Keystroke dynamics in the pre-touchscreen era

Biometric authentication seeks to measure an individual’s unique physiological attributes for the purpose of identity verification. Conventionally, this task has been realized via analyses of fingerprints or signature iris patterns. However, whilst such methods effectively offer a superior security protocol compared with password-based approaches for example, their substantial infrastructure costs, and intrusive nature, make them undesirable and indeed impractical for many scenarios. An alternative approach seeks to develop similarly robust screening protocols through analysis of typing patterns, formally known as keystroke dynamics. Here, keystroke analysis methodologies can utilize multiple variables, and a range of mathematical techniques, in order to extract individuals’ typing signatures. Such variables may include measurement of the period between key presses, and/or releases, or even key-strike pressures. Statistical methods, neural networks, and fuzzy logic have often formed the basis for quantitative analysis on the data gathered, typically from conventional computer keyboards. Extension to more recent technologies such as numerical keypads and touch-screen devices is in its infancy, but obviously important as such devices grow in popularity. Here, we review the state of knowledge pertaining to authentication via conventional keyboards with a view toward indicating how this platform of knowledge can be exploited and extended into the newly emergent type-based technological contexts

How to improve performance of Neural Network in the hardened password mechanism

A wide variety of systems, ubiquitous in our dailyactivities, require personal identification schemes that verify theidentity of individual requesting their services. A non exhaustivelist of such application includes secure access to buildings,computer systems, cellular phones, ATMs, crossing of nationalborders, boarding of planes among others. In the absence ofrobust schemes, these systems are vulnerable to the wiles of animpostor. Current systems are based on the three vertex of theauthentication triangle which are, possession of the token,knowledge of a secret and possessing the required biometric. Dueto weaknesses of the de facto password scheme, inclusion of itsinherent keystroke rhythms, have been proposed and systems thatimplement such security measures are also on the market. Thiscorrespondence investigates possibility and ways for optimisingperformance of hardened password mechanism using the widelyaccepted Neural Network classifier. It represents continuation ofa previous work in that direction

Age Detection Through Keystroke Dynamics From User Authentication Failures

In this paper an incident response approach is proposed for handling detections of authentication failures in systems that employ dynamic biometric authentication and more specifically keystroke user recognition. The main component of the approach is a multi layer perceptron focusing on the age classification of a user. Empirical findings show that the classifier can detect the age of the subject with a probability that is far from the uniform random distribution, making the proposed method suitable for providing supporting yet circumstantial evidence during e-discovery

Investigating the use of feature selection techniques for gender prediction systems based on keystroke dynamics

Biometric-based solutions keep expanding with new modalities, techniques and systems being proposed every so often. However, the first ones that were used for authentication, such as handwritten signature and keystroke dynamics, continue to be relevant in our digital world, despite their analogical origin. In special, keystroke dynamics has had an increase in popularity with the advent of social networks, making the need to continue to authenticate in desktop or game-based user verification more prevalent and this became an open door to risky situations such as paedophilia, sexual abuse, harassment among others. One of the ways to combat this type of crime is to be able to verify the legitimacy of the gender of the person the user is typing with. Despite the fact that keystroke dynamics is well accepted and reliable, this technique can have far too many attributes to be analysed which can lead to the use of redundant or irrelevant information. Therefore, propose a comparative study between two features selection approaches, hybrid (filter + wrapper) and wrapper. They will be tested by using a genetic algorithm, a particle swarm optimisation, a k -NN, a SVM, and a Naive Bayes as classifiers, as well as, the Correlation and Relief filters. From the results obtained, it can be said that the two proposed hybrid approaches reduce the number of attributes, without negatively impacting the accuracy of the classification, and being less costly than the traditional PSO

Data Science Solution for User Authentication

User authentication is considered a key factor in almost any software system and is often the first layer of security in the digital world. Authentication methods utilize one, or a combination of up to two, of the following factors: something you know, something you have and something you are. To prevent serious data breaches that have occurred using the traditional authentication methods, a fourth factor, something you do, that is being discussed among researchers; unfortunately, methods that rely on this fourth factor have problems of their own. This thesis addresses the issues of the fourth authentication factor and proposes a data science solution for user authentication. The new solution is based on something you do and relies on analytic techniques to transfer Big data characteristics (volume, velocity and variety) into relevant security user profiles. Users’ information will be analyzed to create behavioral profiles. Just-in-time challenging questions are generated by these behavioral profiles, allowing an authentication on demand feature to be obtained. The proposed model assumes that the data is received from different sources. This data is analyzed using collaborative filtering (CF), a learning technique, that builds up knowledge by aggregating the collected users’ transaction data to identify information of security potential. Four use case scenarios were evaluated regarding the proposed model’s proof of concept. Additionally, a web based case study using MovieLens public dataset was implemented. Results show that the proposed model is successful as a proof of concept. The experiment confirms the potential of applying the proposed approach in real life as a new authentication method, leveraging the characteristics of Big data: volume, velocity and variety

Dynamic Keystroke Technique for a Secure Authentication System based on Deep Belief Nets

The rapid growth of electronic assessment in various fields has led to the emergence of issues such as user identity fraud and cheating. One potential solution to these problems is to use a complementary authentication method, such as a behavioral biometric characteristic that is unique to each individual. One promising approach is keystroke dynamics, which involves analyzing the typing patterns of users. In this research, the Deep Belief Nets (DBN) model is used to implement a dynamic keystroke technique for secure e-assessment. The proposed system extracts various features from the pressure-time measurements, digraphs (dwell time and flight time), trigraphs, and n-graphs, and uses these features to classify the user's identity by applying the DBN algorithm to a dataset collected from participants who typed free text using a standard QWERTY keyboard in a neutral state without inducing specific emotions. The DBN model is designed to detect cheating attempts and is tested on a dataset collected from the proposed e-assessment system using free text. The implementation of the DBN results in an error rate of 5% and an accuracy of 95%, indicating that the system is effective in identifying users' identities and cheating, providing a secure e-assessment approach

Biometrics

Biometrics uses methods for unique recognition of humans based upon one or more intrinsic physical or behavioral traits. In computer science, particularly, biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance. The book consists of 13 chapters, each focusing on a certain aspect of the problem. The book chapters are divided into three sections: physical biometrics, behavioral biometrics and medical biometrics. The key objective of the book is to provide comprehensive reference and text on human authentication and people identity verification from both physiological, behavioural and other points of view. It aims to publish new insights into current innovations in computer systems and technology for biometrics development and its applications. The book was reviewed by the editor Dr. Jucheng Yang, and many of the guest editors, such as Dr. Girija Chetty, Dr. Norman Poh, Dr. Loris Nanni, Dr. Jianjiang Feng, Dr. Dongsun Park, Dr. Sook Yoon and so on, who also made a significant contribution to the book

Machine Learning Models for Network Intrusion Detection and Authentication of Smart Phone Users

A thesis presented to the faculty of the Elmer R. Smith College of Business and Technology at Morehead State University in partial fulfillment of the requirements for the Degree of Master of Science by S. Sareh Ahmadi on November 18, 2019

Ranking to Learn and Learning to Rank: On the Role of Ranking in Pattern Recognition Applications

The last decade has seen a revolution in the theory and application of machine learning and pattern recognition. Through these advancements, variable ranking has emerged as an active and growing research area and it is now beginning to be applied to many new problems. The rationale behind this fact is that many pattern recognition problems are by nature ranking problems. The main objective of a ranking algorithm is to sort objects according to some criteria, so that, the most relevant items will appear early in the produced result list. Ranking methods can be analyzed from two different methodological perspectives: ranking to learn and learning to rank. The former aims at studying methods and techniques to sort objects for improving the accuracy of a machine learning model. Enhancing a model performance can be challenging at times. For example, in pattern classification tasks, different data representations can complicate and hide the different explanatory factors of variation behind the data. In particular, hand-crafted features contain many cues that are either redundant or irrelevant, which turn out to reduce the overall accuracy of the classifier. In such a case feature selection is used, that, by producing ranked lists of features, helps to filter out the unwanted information. Moreover, in real-time systems (e.g., visual trackers) ranking approaches are used as optimization procedures which improve the robustness of the system that deals with the high variability of the image streams that change over time. The other way around, learning to rank is necessary in the construction of ranking models for information retrieval, biometric authentication, re-identification, and recommender systems. In this context, the ranking model's purpose is to sort objects according to their degrees of relevance, importance, or preference as defined in the specific application.Comment: European PhD Thesis. arXiv admin note: text overlap with arXiv:1601.06615, arXiv:1505.06821, arXiv:1704.02665 by other author

Ranking to Learn and Learning to Rank: On the Role of Ranking in Pattern Recognition Applications

The last decade has seen a revolution in the theory and application of machine learning and pattern recognition. Through these advancements, variable ranking has emerged as an active and growing research area and it is now beginning to be applied to many new problems. The rationale behind this fact is that many pattern recognition problems are by nature ranking problems. The main objective of a ranking algorithm is to sort objects according to some criteria, so that, the most relevant items will appear early in the produced result list. Ranking methods can be analyzed from two different methodological perspectives: ranking to learn and learning to rank. The former aims at studying methods and techniques to sort objects for improving the accuracy of a machine learning model. Enhancing a model performance can be challenging at times. For example, in pattern classification tasks, different data representations can complicate and hide the different explanatory factors of variation behind the data. In particular, hand-crafted features contain many cues that are either redundant or irrelevant, which turn out to reduce the overall accuracy of the classifier. In such a case feature selection is used, that, by producing ranked lists of features, helps to filter out the unwanted information. Moreover, in real-time systems (e.g., visual trackers) ranking approaches are used as optimization procedures which improve the robustness of the system that deals with the high variability of the image streams that change over time. The other way around, learning to rank is necessary in the construction of ranking models for information retrieval, biometric authentication, re-identification, and recommender systems. In this context, the ranking model's purpose is to sort objects according to their degrees of relevance, importance, or preference as defined in the specific application.Comment: European PhD Thesis. arXiv admin note: text overlap with arXiv:1601.06615, arXiv:1505.06821, arXiv:1704.02665 by other author