Researchers mimic board game to bolster computer security

University researchers have built a program that mimics the way people play the memory game Concentration, opening the possibility of improving computer security by distinguishing human behavior from bots.

The study, conducted by North Carolina State University researchers, sets the groundwork for one day being able to integrate within software highly accurate bot-detection programs to prevent computer fraud.Ã'Â

Bots are software applications that run automated tasks over the Internet. While having legitimate purposes, such as fetching information from websites for search queries, bots are also used by scalpers to buy large quantities of tickets from ticketing sites and to infiltrate online in-game economies to amass virtual currency.

The NCSU researchers set out to see whether they could simulate people's thought processes in playing Concentration, a solitaire game in which cards are arranged facedown on a grid and a person tries to find matching pairs.

To do that, a person turns over a card and then chooses another. If they chooseright, the pair is taken off the grid. If not, then the cards are turned facedown and the player tries again, hoping to remember the location of cards in order to find them again later to make a match.

"Concentration has been used in psychology literature as a model for memory for a few decades now," Robert St. Amant, co-author of the report, entitled "Modeling the Concentration Game wiith ACT-R," said on Monday. "But no one to our knowledge has built a cognitively plausible account of how people play the game."

The researchers gathered information on the thought processes involved by monitoring the gameplay of 179 people playing an online version of Concentration that involved 16 cards. The game was played under two conditions, accuracy and speed.

Under the latter, participants scored higher the faster they finished the game. Under the former, they got more points for choosing the right match. When striving for accuracy, the players were less random in their choices and had more time to think about the location of cards.

The data fed into the program developed by researchers, called ACT-R, included the probability of the average player forgetting a card's location or remembering one seen before. Overall, ACT-R finished the speed game within a second of the average player and the accuracy game within one mistake.

[Also see: Researchers find APT malware that monitors mouse clicks to evade detection]

"We thought [the results] were pretty good," St. Amant said. "For us, we were able to distinguish between [people playing] the speed condition and the accuracy condition pretty easily."

The research may eventually lead to determining whether a real person is participating in such activities as online voting because it shows that scientists can simulate human behavior in a program, albeit through a simple game.

Further research will be needed to develop programs that can detect humans based on the way the keyboard and mouse are being used. This would replace the use of logs and IP addresses in watching for bots.

While it would be possible for criminals to simulate keyboard and mouse use by a person, the expense of doing so would make such bots impractical, St. Amant said.

Beyond just discovering bots, St. Amant said he believes future research on keystroke and mice dynamics could help scientists identify malice. How a person is using the devices "can actually tell something about the probability that you're trying to be a little bit deceptive," he said.

The ability to analyze security-related intent based on how people use the devices that interact with their computers will likely be programmed into software within the next five years, Amant said.

"Systems already exist to track people's mouse movements and keyboard actions in some kinds of games," Amant said. "This is just a matter of building the monitoring tools and raising flags to a human security person."

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.

Tags memory gameapplicationsData Protection | MalwarelegalsoftwareNorth Carolina State UniversityConcentrationdata protectioncybercrime

More about ACTAPT

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place