Identity verification through dynamic keystroke analysis

Typing rhythms are the rawest form of data stemming from the interaction between users and computers. When properly sampled and analyzed, they may become a useful tool to ascertain personal identity. Moreover, unlike other biometric features, typing dynamics have an important characteristic: they still exist and are available even after an access control phase has been passed. As a consequence, keystroke analysis can be used as a viable tool for user authentication throughout the work session. In this paper we present an original approach to identity verification based on the analysis of the typing rhythms of individuals on different texts. Our experiments involve 130 volunteers and reach the best outcomes found in the literature, using a smaller amount of information than in other works, and avoiding any form of tailoring of the system to the available data set. The method described in the paper is easily tuned to reach an acceptable trade-off between the need to spot most impostors and to avoid false alarms, and, as a consequence, it can become a valid aid to intrusion detection.

[1]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 2002, International Journal of Information Security.

[2]  Steven Furnell,et al.  Applications of keystroke analysis for improved login security and continuous user authentication , 1996, SEC.

[3]  Oren Etzioni,et al.  Towards adaptive Web sites: Conceptual framework and case study , 2000, Artif. Intell..

[4]  Alfred Kobsa,et al.  A Review and Analysis of Commercial User Modeling Servers for Personalization on the World Wide Web , 2000, User Modeling and User-Adapted Interaction.

[5]  Robert J. Schalkoff,et al.  Pattern recognition - statistical, structural and neural approaches , 1991 .

[6]  David Umphress,et al.  Identity Verification Through Keyboard Characteristics , 1985, Int. J. Man Mach. Stud..

[7]  James L. Wayman,et al.  Fundamentals of Biometric Authentication Technologies , 2001, Int. J. Image Graph..

[8]  Hartmut König,et al.  The Intrusion Detection System AID - Architecture, and Experiences in Automated Audit Analysis , 1996, Communications and Multimedia Security.

[9]  B. Hussien,et al.  Computer-Access Security Systems Using Keystroke Dynamics , 1990, IEEE Trans. Pattern Anal. Mach. Intell..

[10]  Julian Ashbourn,et al.  Biometrics - advanced identity verification: the complete guide , 2000 .

[11]  Shiuh-Pyng Shieh,et al.  On a Pattern-Oriented Model for Intrusion Detection , 1997, IEEE Trans. Knowl. Data Eng..

[12]  David Chandler,et al.  Biometric Product Testing Final Report , 2001 .

[13]  John J. Leggett,et al.  Verifying Identity via Keystroke Characteristics , 1988, Int. J. Man Mach. Stud..

[14]  James L. Wayman,et al.  Technical Testing and Evaluation of Biometric Identification Devices , 1996 .

[15]  Fabian Monrose,et al.  Authentication via keystroke dynamics , 1997, CCS '97.

[16]  Thomas A. Louis,et al.  Confidence Intervals for a Binomial Parameter after Observing No Successes , 1981 .

[17]  Mohammad S. Obaidat,et al.  A Multilayer Neural Network System for Computer Access Security , 1994, IEEE Trans. Syst. Man Cybern. Syst..

[18]  Gopal K. Gupta,et al.  Identity authentication based on keystroke latencies , 1990, Commun. ACM.

[19]  Stefan Axelsson,et al.  The base-rate fallacy and the difficulty of intrusion detection , 2000, TSEC.

[20]  David J. Hand,et al.  Discrimination and Classification , 1982 .

[21]  Marcus Brown,et al.  User Identification via Keystroke Characteristics of Typed Names using Neural Networks , 1993, Int. J. Man Mach. Stud..

[22]  Steven A. Hofmeyr,et al.  Intrusion Detection via System Call Traces , 1997, IEEE Softw..

[23]  Mohammad S. Obaidat,et al.  Verification of computer users using keystroke dynamics , 1997, IEEE Trans. Syst. Man Cybern. Part B.

[24]  Oren Etzioni,et al.  Adaptive Web sites , 2000, CACM.

[25]  Brian D. Davison A Web Caching Primer , 2001, IEEE Internet Comput..

[26]  James E. Pitkow,et al.  In Search of Reliable Usage Data on the WWW , 1997, Comput. Networks.

[27]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[28]  Claudia Picardi,et al.  User authentication through keystroke dynamics , 2002, TSEC.

[29]  Joseph B. Walther,et al.  The Value of Web Log Data in Use-Based Design and Testing , 2006, J. Comput. Mediat. Commun..

[30]  Peter G. Neumann,et al.  EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.

[31]  Eugene Volokh,et al.  Personalization and privacy , 2000, CACM.

[32]  John J. Leggett,et al.  Dynamic Identity Verification via Keystroke Characteristics , 1991, Int. J. Man Mach. Stud..

[33]  Douglas A. Reynolds,et al.  The NIST speaker recognition evaluation - Overview, methodology, systems, results, perspective , 2000, Speech Commun..

[34]  Giancarlo Ruffo,et al.  Intrusion Detection through Behavioral Data , 1999, IDA.

[35]  Mohammad S. Obaidat,et al.  A Simulation Evaluation Study of Neural Network Techniques to Computer User Identification , 1997, Inf. Sci..

[36]  Elizabeth B. Lennon Testing Intrusion Detection Systems , 2003 .

[37]  Maria Papadaki,et al.  Keystroke Analysis as a Method of Advanced User Authentication and Response , 2002, SEC.