Strengthening e-banking security using keystroke dynamics

This paper investigates keystroke dynamics and its possible use as a tool to prevent or detect fraud in the banking industry. Given that banks are constantly on the lookout for improved methods to address the menace of fraud, the paper sets out to review keystroke dynamics, its advantages, disadvantages and potential for improving the security of e-banking systems. This paper evaluates keystroke dynamics suitability of use for enhancing security in the banking sector. Results from the literature review found that keystroke dynamics can offer impressive accuracy rates for user identification. Low costs of deployment and minimal change to users modus operandi make this technology an attractive investment for banks. The paper goes on to argue that although this behavioural biometric may not be suitable as a primary method of authentication, it can be used as a secondary or tertiary method to complement existing authentication systems

An empirical biometric-based study for user identification from different roles in the online game League of Legends

© 2017 CEUR-WS. All rights reserved. The popularity of computer games has grown exponentially in the last few years. In some games, players can choose to play with different characters from a pre-defined list, exercising distinct roles in each match. Although such games were created to promote competition and promote self-improvement, there are several recurrent issues. One that has received the least amount of attention is the problem of "account sharing" so far is when a player pays more experienced players to progressing in the game. The companies running those games tend to punish this behaviour, but this specific case is hard to identify. The aim of this study is to use a database of mouse and keystroke dynamics biometric data of League of Legends players as a case study to understand the specific characteristics a player will keep (or not) when playing different roles and distinct characters

Investigating the impact of combining handwritten signature and keyboard keystroke dynamics for gender prediction

© 2019 IEEE. The use of soft-biometric data as an auxiliary tool on user identification is already well known. Gender, handorientation and emotional state are some examples which can be called soft-biometrics. These soft-biometric data can be predicted directly from the biometric templates. It is very common to find researches using physiological modalities for soft-biometric prediction, but behavioural biometric is often not well explored for this context. Among the behavioural biometric modalities, keystroke dynamics and handwriting signature have been widely explored for user identification, including some soft-biometric predictions. However, in these modalities, the soft-biometric prediction is usually done in an individual way. In order to fill this space, this study aims to investigate whether the combination of those two biometric modalities can impact the performance of a soft-biometric data, gender prediction. The main aim is to assess the impact of combining data from two different biometric sources in gender prediction. Our findings indicated gains in terms of performance for gender prediction when combining these two biometric modalities, when compared to the individual ones

Towards Predicting Good Users for Biometric Recognition Based on Keystroke Dynamics

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-16181-5_54Proceedings in Computer Vision - ECCV 2014 Workshops held in Zurich (Switzerland) on 2015.This paper studies ways to detect good users for biometric recognition based on keystroke dynamics. Keystroke dynamics is an active research field for the biometric scientific community. Despite the great efforts made during the last decades, the performance of keystroke dynamics recognition systems is far from the performance achieved by traditional hard biometrics. This is very pronounced for some users, who generate many recognition errors even with the most sophisticate recognition algorithms. On the other hand, previous works have demonstrated that some other users behave particularly well even with the simplest recognition algorithms. Our purpose here is to study ways to distinguish such classes of users using only the genuine enrollment data. The experiments comprise a public database and two popular recognition algorithms. The results show the effectiveness of the Kullback-Leibler divergence as a quality measure to categorize users in comparison with other four statistical measures.This work has been partially supported by projects Bio-Shield (TEC2012-34881) from Spanish MINECO and BEAT (FP7-SEC-284989) from EU

Enhancing login security through the use of keystroke input dynamics

Security is a critical component of most computer systems – especially those used in E-commerce activities over the Internet. Global access to information makes security a critical design issue in these systems. Deployment of sophisticated hardware based authentication systems is prohibitive in all but the most sensitive installations. What is required is a reliable, hardware independent and efficient security system. In this paper, we propose an extension to a keystroke dynamics based security system. We provide evidence that completely software based systems based on keystroke input dynamics can be as effective as expensive and cumbersome hardware based systems. Our system is a behavioral based system that captures the typing patterns of a user and uses that information, in addition to standard login/password security to provide a system that is user-friendly and very effective at detecting imposters. The results provide a means of dealing with enhanced security that is growing in demand in web-based applications such as E-commerce.(undefined

Authenticating computer access based on keystroke dynamics using a probabilistic neural network

Comunicação apresentada na 2nd Annual International Conference on Global e-Security, Docklands, UK, 20 - 22 April 2006.Most computer systems are secured using a login id and password. When computers are connected to the internet, they become more vulnerable as more machines are available to attack them. In this paper, we present a novel method for protecting/enhancing login protection that can reduce the potential threat of internet connected computers. Our method is based on and enhancement to login id/password based on keystroke dynamics. We employ a novel authentication algorithm based on a probabilistic neural network. Our results indicate that we can achieve an equal error rate of less than 5%, comparable to what is achieved with hardware based solutions such as fingerprint scanners and facial recognition systems

Cumulative and Ratio Time Evaluations in Keystroke Dynamics To Improve the Password Security Mechanism

The password mechanism is widely adopted as a control security system to legitimate access to a database or a transaction content or computing resources. This is because of the low cost of the mechanism, the software routine simplicity, and the facility for the user. But the password mechanism can suffer from serious vulnerabilities, which have to be reduced in some way. An aid comes from the keystroke dynamic evaluation, which uses the rhythm in which an individual types characters on a keyboard. It has been demonstrated how the keystroke dynamics are unique biometric template of the users typing pattern. So, the dwell time (the time a key pressed) and the flight time (the time between “key up” and the next “key down”) are used to verify the real user’s identity. In this work we investigated the keystroke dynamic already reported in literature but with some differences, so to obtain additional benefits. Rather than the commonly adopted absolute times (dwell and fly times), we deal with cumulative and ratio ones (i.e. sum and ratio of dwell and fly times), taking into account that the latest are times which do not change even if the user’s typing style evolves with practic

Continuous and transparent multimodal authentication: reviewing the state of the art

Individuals, businesses and governments undertake an ever-growing range of activities online and via various Internet-enabled digital devices. Unfortunately, these activities, services, information and devices are the targets of cybercrimes. Verifying the user legitimacy to use/access a digital device or service has become of the utmost importance. Authentication is the frontline countermeasure of ensuring only the authorized user is granted access; however, it has historically suffered from a range of issues related to the security and usability of the approaches. They are also still mostly functioning at the point of entry and those performing sort of re-authentication executing it in an intrusive manner. Thus, it is apparent that a more innovative, convenient and secure user authentication solution is vital. This paper reviews the authentication methods along with the current use of authentication technologies, aiming at developing a current state-of-the-art and identifying the open problems to be tackled and available solutions to be adopted. It also investigates whether these authentication technologies have the capability to fill the gap between high security and user satisfaction. This is followed by a literature review of the existing research on continuous and transparent multimodal authentication. It concludes that providing users with adequate protection and convenience requires innovative robust authentication mechanisms to be utilized in a universal level. Ultimately, a potential federated biometric authentication solution is presented; however it needs to be developed and extensively evaluated, thus operating in a transparent, continuous and user-friendly manner

Keystroke pressure based typing biometrics authentication system by combining ANN and ANFIS-based classifiers

Security of an information system depends to a large extent on its ability to authenticate legitimate users as well as to withstand attacks of various kinds. Confidence in its ability to provide adequate authentication is, however, waning. This is largely due to the wrongful use of passwords by many users. In this paper, the design and development of keystroke pressure-based typing biometrics for individual user's verification which based on the analysis of habitual typing of individuals is discussed. The paper examines the use of maximum pressure exerted on the keyboard and time latency between keystrokes as features to create typing patterns for individual users. Combining both an Artificial Neural Network (ANN) and Adaptive Neuro-Fuzzy Inference System (ANFIS) are adopted as classifiers to verify the authorized and unauthorized users based on extracted features of typing biometric. The effectiveness of the proposed system is evaluated based upon False Reject Rate (FRR) and False Accept Rate (FAR). A series of experiment shows that the proposed system that used combined classifiers produces promising result for both FAR and FRR