A comprehensive approach for mitigating impersonation in online assessment
integrity policy and random authenticationA comprehensive approach for mitigating impersonation in online assessment
integrity policy and random authenticationSamenvatting
The security of online assessments is a major concern due to widespread cheating. One common form of cheating is impersonation, where students invite unauthorized persons to take assessments on their behalf. Several techniques exist to handle impersonation. Some researchers recommend use of integrity policy, but communicating the policy effectively to the students is a challenge. Others propose authentication methods like, password and fingerprint; they offer initial authentication but are vulnerable thereafter. Face recognition offers post-login authentication but necessitates additional hardware. Keystroke Dynamics (KD) has been used to provide post-login authentication without any additional hardware, but its use is limited to subjective assessment. In this work, we address impersonation in assessments with Multiple Choice Questions (MCQ). Our approach combines two key strategies: reinforcement of integrity policy for prevention, and keystroke-based random authentication for detection of impersonation. To the best of our knowledge, it is the first attempt to use keystroke dynamics for post-login authentication in the context of MCQ. We improve an online quiz tool for the data collection suited to our needs and use feature engineering to address the challenge of high-dimensional keystroke datasets. Using machine learning classifiers, we identify the best-performing model for authenticating the students. The results indicate that the highest accuracy (83%) is achieved by the Isolation Forest classifier. Furthermore, to validate the results, the approach is applied to Carnegie Mellon University (CMU) benchmark dataset, thereby achieving an improved accuracy of 94%. Though we also used mouse dynamics for authentication, but its subpar performance leads us to not consider it for our approach.
Organisatie | De Haagse Hogeschool |
Lectoraat | Lectoraat Learning Technology & Analytics |
Gepubliceerd in | International journal of information security Springer Nature, Vol. 24, Uitgave: 1, Pagina's: 1-19 |
Jaar | 2024 |
Type | Artikel |
DOI | 10.1007/s10207-024-00931-y |
Taal | Engels |