Keystroke Dynamics Authentication For Collaborative Systems

We present in this paper a study on the ability and the benefits of using a keystroke dynamics authentication method for collaborative systems. Authentication is a challenging issue in order to guarantee the security of use of collaborative systems during the access control step. Many solutions exist in the state of the art such as the use of one time passwords or smart-cards. We focus in this paper on biometric based solutions that do not necessitate any additional sensor. Keystroke dynamics is an interesting solution as it uses only the keyboard and is invisible for users. Many methods have been published in this field. We make a comparative study of many of them considering the operational constraints of use for collaborative systems

Developing a keystroke biometric system for continual authentication of computer users,”

Abstract-Data windows of keyboard input are analyzed to continually authenticate computer users and verify that they are the authorized ones. Because the focus is on fast intruder detection, the authentication process operates on short bursts of roughly a minute of keystroke input, while the training process can be extensive and use hours of input. The biometric system consists of components for data capture, feature extraction, authentication classification, and receiveroperating-characteristic curve generation. Using keystroke data from 120 users, system performance was obtained as a function of two independent variables: the user population size and the number of keystrokes per sample. For each population size, the performance increased (and the equal error rate decreased) roughly logarithmically as the number of keystrokes per sample was increased. The best closed-system performance results of 99 percent on 14 participants and 96 percent on 30 participants indicate the potential of this approach

Continuous gait authentication techniques for mobile devices

Orientador: Anderson de Rezende RochaDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Com a crescente utilização dos dispositivos móveis (e.g., smartphones), e suas tecnologias cada vez mais avançadas, tais dispositivos tornaram-se ubíquos e, muitas vezes, uma extensão de nós mesmos. Nesse sentido, por questões de segurança e privacidade, cresce constantemente a necessidade de proteção dos dados dos usuários nesses aparelhos móveis. Buscando resolver esse problema, vários destes dispositivos implementam políticas diversificadas de autenticação, em sua maioria, baseados em senhas ou características biométricas. No entanto, geralmente, a autenticação ocorre apenas uma vez, quando o usuário conecta-se ao aparelho, deixando os dados do usuário vulneráveis durante a utilização do mesmo. Dessa forma, neste trabalho, propomos técnicas para autenticação do usuário de forma contínua, utilizando como característica biométrica, seu modo de caminhar. Ao analisar o comportamento do usuário durante intervalos de tempo, visamos garantir maior segurança aos dados pessoais presentes nos dispositivos. As principais vantagens da autenticação contínua baseada no modo de caminhar são: (1) naturalidade ao indivíduo; (2) dificuldade intrínseca de falsificação; (3) ausência de necessidade de colaboração por parte do usuário, e; (4) ubiquidade e transparência durante todo o processo de autenticação. Utilizamos dados coletados por dois sensores: o acelerômetro, presente nos dispositivos móveis atuais; e o vetor de rotação, o qual não é um sensor físico mas, gerado a partir da fusão de sensores físicos como, acelerômetro, magnetômetro e/ou giroscópio. Para o processamento dos dados desses sensores, propomos diversas abordagens tanto para redução de ruídos e remoção de artefatos dos dados quanto para torná-los invariantes à posição do dispositivo e à direção de caminhada do usuário, culminando com a proposta de um novo sistema de coordenadas centrado no usuário. Também projetamos um classificador de caminhada de forma a garantir que não existam dados na etapa de reconhecimento que sejam de outras atividades. Além disso, investigamos métodos de descrição de sinais existentes na literatura para caracterização dos dados do usuário e, então, aplicamos abordagens de aprendizado de máquina para o processo de verificação do usuário (cenário 1:1). Por fim, analisamos alguns métodos para fusão temporal das classificações (late fusion) com o objetivo de garantir que a autenticação ocorra ao longo do tempo, ou seja, de forma contínua. Para validar as técnicas propostas, criamos uma base de dados com 50 usuários e duas sessões em dias diferentes para cada usuário com dados de acelerômetro e de vetor de rotação, sendo também uma contribuição desse trabalhoAbstract: Mobile devices are becoming ubiquitous and, sometimes, even extensions of ourselves. Therefore, concern about user privacy and security on these devices has grown significantly. In this vein, some mobile devices now implement various authentication protocols, most of them, based on passwords or biometric traits. However, usually the authentication happens just once, when the user starts interacting with the device. In this work, we propose continuous authentication techniques using gait as a biometric trait. We aim to ensure better personal data security through the analysis of the user walking behavior over time. The main advantages of the continuous gait authentication are: (1) it is natural individual and transparent to the individual; (2) it is difficult to spoof; and (3) it does not need user cooperation. We use data from two sensors: the accelerometer, which is a mobile device sensor; and the rotation vector, which is not a physical sensor but rather the result of combining data from different physical sensors such as the accelerometer, magnetometer and/or gyroscope. We propose approaches to process the data from these sensors that reduce the acquisition noise and possible artifacts, and turn the data invariant to the device's position and the user's movement direction. For that we propose a new coordinate system referred to as user-centric as opposed to the two common coordinate systems in user nowadays, the device and the world-coordinate systems. We also design and develop a walking classifier with the intention of guaranteeing that all data available for authentication refer to the walking activity. Moreover, we investigate signal characterization methods to properly describe the user data for further user verification on a $1:1$ setup. Finally, we analyze some methods for temporal fusion of the classifications (late fusion) in order to ensure that the authentication happens over time, i.e., continuous authentication. For the techniques validation, we create a dataset with 50 volunteers and two sessions in different days for each individual with accelerometer and rotation vector data. This dataset also is a contribution of this workMestradoCiência da ComputaçãoMestra em Ciência da Computação162026/2014-5, 133927/2016-4CNP

Information Processing for Biological Signals: Application to Laser Doppler Vibrometry

Signals associated with biological activity in the human body can be of great value in clinical and security applications. Since direct measurements of critical biological activity are often difficult to acquire noninvasively, many biological signals are measured from the surface of the skin. This simplifies the signal acquisition, but complicates post processing tasks. Modeling these signals using the underlying physics may not be accurate due to the inherent complexities of the human body. The appropriate use of such models depends on the application of interest. Models developed in this dissertation are motivated by underlying physiology and physics, and are capable of expressing a wide range of signal variability without explicitly invoking physical quantities. An approach for the processing of biological signals is developed using graphical models. Graphical models describe conditional dependence between random variables on a graph. When the graph is a tree, efficient algorithms exist to compute sum-marginals or max-marginals of the joint distribution. Some of the variables correspond to the measured signal, while others may represent the hidden internal dynamics that generate the observed data. Three levels of hidden dynamics are outlined, which enable models to be constructed that track internal dynamics on differing time scales. Expectation maximization algorithms are used to compute parameter estimates. Experimental results of this approach are presented for a novel method of recording bio-mechanical activity using a Laser Doppler Vibrometer. The LDV measures surface velocity on the basis of the Doppler shift. This device is targeted on the neck overlying the carotid artery, and the proximity of the carotid to the skin results in a strong signal. Vibrations and movements from within the carotid are transmitted to the surface of the skin, where they are sensed by the LDV. Changes in the size of the carotid due to variations in blood pressure are sensed at the skin surface. In addition, breathing activity may be inferred from the LDV signal. Individualized models are evaluated systematically on LDV data sets that were acquired under resting conditions on multiple occasions. Model fit is evaluated both within and across recording sessions. Model parameters are interpreted in terms of the underlying physiology. Pressure wave physics in a series of elastic tubes is presented to explore the underlying physics of blood flow in the carotid. Mechanical movements of the carotid walls are related to the underlying pressure, and therefore the cardiovascular activity of the heart and vasculature. This analysis motivates a model that can be estimated from experimental data. Resulting models are interpreted for the LDV signal. The graphical models are applied to the problem of identity verification using the LDV signal. Identity verification is an important problem in which the claimed identity is either accepted or rejected by an automated system. The system design that is used is based on a loglikelihood ratio test using models that are trained during an enrollment phase. A score is computed and compared to a threshold. Performance is given in the form of False Nonmatch and False Match empirical error rates as a function of the threshold. Confidence intervals are computed that take into account correlations between the system decisions

Identifying users using Keystroke Dynamics and contextual information

Biometric identification systems based on Keystroke Dynamics have been around for almost forty years now. There has always been a lot of interest in identifying individuals using their physiological or behavioral traits. Keystroke Dynamics focuses on the particular way a person types on a keyboard. The objective of the proposed research is to determine how well the identity of users can be established when using this biometric trait and when contextual information is also taken into account. The proposed research focuses on free text. Users were never told what to type, how or when. This particular field of Keystroke Dynamics has not been as thoroughly studied as the fixed text alternative where a plethora of methods have been tried. The proposed methods focus on the hypothesis that the position of a particular letter, or combination of letters, in a word is of high importance. Other studies have not taken into account if these letter combinations had occurred at the beginning, the middle, or the end of a word. A template of the user will be built using the context of the written words and the latency between successive keystrokes. Other features, like word length, minimum number of needed words to consider a session valid, frequency of words, model building parameters, as well as age group and gender have also been studied to determine those that better help ascertain the identity of an individual. The results of the proposed research should help determine if using Keystroke Dynamics and the proposed methodology are enough to identify users from the content they type with a good enough level of certainty. From this moment, it could be used as a method to ensure that a user is not supplanted, in authentication schemes, or even to help determine the authorship of different parts of a document written by more than one user.Els sistemes d’identificació biomètrica basades en la cadència de tecleig fa gairebé quaranta anys que s’estudien. Hi ha hagut molt interès en identificar les persones a partir de les seves característiques fisiològiques o de comportament. La cadència de tecleig és la manera en la que una persona escriu en un teclat. L’objectiu de la recerca proposada és determinar com de bé es pot arribar a identificar un individu mitjançant aquesta característica biomètrica i quan també es prenen en consideració dades contextuals. Aquesta recerca es basa en text lliure. Als usuaris mai se’ls va dir què, quan o com havien d’escriure. Aquest camp de la cadència de tecleig no ha estat tan estudiat com l’alternativa de text fix on un gran ventall de mètodes s’han provat. Els mètodes d’identificació proposats es basen en la hipòtesi que la posició d’una lletra, o combinació de lletres teclejades, en una paraula és de gran importància. Altres estudis no prenen en consideració aquesta informació, és a dir, si la combinació de lletres s’ha produït al principi, al mig o al final de la paraula. Es crearà una empremta de l’usuari tenint en compte el context de les lletres en les paraules escrites i les latències entre pulsacions successives. Altres característiques com la mida de les paraules, el nombre mínim de paraules necessari per considerar una sessió vàlida, la freqüència de mots, els paràmetres de construcció dels models, així com el grup d’edat i el gènere també s’han estudiat per determinar quines són les que millor ajuden a identificar un individu. Els resultats de la recerca proposada haurien de permetre determinar si l’ús de la cadència de tecleig i els mètodes proposats són suficients per identificar els usuaris a partir del contingut que generen, sempre amb un cert marge d’error. En cas afirmatiu es podria introduir la tècnica proposada com un mètode més per assegurar que un usuari no és suplantat, en sistemes d’autenticació, o fins i tot per ajudar a determinar l’autoria de diferents parts d’un document que ha estat escrit per més d’un usuari