Abstract
Keystroke dynamics is a behavioural biometric deployed as a software based method for the authentication and/or identification of a user requesting access to a secured computing facility. It relies on how a user types on the input device (here assumed to be a PC keyboard)-and makes the explicit assumption that there are typing characteristics that are unique to each individual. If these unique characteristics can be extracted-then they can be used, in conjunction with the login details to enhance the level of access security-over and above the possession of the login details alone. Most unique characteristics involve the extraction of keypress durations and multi-key latencies. These characteristics are extracted during an enrollment phase, where a user is requested to login into the computer system repeatedly. The unique characteristics then form a string of some length, proportional to the enrollment character content times the number of attributes extracted. In this study, the deployment of classical string matching features prevalent in the bioinformatics literature such as position specific scoring matrices (motifs) and multiple sequence alignments to provide a novel approach to user verification and identification within the context of keystroke dynamics based biometrics. This study provides quantitative information regarding the values of parameters such as attribute acceptance thresholds, the number of accepted attributes, and the effect of contiguity. In addition, this study examined the use of keystroke dynamics as a tool for user identification. The results in this study yield virtually 100% user authentication and identification within a single framework.
Similar content being viewed by others
References
A. Jain, R. Bolle, and S. Pankanti, Introduction to Biometrics. In Biometrics. Personal Identification in Networked Society. A. Jain, R. Bolle, S. Pankanti (Eds.). pp. 1–41. Kluwer Academic Publishers, 2003.
A. Peacock, X. Ke, and M. Wilkerson, “Typing patterns: A Key to User Identification,” IEEE Security and Privacy, vol. 2, no. 5, pp. 40–47, 2004.
R. Gaines, W. Lisowski, S. Press, and S. Shapiro, “Authentication by keystroke timing: Some preliminary results,” Rand Report R-256-NSF, Rand Corp, 1980.
R. Joyce and G. Gupta, “Identity authorization based on keystroke latencies,” Communications of the ACM, vol. 33, no. 2, pp 168–176, 1990.
F. Monrose and A. D. Rubin, “Authentication via Keystroke Dynamics,” Proc. of the Fourth ACM Conference on Computer and Communication Security, Zurich, Switzerland, 1997.
F. Monrose, M. K. Reiter, and S. Wetzal, “Password hardening based on keystroke dynamics,” International Journal of Information Security, pp. 69–83, 2001.
B. Hussien, S. Bleha, and R. McLaren, “An application of fuzzy algorithms in a computer access security system,” Pattern Recognition Letters, vol. 9, pp. 39–43,1989.
W. G. de Ru and J. Eloff, “Enhanced password authentication through fuzzy logic,” IEEE Expert, vol. 12, no. 6, pp. 38–45, Nov/Dec, 1997.
M. Tapiador and J. A. Siguenza, “Fuzzy keystroke biometrics on web security,” AutoID’ 99 Proceedings Workshop on Automatic Identification Advanced Technologies. IEEE, pp. 133–136, 1999.
M. S. Obaidat and B. A. Sadoun, “Simulation evaluation study of neural network techniques to computer user identification,” Information Sciences, vol. 102, pp. 239–258, 1997.
K. S. Sung and S. Cho, “GA SVM wrapper ensemble for keystroke dynamics authentication,” Proc. of International Conference on Biometrics, Hong Kong, pp. 654–660, 2006.
M. VS. de Oliveira, E. Kinto, E. D. M. Hernandez, and T. C. de Carvalho, “User authentication based on human typing patterns with artificial neural networks and support vector machines,” SBC 2005.
K. Revett, S. Magalhaes, and H. Santos, “Developing a keystroke dynamics based agent using rough sets,” The 2005 IEEE/WIC/ACM Interna-tional Joint Conference on Web Intelligence and Intelligent Agent Technology Workshop on Rough Sets and Soft Computing in Intelligent Agents and Web Technology, Compiegne, France, pp. 56–61, 19–22 September, 2005.
K. Revett, “On the use of multiple sequence alignment for user authentication via keystroke dynamics,” Proc. of International Conference on Global eSecurity, University of East London, pp. 112–120, 16–18 April, 2007.
S. T. Magalhães and H. D. Santos, “An improved statistical keystroke dynamics algorithm,” Proceedings of the IADIS MCCSIS, 2005.
S. B. Needleman and C. D. Wunsch, “A general method applicable to the search for similarities in the amino acid sequence of two proteins,” J. Mol. Biol. vol. 48, pp. 443–453, 1970.
T. F. Smith and M. S. Waterman, “Identification of common molecular subsequences,” J. Mol. Biol. vol. 147, pp. 95–197, 1981.
V. Nalwa, “Automatic on-line signature verification,” Proceedings of the IEEE, vol. 85, pp. 213–239, February 1997.
A. K. Jain, F. D. Griess, and S. D. Connell, “Online signature verification,” Pattern recognition, vol. 35, pp. 2963–2972, 2002.
D. A. Reynolds, and R. C. Rose, “Robust textindependent speaker identification using Gaussian mixture speaker models,” IEEE Trans on Speech and Audio Processing, vol. 3, no. 1, pp. 72–83, 1995.
R. K. Rowe, K. A. Nixon, and S. P. Corcoran, “Multispectral fingerprint biometrics,” Proc. of the IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, pp. 16–20, 2005.
D. Maltoni, D. Maio, A. Jain, and S. Prabhakar, Handbook of Fingerprint Recognition, pp. 59–61, Springer, New York, 2003.
Author information
Authors and Affiliations
Corresponding author
Additional information
Recommended by Guest Editor Phill Kyu Rhee. The author would like to thank the students at the Polish Japanese Institute of Information Technology, in Warsaw, Poland for participating in this study.
Kenneth Revett received his Ph.D. degree in Neuroscience from the University of Maryland, College Park in 1999. His research interests include behavioural biometrics and computational modelling. He is author of the text Behavioral Biometrics: A Remote Access Approach, holds a UK patent in keystroke dynamics, and has published over 40 papers in the field.
Rights and permissions
About this article
Cite this article
Revett, K. A bioinformatics based approach to user authentication via keystroke dynamics. Int. J. Control Autom. Syst. 7, 7–15 (2009). https://doi.org/10.1007/s12555-009-0102-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12555-009-0102-2