User authentication using keystroke dynamics for cellular phones

A new approach for keystroke-based authentication when using a cellular phone keypad as input device is presented. In the proposed method, users are authenticated using keystroke dynamics acquired when typing fixed alphabetic strings on a mobile phone keypad. The employed statistical classifier is able to perform user verification with an average equal error rate of about 13%. The obtained experimental results suggest that, when using mobile devices, a strong secure authentication scheme cannot rely on the sole keystroke dynamics, which however can be a module of a more complex system including, as basic security, a password-based protocol eventually hardened by keystroke analysis.

[1]  Masahito Kurihara,et al.  Sensing Pressure for Authentication System Using Keystroke Dynamics , 2004, International Conference on Computational Intelligence.

[2]  Mark D. Dunlop,et al.  Investigating five key predictive text entry with combined distance and keystroke modelling , 2008, Personal and Ubiquitous Computing.

[3]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[4]  Arun Ross,et al.  Handbook of Biometrics , 2007 .

[5]  Xian Ke,et al.  Typing patterns: a key to user identification , 2004, IEEE Security & Privacy Magazine.

[6]  Fabian Monrose,et al.  Keystroke dynamics as a biometric for authentication , 2000, Future Gener. Comput. Syst..

[7]  Claudia Picardi,et al.  User authentication through keystroke dynamics , 2002, TSEC.

[8]  Arun Ross,et al.  Handbook of Multibiometrics , 2006, The Kluwer international series on biometrics.

[9]  Hyoungjoo Lee,et al.  Retraining a keystroke dynamics-based authenticator with impostor patterns , 2007, Comput. Secur..

[10]  Charles W. Adams Legal requirements for the use of keystroke loggers , 2005, First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05).

[11]  Hyoungjoo Lee,et al.  Improvement of keystroke data quality through artificial rhythms and cues , 2008, Comput. Secur..

[12]  Sungzoon Cho,et al.  Artificial Rhythms and Cues for Keystroke Dynamics Based Authentication , 2006, ICB.

[13]  Jani Mäntyjärvi,et al.  Keystroke recognition for virtual keyboard , 2002, Proceedings. IEEE International Conference on Multimedia and Expo.

[14]  Steven Furnell,et al.  Keystroke dynamics on a mobile handset: a feasibility study , 2003, Inf. Manag. Comput. Secur..

[15]  Christine L. MacKenzie,et al.  Computer user verification using login string keystroke dynamics , 1998, IEEE Trans. Syst. Man Cybern. Part A.

[16]  Berrin A. Yanikoglu,et al.  Identity authentication using improved online signature verification method , 2005, Pattern Recognit. Lett..

[17]  Yong Sheng,et al.  A parallel decision tree-based method for user authentication based on keystroke patterns , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[18]  Petr Musílek,et al.  A keystroke and pointer control input interface for wearable computers , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[19]  Steven Furnell,et al.  Acceptance of Subscriber Authentication Methods For Mobile Telephony Devices , 2002, Comput. Secur..

[20]  Lee Luan Ling,et al.  User authentication through typing biometrics features , 2005 .

[21]  A. Shiozaki,et al.  Biometric Verification Using Keystroke Motion and Key Press Timing for ATM User Authentication , 2006, 2006 International Symposium on Intelligent Signal Processing and Communications.

[22]  John D. Woodward,et al.  Biometrics: privacy's foe or privacy's friend? , 1997, Proc. IEEE.

[23]  Gopal K. Gupta,et al.  Identity authentication based on keystroke latencies , 1990, Commun. ACM.