Anomaly detection through keystroke and tap dynamics implemented via machine learning algorithms (original) (raw)
Related papers
2015 20th International Conference on Control Systems and Computer Science, 2015
In this paper we study keystroke dynamics as an authentication mechanism for touchscreen based devices. The authentication process decides whether the identity of a given person is accepted or rejected. This can be easily implemented by using a two-class classifier which operates with the help of positive samples (belonging to the authentic person) and negative ones. However, collecting negative samples is not always a viable option. In such cases a one-class classification algorithm can be used to characterize the target class and distinguish it from the outliers. We implemented an authentication test-framework that is capable of working with both one-class and two-class classification algorithms. The framework was evaluated on our dataset containing keystroke samples from 42 users, collected from touchscreen-based Android devices. Experimental results yield an Equal Error Rate (EER) of 3% (two-class) and 7% (one-class) respectively.
Keystroke Dynamics User Authentication Using Advanced Machine Learning Methods
2015
User authentication based on typing patterns offers many advantages in the domain of cyber security, including data acquisition without extra hardware requirement, continuous monitoring as the keys are typed, and non-intrusive operation with no interruptions to a user's daily work. In this chapter, we adopt three popular voice biometrics algorithms to perform keystroke dynamics based user authentication, namely, 1) Gaussian Mixture Model with Universal Background Model (GMM-UBM), 2) identity vector (i-vector) approach to user modelling, and 3) deep machine learning approach. Unlike most existing keystroke biometrics approaches, which only use genuine users' data at training time, the proposed methods leverage data from a large pool of background users to enhance the model's discriminative capability. These algorithms make no assumption about the underlying probability distribution of the data and are amenable to real-time implementation. Although these techniques were originally developed for speech analysis, our experiments on the publicly available CMU keystroke dynamics dataset using these algorithms have shown significant reduction in the equal error
A machine learning approach to keystroke dynamics based user authentication
International Journal of …, 2007
The majority of computer systems employ a login ID and password as the principal method for access security. In stand-alone situations, this level of security may be adequate, but when computers are connected to the internet, the vulnerability to a security breach is increased. In order to reduce vulnerability to attack, biometric solutions have been employed. In this paper, we investigate the use of a behavioural biometric based on keystroke dynamics. Although there are several implementations of keystroke dynamics available -their effectiveness is variable and dependent on the data sample and its acquisition methodology. The results from this study indicate that the Equal Error Rate (EER) is significantly influenced by the attribute selection process and to a lesser extent on the authentication algorithm employed. Our results also provide evidence that a Probabilistic Neural Network (PNN) can be superior in terms of reduced training time and classification accuracy when compared with a typical MLFN back-propagation trained neural network.
—This paper presents a keystroke dynamics system for mobile devices that employs a statistical distance-to-median anomaly detector. The selected feature set combines the keystroke timing features of hold and latency and the touch screen features of pressure and finger area. The proposed system consists of two modules: training and testing. The aim of the system is to be a research tool to serve two purposes: (i) the generation of a model-independent dataset of keystroke data on mobile devices, for comparison of keystroke dynamics anomaly detectors; (ii) to be used in the evaluation of the authentication performance of the implemented distance-to-median anomaly detector. The system works in the Android environment on Nexus smartphones and tablets. The experimental work has generated a dataset of 2856 records from 56 subjects, 51 records per subject, where each record represents 71 feature elements resulting from the typing of a standard 10-character password. Statistical analysis of the collected dataset showed an equal-error-rate (EER) of 0.049 when using a different pass-mark per subject, and 0.054 when using a global pass-mark for all subjects. The EER results are much lower than previously published results using three distance-based verification models. Also, the false-acceptance-rate at 5% false-rejection-rate is 5.6%, which is much lower than previously published results, but it is still high and needs to be reduced. Evaluation of the testing (authentication) part of the system was carried out through test runs where a genuine user enters his user-id and password as a login attempt, and the resulting test vector of feature elements are matched against the stored template of the user. The login attempt is classified as genuine or impostor based on a preset pass-mark. Conclusions and suggestions for future work are presented.
Smartphones have become the standard personal device to store private or sensitive information. Widely used as every day gadget, however, they are susceptible to get lost or stolen. To protect information on a smartphone from being physically accessed by attackers, a lot of authentication methods have been proposed in recent years. Each one of them suffers from certain drawbacks, either they are easy to circumvent , vulnerable against shoulder surfing attacks, or cumbersome to use. In this paper, we present an alternative approach for user authentication that is based on the smartphone's sensors. By making use of the user's biometrical behavior while entering text into the smartphone, we transparently authenticate the user in an ongoing-fashion. In a field study, we asked more than 300 participants to enter some short sentences into a smartphone while all available sensor events were recorded to determine a typing motion fingerprint of the user. After the proper feature extraction, a machine learning classifier based on Support Vector Machines (SVM) is used to identify the authorized user. The results of our study are twofold: While our approach is able to continuously authenticate some users with high precision, there also exist participants for which no accurate motion fingerprint can be learned. We analyze these difference in detail and provide guidelines for similar problems.
Development of a typing behaviour recognition mechanism on Android
This paper proposes a biometric authentication system which use password based and behavioural traits (typing behaviours) authentication technology to establish user's identity on a mobile phone. The proposed system can work on the latest smart phone platform. It uses mobile devices to capture user's keystroke data and transmit it to web server. The authentication engine will establish if a user is genuine or fraudulent. In addition, a multiplier of the standard deviation "α" has been defined which aims to achieve the balance between security and usability.
Using Keystroke Dynamics for Implicit Authentication on Smartphone
Journal of Korea Multimedia Society, 2014
Authentication methods on smartphone are demanded to be implicit to users with minimum users' interaction. Existing authentication methods (e.g. PINs, passwords, visual patterns, etc.) are not effectively considering remembrance and privacy issues. Behavioral biometrics such as keystroke dynamics and gait biometrics can be acquired easily and implicitly by using integrated sensors on smartphone. We propose a biometric model involving keystroke dynamics for implicit authentication on smartphone. We first design a feature extraction method for keystroke dynamics. And then, we build a fusion model of keystroke dynamics and gait to improve the authentication performance of single behavioral biometric on smartphone. We operate the fusion at both feature extraction level and matching score level. Experiment using linear Support Vector Machines (SVM) classifier reveals that the best results are achieved with score fusion: a recognition rate approximately 97.86% under identification mode and an error rate approximately 1.11% under authentication mode.
Keystroke dynamics authentication for mobile phones
2011
In this paper we discuss the feasibility of employing keystroke dynamics to perform user verification on mobile phones. Specifically, after having introduced a new statistical classifier, we analyze the discriminative capabilities of the features extracted from the acquired patterns, in order to determine which ones guarantee the best authentication performances. The effectiveness of using template selection techniques for keystroke verification is also investigated.
Keystroke Recognition Using Android Devices
2015
The term “biometrics” is derived from the Greek words “bio” (life) and “metrics” (to measure). Biometric recognition is therefore related with the recognition of people based on their characteristics. Automatic biometric recognition systems have become available over the last decades, due to significant advances in computation. However, until recently, specific devices were needed for biometric recognition. Nowadays, smartphones have a considerable processing power, allowing to implement some biometric algorithms. A demand for biometric recognition was created due to increased smartphone market penetration, since the devices hold sensible personal information. To have a secure access to sensitive information some type of security against illegitimate users is needed. Biometric security is therefore a must on these devices, given that the traditional PINs (Personal Identification Number) can be stolen, forgotten or cracked. On the other hand, personal characteristics are unique and c...
User Authentication by Keystroke Dynamics Using Machine Learning Algorithms
International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2019
Due to the expanding vulnerabilities in cyber forensics, security alone is not sufficient to forestall a rupture; however, cyber security is additionally required to anticipate future assaults or to distinguish the potential aggressor. Keystroke Dynamics has high use in cyber intelligence. The paper examines the helpfulness of keystroke dynamics to build up the individual personality. Three schemes are proposed for recognizing an individual while typing on keyboard. Lib SVM and binary SVM are proposed and their performance are shown. Lib SVM is showing a better performance when comparing with binary SVM. As the number of samples are increased it shows an increase in the accuracy. Pair wise user coupling technique is proposed. The proposed procedures are approved by utilizing keystroke information. In any case, these systems could similarly well be connected to other examples of pattern identification problems. This system is applicable in highly confidential areas like military.