspection methods investigate oxide layer thickness, wear, dimensional changes, ovality, nuclear fuel growth and nuclear fuel defect identification. These methods are also not suitable for all commercial nuclear power applications as they are not always available to the operator when needed. Additionally, such techniques often provide limited data and may exacerbate the phenomena being investigated. This thesis investigates a novel, nanostructured sensor based on a photonic crystal design that is implemented in a nuclear reactor environment. The aim of this work is to produce an in-situ radiation-tolerant sensor capable of measuring the deformation of a nuclear material during nuclear reactor operations. The sensor was fabricated on the surface of nuclear reactor materials (specifically, steel and zirconium based alloys). Charged-particle and mixed-field irradiations were both performed on a newly-developed “pelletron” beamline at Idaho State University's Research and Innovation in Science and Engineering (RISE) complex and at the University of Maryland's 250 kW Training Reactor (MUTR). The sensors were irradiated to 6 different fluences (ranging from 1 to 100 dpa), followed by intensive characterization using focused ion beam (FIB), transmission electron microscopy (TEM) and scanning electron microscopy (SEM) to investigate the physical deformation and microstructural changes between different fluence levels, to provide high-resolution information regarding the material performance. Computer modeling (SRIM/TRIM) was employed to simulate damage to the sensor as well as to provide significant information concerning the penetration depth of the ions into the material.