Keystroke-based authentication by key press intervals as a complementary behavioral biometric

Authors:
Shallen Giroux;Renata Wachowiak-Smolikova;Mark P. Wachowiak
Affiliations:
Department of Computer Science and Mathematics, Nipissing University, North Bay, ON, Canada;Department of Computer Science and Mathematics, Nipissing University, North Bay, ON, Canada;Department of Computer Science and Mathematics, Nipissing University, North Bay, ON, Canada
Venue:
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Year:
2009

Citing 10
Cited 0

Computer security

Computer security
Keystroke dynamics as a biometric for authentication

Future Generation Computer Systems - Special issue on security on the Web
User authentication through keystroke dynamics

ACM Transactions on Information and System Security (TISSEC)
User Identification System Based on Biometrics for Keystroke

ICICS '99 Proceedings of the Second International Conference on Information and Communication Security
Typing Patterns: A Key to User Identification

IEEE Security and Privacy
Authenticating mobile phone users using keystroke analysis

International Journal of Information Security
Enhancing login security through the use of keystroke input dynamics

ICB'06 Proceedings of the 2006 international conference on Advances in Biometrics
Improving authentication accuracy of unfamiliar passwords with pauses and cues for keystroke dynamics-based authentication

WISI'06 Proceedings of the 2006 international conference on Intelligence and Security Informatics
Forgery Quality and Its Implications for Behavioral Biometric Security

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
Keystroke dynamics in a general setting

ICB'07 Proceedings of the 2007 international conference on Advances in Biometrics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Analysis of keystroke dynamics can be useful in protecting personal data because an individual is authenticated not only by password, but also by that individual's keystroke patterns. In this way, intrusion becomes more difficult because the username/password pair, as well as the typing speed and correct keystroke pattern must both be duplicated. The purpose of this paper is to present a keystroke analysis tool that can be incorporated into distributed systems and web-based services. This study also assesses the potential of keystroke analysis as a complementary authentication mechanism. Eleven individuals entered a password into specially developed keystroke analysis software twenty times over a course of four sessions. The data were statistically analyzed to determine keystroke patterns. Tests were performed to verify whether the users could be properly authenticated. Results show that authentication with mean key press timings resulted in very good false acceptance rates, while allowing access to appropriate users.