DoubleType: Authentication Using Relationship Between Typing Behavior on Multiple Devices

Authentication using Keystroke Dynamics (KD), has customarily focused on one device at a time, either desktop or phone. It is imperative that authentication systems adapt to an environment where the users consistently switch between multiple devices. We use the typing behavior of users on different devices, extract the relationship between them and show that these relationships can be used to authenticate users in a multi-device environment when a user switches between devices. We design an authentication system for three scenarios, using the relationship between typing behaviors on a) desktop and phone, b) desktop and tablet, and c) tablet and phone. We find that these are highly separable for individuals with data form 70 users. With Gaussian Naive Bayes (GNB) and Random Forests (RF) classifiers, we found the accuracies for verification to be very high. Using GNB we achieved mean accuracies of 99.15%, 99.23% and 98.72% for relationships between desktop-phone, desktop-tablet and tablet-phone respectively. RF classifiers performed similarly with mean accuracies of 99.31%, 99.33% and 99.12% for relationships between desktop-phone, desktop-tablet and tablet-phone respectively.

[1]  Lee Luan Ling,et al.  Biometric Access Control Through Numerical Keyboards Based on Keystroke Dynamics , 2006, ICB.

[2]  Alessandro Neri,et al.  Keystroke dynamics authentication for mobile phones , 2011, SAC.

[3]  Dawn Xiaodong Song,et al.  Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication , 2012, IEEE Transactions on Information Forensics and Security.

[4]  David Umphress,et al.  Identity Verification Through Keyboard Characteristics , 1985, Int. J. Man Mach. Stud..

[5]  Jugal K. Kalita,et al.  Authentication of Smartphone Users Using Behavioral Biometrics , 2016, IEEE Communications Surveys & Tutorials.

[6]  Gunjan Pahuja,et al.  Biometric authentication & identification through behavioral biometrics: A survey , 2015, 2015 International Conference on Cognitive Computing and Information Processing(CCIP).

[7]  Mohammad S. Obaidat,et al.  Verification of computer users using keystroke dynamics , 1997, IEEE Trans. Syst. Man Cybern. Part B.

[8]  Steven Furnell,et al.  Advanced user authentication for mobile devices , 2007, Comput. Secur..

[9]  Claudia Picardi,et al.  Keystroke analysis of free text , 2005, TSEC.

[10]  B. Hussien,et al.  Computer-Access Security Systems Using Keystroke Dynamics , 1990, IEEE Trans. Pattern Anal. Mach. Intell..

[11]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[12]  Fabian Monrose,et al.  Keystroke dynamics as a biometric for authentication , 2000, Future Gener. Comput. Syst..

[13]  Claudia Picardi,et al.  User authentication through keystroke dynamics , 2002, TSEC.

[14]  Norman Shapiro,et al.  Authentication by Keystroke Timing: Some Preliminary Results , 1980 .

[15]  Steven Furnell,et al.  Keystroke dynamics on a mobile handset: a feasibility study , 2003, Inf. Manag. Comput. Secur..

[16]  Nathan L. Clarke,et al.  Keystroke Analysis for Thumb-based Keyboards on Mobile Devices , 2007, SEC.

[17]  John J. Leggett,et al.  Verifying Identity via Keystroke Characteristics , 1988, Int. J. Man Mach. Stud..

[18]  Shambhu J. Upadhyaya,et al.  Continuous Authentication Using Behavioral Biometrics , 2017, IWSPA@CODASPY.

[19]  Mohammad S. Obaidat A methodology for improving computer access security , 1993, Comput. Secur..

[20]  Xiang-Yang Li,et al.  SilentSense: silent user identification via touch and movement behavioral biometrics , 2013, MobiCom.

[21]  Gopal K. Gupta,et al.  Identity authentication based on keystroke latencies , 1990, Commun. ACM.