Keystroke Dynamics Overview

Everybody needs to authenticate himself on his computer before using it, or even before using different applications (email, e-commerce, intranet, . . . ). Most of the times, the adopted authentication procedure is the use of a classical couple of login and password. In order to be efficient and secure, the user must adopt a strict management of its credentials (regular changing of the password, use of different credentials for different services, use of a strong password containing various types of characters and no word contained in a dictionary). As these conditions are quite strict and difficult to be applied for most users, they do not not respect them. This is a big security flaw in the authentication mechanism (Conklin et al., 2004). According to the 2002 NTA Monitor Password Survey1, a study done on 500 users shows that there is approximately 21 passwords per user, 81% of them use common passwords and 30% of them write their passwords down or store them in a file. Hence, password-based solutions suffer from several security drawbacks. A solution to this problem, is the use of strong authentication....

[1]  Sungzoon Cho,et al.  Artificial Rhythms and Cues for Keystroke Dynamics Based Authentication , 2006, ICB.

[2]  Christophe Rosenberger,et al.  Keystroke dynamics with low constraints SVM based passphrase enrollment , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[3]  Woojin Chang Keystroke Biometric System Using Wavelets , 2006, ICB.

[4]  Kenneth Revett A bioinformatics based approach to user authentication via keystroke dynamics , 2009 .

[5]  Mary F. Theofanos,et al.  Usability and Biometrics: Ensuring Successful Biometric Systems | NIST , 2008 .

[6]  Baptiste Hemery,et al.  Low Cost and Usable Multimodal Biometric System Based on Keystroke Dynamics and 2D Face Recognition , 2010, 2010 20th International Conference on Pattern Recognition.

[7]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 2002, International Journal of Information Security.

[8]  Thai Hoang Le,et al.  Keystroke Dynamics Extraction by Independent Component Analysis and Bio-matrix for User Authentication , 2010, PRICAI.

[9]  Jugurta R. Montalvão Filho,et al.  On the equalization of keystroke timing histograms , 2006, Pattern Recognit. Lett..

[10]  S.J. Elliott,et al.  Keystroke Dynamics Verification Using a Spontaneously Generated Password , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[11]  Jean-Yves Ramel,et al.  Estimation of User Specific Parameters in One-class Problems , 2006, 18th International Conference on Pattern Recognition (ICPR'06).

[12]  Baptiste Hemery,et al.  A study of users' acceptance and satisfaction of biometric systems , 2010, 44th Annual 2010 IEEE International Carnahan Conference on Security Technology.

[13]  Michael Achatz,et al.  On the Design of an Authentication System Based on Keystroke Dynamics Using a Predefined Input Text , 2007, Int. J. Inf. Secur. Priv..

[14]  Asok Ray,et al.  On the discriminability of keystroke feature vectors used in fixed text keystroke authentication , 2011, Pattern Recognit. Lett..

[15]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[16]  Terence Sim,et al.  Keystroke Dynamics in a General Setting , 2007, ICB.

[17]  Sungzoon Cho,et al.  A hybrid novelty score and its use in keystroke dynamics-based user authentication , 2009, Pattern Recognit..

[18]  Jean-Yves Ramel,et al.  User Classification for Keystroke Dynamics Authentication , 2007, ICB.

[19]  Roy A. Maxion,et al.  Comparing anomaly-detection algorithms for keystroke dynamics , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[20]  Edson C. B. Carvalho,et al.  Using the Keystrokes Dynamic for Systems of Personal Security , 2008 .

[21]  Woojin Chang Reliable Keystroke Biometric System Based on a Small Number of Keystroke Samples , 2006, ETRICS.

[22]  Christophe Rosenberger,et al.  A new soft biometric approach for keystroke dynamics based on gender recognition , 2012, Int. J. Inf. Technol. Manag..

[23]  J. Fierrez-Aguilar,et al.  Hill-Climbing and Brute-Force Attacks on Biometric Systems: A Case Study in Match-on-Card Fingerprint Verification , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[24]  B. Hussien,et al.  Computer-Access Security Systems Using Keystroke Dynamics , 1990, IEEE Trans. Pattern Anal. Mach. Intell..

[25]  Wm. Arthur Conklin,et al.  Password-based authentication: a system perspective , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[26]  Chih-Jen Lin,et al.  Combining SVMs with Various Feature Selection Strategies , 2006, Feature Extraction.

[27]  Alessandro Neri,et al.  User authentication using keystroke dynamics for cellular phones , 2009 .

[28]  Pingzhi Fan,et al.  Novel Impostors Detection in Keystroke Dynamics by Support Vector Machine , 2004, PDCAT.

[29]  Hiroshi Dozono,et al.  Adaptive authentication system for behavior biometrics using supervised pareto self organizing maps , 2008 .

[30]  George D. C. Cavalcanti,et al.  An approach to feature selection for keystroke dynamics systems based on PSO and feature weighting , 2007, 2007 IEEE Congress on Evolutionary Computation.

[31]  Clayton Charles Epp,et al.  Identifying emotional states through keystroke dynamics , 2010 .

[32]  Christophe Rosenberger,et al.  Keystroke dynamics authentication for collaborative systems , 2009, 2009 International Symposium on Collaborative Technologies and Systems.

[33]  Lorenza Saitta,et al.  Modeling Temporal Behavior via Structured Hidden Markov Models: an Application to Keystroking Dynamics , 2007, IICAI.

[34]  Douglas A. Reynolds,et al.  SHEEP, GOATS, LAMBS and WOLVES A Statistical Analysis of Speaker Performance in the NIST 1998 Speaker Recognition Evaluation , 1998 .

[35]  John-David Marsters Keystroke dynamics as a biometric , 2009 .

[36]  David Umphress,et al.  Identity Verification Through Keyboard Characteristics , 1985, Int. J. Man Mach. Stud..

[37]  M. van Zaanen,et al.  Vibration Sensitive Keystroke Analysis , 2009 .

[38]  Fabian Monrose,et al.  Authentication via keystroke dynamics , 1997, CCS '97.

[39]  Fabian Monrose,et al.  Keystroke dynamics as a biometric for authentication , 2000, Future Gener. Comput. Syst..

[40]  Claudia Picardi,et al.  User authentication through keystroke dynamics , 2002, TSEC.

[41]  Norman Shapiro,et al.  Authentication by Keystroke Timing: Some Preliminary Results , 1980 .

[42]  Heather Crawford Keystroke dynamics: Characteristics and opportunities , 2010, 2010 Eighth International Conference on Privacy, Security and Trust.

[43]  Jan H. P. Eloff,et al.  Enhanced Password Authentication through Fuzzy Logic , 1997, IEEE Expert.

[44]  Raj Sharman,et al.  Handbook of Research on Social and Organizational Liabilities in Information Security , 2008 .

[45]  Kenneth Revett,et al.  Behavioral Biometrics: A Remote Access Approach , 2008 .

[46]  Pragya Agarwal,et al.  Self-Organising Maps , 2008 .

[47]  Christophe Rosenberger,et al.  GREYC keystroke: A benchmark for keystroke dynamics biometric systems , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[48]  Baptiste Hemery,et al.  Towards the Security Evaluation of Biometric Authentication Systems , 2011 .

[49]  Marcelo Cipriano,et al.  Collection and Publication of a Fixed Text Keystroke Dynamics Dataset , 2010 .

[50]  Arun Ross,et al.  Handbook of Multibiometrics , 2006, The Kluwer international series on biometrics.

[51]  Hyoungjoo Lee,et al.  Improving Authentication Accuracy of Unfamiliar Passwords with Pauses and Cues for Keystroke Dynamics-Based Authentication , 2006, WISI.

[52]  Lee Luan Ling,et al.  User authentication through typing biometrics features , 2005 .

[53]  Mohammad S. Obaidat,et al.  Verification of computer users using keystroke dynamics , 1997, IEEE Trans. Syst. Man Cybern. Part B.

[54]  E.O. Freire,et al.  Multimodal biometric fusion — joint typist (keystroke) and speaker verification , 2006, 2006 International Telecommunications Symposium.

[55]  Mohammad S. Obaidat,et al.  Dimensionality reduction and feature extraction applications in identifying computer users , 1991, IEEE Trans. Syst. Man Cybern..

[56]  M. Akila,et al.  Biometric personal authentication using keystroke dynamics: A review , 2011, Appl. Soft Comput..

[57]  Arun Ross,et al.  Biometric Sensor Interoperability: A Case Study in Fingerprints , 2004, ECCV Workshop BioAW.

[58]  Pavaday Narainsamy,et al.  Investigating & Improving The Reliability And Repeatability Of Keystorke Dynamics Timers , 2010 .

[59]  Ahmad Faris Ismail,et al.  Design and Evaluation of a Pressure-Based Typing Biometric Authentication System , 2008, EURASIP J. Inf. Secur..

[60]  Bruce Schneier,et al.  Inside risks: the uses and abuses of biometrics , 1999, CACM.

[61]  M. Sasikumar,et al.  Recognising Emotions from Keyboard Stroke Pattern , 2010 .

[62]  Danoush Hosseinzadeh,et al.  Gaussian Mixture Modeling of Keystroke Patterns for Biometric Applications , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[63]  K. Revett,et al.  Password secured sites - stepping forward with keystroke dynamics , 2005, International Conference on Next Generation Web Services Practices (NWeSP'05).

[64]  Ibrahim Sogukpinar,et al.  Understanding users' keystroke patterns for computer access security , 2003, Comput. Secur..

[65]  Roy A. Maxion,et al.  Keystroke biometrics with number-pad input , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[66]  Andrew Beng Jin Teoh,et al.  Statistical Fusion Approach on Keystroke Dynamics , 2007, 2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based System.

[67]  Steven Furnell,et al.  Advanced user authentication for mobile devices , 2007, Comput. Secur..

[68]  Roy A. Maxion,et al.  The Effect of Clock Resolution on Keystroke Dynamics , 2008, RAID.

[69]  Sungzoon Cho,et al.  Keystroke dynamics identity verification - its problems and practical solutions , 2004, Comput. Secur..

[70]  Baptiste Hemery,et al.  Unconstrained keystroke dynamics authentication with shared secret , 2011, Comput. Secur..

[71]  Christophe Rosenberger,et al.  Fast learning for multibiometrics systems using genetic algorithms , 2010, 2010 International Conference on High Performance Computing & Simulation.

[72]  Kenneth Revett,et al.  On the Use of Rough Sets for User Authentication Via Keystroke Dynamics , 2007, EPIA Workshops.

[73]  Kenneth Revett,et al.  Enhancing Login Security Through the Use of Keystroke Input Dynamics , 2006, ICB.

[74]  N.M. White,et al.  Use of a Novel Keypad Biometric for Enhanced User Identity Verification , 2008, 2008 IEEE Instrumentation and Measurement Technology Conference.