User authentication through keystroke dynamics

Táto diplomová práca sa zaoberá rozpoznávaním osôb na základe dynamiky písania na klávesnici. Teoretická časť práce obsahuje charakteristiku jednotlivých biometrických systémov, ich základne pojmy, rozdelenie, nástroje zaznamenávania dynamiky písania na klávesnici a informačné systémy. Praktická časť práce je zameraná na vytvorenie aplikácie, ktorá dokáže rozoznať osobu na základe dynamiky písania na klávesnici. Obsahuje návrh aplikácie, implementáciu, výsledky z testovania a na záver diskusiu.This diploma thesis is about recognition of persons based on the dynamics of typing on the keyboard. The theoretical part contains the characteristic of biometric systems, their basic terms, division, tools for notating the dynamics of typing on the keyboard and information systems. The practical part is focused on creating an application that can recognize a person based on the dynamics od typing on the keyboard. It contains application design, implementation, test results and discussion at the end.060 - Katedra bezpečnostních služebvelmi dobř

Cumulative and Ratio Time Evaluations in Keystroke Dynamics To Improve the Password Security Mechanism

The password mechanism is widely adopted as a control security system to legitimate access to a database or a transaction content or computing resources. This is because of the low cost of the mechanism, the software routine simplicity, and the facility for the user. But the password mechanism can suffer from serious vulnerabilities, which have to be reduced in some way. An aid comes from the keystroke dynamic evaluation, which uses the rhythm in which an individual types characters on a keyboard. It has been demonstrated how the keystroke dynamics are unique biometric template of the users typing pattern. So, the dwell time (the time a key pressed) and the flight time (the time between “key up” and the next “key down”) are used to verify the real user’s identity. In this work we investigated the keystroke dynamic already reported in literature but with some differences, so to obtain additional benefits. Rather than the commonly adopted absolute times (dwell and fly times), we deal with cumulative and ratio ones (i.e. sum and ratio of dwell and fly times), taking into account that the latest are times which do not change even if the user’s typing style evolves with practic

An empirical biometric-based study for user identification from different roles in the online game League of Legends

© 2017 CEUR-WS. All rights reserved. The popularity of computer games has grown exponentially in the last few years. In some games, players can choose to play with different characters from a pre-defined list, exercising distinct roles in each match. Although such games were created to promote competition and promote self-improvement, there are several recurrent issues. One that has received the least amount of attention is the problem of "account sharing" so far is when a player pays more experienced players to progressing in the game. The companies running those games tend to punish this behaviour, but this specific case is hard to identify. The aim of this study is to use a database of mouse and keystroke dynamics biometric data of League of Legends players as a case study to understand the specific characteristics a player will keep (or not) when playing different roles and distinct characters

Keystroke Biometrics in Response to Fake News Propagation in a Global Pandemic

This work proposes and analyzes the use of keystroke biometrics for content de-anonymization. Fake news have become a powerful tool to manipulate public opinion, especially during major events. In particular, the massive spread of fake news during the COVID-19 pandemic has forced governments and companies to fight against missinformation. In this context, the ability to link multiple accounts or profiles that spread such malicious content on the Internet while hiding in anonymity would enable proactive identification and blacklisting. Behavioral biometrics can be powerful tools in this fight. In this work, we have analyzed how the latest advances in keystroke biometric recognition can help to link behavioral typing patterns in experiments involving 100,000 users and more than 1 million typed sequences. Our proposed system is based on Recurrent Neural Networks adapted to the context of content de-anonymization. Assuming the challenge to link the typed content of a target user in a pool of candidate profiles, our results show that keystroke recognition can be used to reduce the list of candidate profiles by more than 90%. In addition, when keystroke is combined with auxiliary data (such as location), our system achieves a Rank-1 identification performance equal to 52.6% and 10.9% for a background candidate list composed of 1K and 100K profiles, respectively.Comment: arXiv admin note: text overlap with arXiv:2004.0362

Linking recorded data with emotive and adaptive computing in an eHealth environment

Telecare, and particularly lifestyle monitoring, currently relies on the ability to detect and respond to changes in individual behaviour using data derived from sensors around the home. This means that a significant aspect of behaviour, that of an individuals emotional state, is not accounted for in reaching a conclusion as to the form of response required. The linked concepts of emotive and adaptive computing offer an opportunity to include information about emotional state and the paper considers how current developments in this area have the potential to be integrated within telecare and other areas of eHealth. In doing so, it looks at the development of and current state of the art of both emotive and adaptive computing, including its conceptual background, and places them into an overall eHealth context for application and development

Capturing Cognitive Fingerprints from Keystroke Dynamics

Conventional authentication systems identify a user only at the entry point. Keystroke dynamics can continuously authenticate users by their typing rhythms without extra devices. This article presents a new feature called cognitive typing rhythm (CTR) to continuously verify the identities of computer users. Two machine techniques, SVM and KRR, have been developed for the system. The best results from experiments conducted with 1,977 users show a false-rejection rate of 0.7 percent and a false-acceptance rate of 5.5 percent. CTR therefore constitutes a cognitive fingerprint for continuous. Its effectiveness has been verified through a large-scale dataset. This article is part of a special issue on security

Use of Personal Rhythm to Authenticate Encrypted Messages

When communicating using private and secure keys, there is always the doubt as to the identity of the message creator. We introduce an algorithm that uses the personal typing rhythm (keystroke dynamics) of the message originator to increase the trust of the authenticity of the message originator by the message recipient. The methodology proposes the use of a Rhythm Certificate Authority (RCA) to validate rhythm information. An illustrative example of the communication between Bob and Alice and the RCA is included. An algorithm of how to communicate with the RCA is presented. This RCA can be an independent authority or an enhanced Certificate Authority like the one used in public key infrastructure (PKI)

Application of Keystroke Dynamics Modelling Techniques to Strengthen the User Identification in the Context of E-commerce

Keystroke dynamics is a biometric technique to identify users based on analysing habitual rhythm patterns in their typing behaviour. In e-commerce, this technique brings benefits to both security and the analysis of patterns of consumer behaviour. This paper focuses on analysing the keystroke dynamics against an e-commerce site for personal identification. This paper is an empirical reinforcement of previous works, with data extracted from realistic conditions that are of most interest for the practical application of modelling keystroke dynamics in free texts. It was a collaborative work with one of the leading e-commerce companies in Latin America. Experimental results showed that it was possible to identify typists with an accuracy of 89% from a sampling of 300 randomly selected users just by reading comment field keystrokes.VII Workshop Seguridad Informática (WSI)Red de Universidades con Carreras en Informática (RedUNCI