Figure 2 - uploaded by Oscar Coltell
Content may be subject to copyright.
Source publication
We have revised several authentication systems based on biometric
technology to resume advantages and disadvantages. Because pure hardware
biometric systems of user authentication have low rate on results over
computational and economic cost, alternate biometric methods of low
computational cost based on software development, are also being
evaluat...
Similar publications
We introduce a lightweight biometric solution for user authentica-tion over networks using online handwritten signatures. The algo-rithm proposed is based on a modified Hausdorff distance and has favorable characteristics such as low computational cost and mini-mal training requirements. Furthermore, we investigate an informa-tion theoretic model f...
Multimodal biometric authentication (BA) has shown perennial successes both in research and applications. This paper casts a light on why BA systems can be improved by fusing opinions of different experts, principally due to diversity of biometric modalities, features, classifiers and samples. These techniques are collectively called variance reduc...
Citations
... Therefore, methods to identify the person who accesses the system that is not based only on the password mechanism can significantly curb the threats caused by insiders. From among the various solutions to this problem, the use of keystroke-typing behavior [6,7] , which offers an ability to ascertain the typing characteristics of a user to verify her/his identity easily, is considered to be a promising technique. As a new behavioral biometric, this behavior has been strongly driven by the requirement for nonintrusive verification of insider detection and monitoring applications. ...
Keystroke dynamics is the process to identify or authenticate individuals based on their typing rhythm behaviors. Several classifications have been proposed to verify a user's legitimacy, and the performances of these classifications should be confirmed to identify the most promising research direction. However, classification research contains several experiments with different conditions such as datasets and methodologies. This study aims to benchmark the algorithms to the same dataset and features to equally measure all performances. Using a dataset that contains the typing rhythm of 51 subjects, we implement and evaluate 15 classifiers measured by F1-measure, which is the harmonic mean of a false-negative identification rate and false-positive identification rate. We also develop a methodology to process the typing data. By considering a case in which the model will reject the outsider, we tested the algorithms on an open set. Additionally, we tested different parameters in random forest and k nearest neighbors classifications to achieve better results and explore the cause of their high performance. We also tested the dataset on one-class classification and explained the results of the experiment. The top-performing classifier achieves an F1-measure rate of 92% while using the normalized typing data of 50 subjects to train and the remaining data to test. The results, along with the normalization methodology, constitute a benchmark for comparing the classifiers and measuring the performance of keystroke dynamics for insider detection.
... There have been a lot of scientific studies on using keystroke dynamics for user verification [5] [6] [4] [7] [8] [9]. Most studies have used durations between keystrokes as features for user verification, but some have also used keystroke durations (the time a key is held down). ...
Automatic biometrics recognition techniques are increasingly important in corporate and public security systems and have increased in methods due to rapid field development. This book discusses classic behavioral biometrics as well as collects the latest advances in techniques, theoretical approaches, and dynamic applications. This future-looking book is an important reference tool for researchers, practitioners, academicians, and technologists. While there are existing books that focus on physiological biometrics or algorithmic approaches deployed in biometrics, this book addresses a gap in the existing literature for a text that is solely dedicated to the topic of behavioral biometrics.
... Subsequently, research arising in the 1980s and 1990s (e.g., Umphress and Williams, 1985;Young and Hammon, 1989;Bleha et al., 1990;Joyce and Gupta, 1990;Macchairolo, 1993, 1994;De Ru and Eloff, 1997;Lin, 1997;Monrose and Rubin, 1997;Sadoun, 1997, 1999;Robinson et al., 1998;Coltell et al., 1999;Monrose et al., 1999;Tapiador and Sigüenza, 1999) began to explore alternative methods of keystroke analysis, typically employing a range of novel mathematical analysis techniques, but also differing in the formal data collection method. Statistical techniques (Gaines et al., 1980;Umphress and Williams, 1985;Young and Hammon, 1989;Bleha et al., 1990;Joyce and Gupta, 1990;Bleha and Obaidat, 1991;Monrose and Rubin, 1997;Robinson et al., 1998;Coltell et al., 1999;Monrose et al., 1999;Obaidat and Sadoun, 1999), neural networks Macchairolo, 1993, 1994;Lin, 1997;Obaidat and Sadoun, 1997), and fuzzy logic (De Ru and Eloff, 1997;Tapiador and Sigüenza, 1999) have all been used in attempts to increase the accuracy and effectiveness of keystroke authentication. ...
... Subsequently, research arising in the 1980s and 1990s (e.g., Umphress and Williams, 1985;Young and Hammon, 1989;Bleha et al., 1990;Joyce and Gupta, 1990;Macchairolo, 1993, 1994;De Ru and Eloff, 1997;Lin, 1997;Monrose and Rubin, 1997;Sadoun, 1997, 1999;Robinson et al., 1998;Coltell et al., 1999;Monrose et al., 1999;Tapiador and Sigüenza, 1999) began to explore alternative methods of keystroke analysis, typically employing a range of novel mathematical analysis techniques, but also differing in the formal data collection method. Statistical techniques (Gaines et al., 1980;Umphress and Williams, 1985;Young and Hammon, 1989;Bleha et al., 1990;Joyce and Gupta, 1990;Bleha and Obaidat, 1991;Monrose and Rubin, 1997;Robinson et al., 1998;Coltell et al., 1999;Monrose et al., 1999;Obaidat and Sadoun, 1999), neural networks Macchairolo, 1993, 1994;Lin, 1997;Obaidat and Sadoun, 1997), and fuzzy logic (De Ru and Eloff, 1997;Tapiador and Sigüenza, 1999) have all been used in attempts to increase the accuracy and effectiveness of keystroke authentication. The data collected for use with these techniques were not only recorded directly by the computer being actively used, but also collected via a local network or server arrangement (Bleha et al., 1990;Bleha and Obaidat, 1991;Obaidat and Macchairolo, 1993;Tapiador and Sigüenza, 1999), showing that such keystroke authentication could be implemented in an online system. ...
Biometric authentication seeks to measure an individual’s unique physiological attributes for the purpose of identity verification. Conventionally, this task has been realized via analyses of fingerprints or signature iris patterns. However, whilst such methods effectively offer a superior security protocol compared with password-based approaches for example, their substantial infrastructure costs, and intrusive nature, make them undesirable and indeed impractical for many scenarios. An alternative approach seeks to develop similarly robust screening protocols through analysis of typing patterns, formally known as keystroke dynamics. Here, keystroke analysis methodologies can utilize multiple variables, and a range of mathematical techniques, in order to extract individuals’ typing signatures. Such variables may include measurement of the period between key presses, and/or releases, or even key-strike pressures. Statistical methods, neural networks, and fuzzy logic have often formed the basis for quantitative analysis on the data gathered, typically from conventional computer keyboards. Extension to more recent technologies such as numerical keypads and touch-screen devices is in its infancy, but obviously important as such devices grow in popularity. Here, we review the state of knowledge pertaining to authentication via conventional keyboards with a view toward indicating how this platform of knowledge can be exploited and extended into the newly emergent type-based technological contexts.
... Before the 21st century, keystroke dynamics experiment prototype was developed on operating system (OS) platform using third-generation programming language (3GL) such as FORTRAN [61] and Turbo Pascal [1]. Later when Microsoft products dominate most operating system, an experimental prototype was built on top of MS DOS [62] and windows environment [43] by using languages such as C++ [63] and Visual Basic [64]. Owing to the pace of internet development in the last decade, experimental platform has been shifted to the webbased environment [15] with web programming tools such as JavaScript [65], Java Applet [66], and Flash [67]. ...
Research on keystroke dynamics biometrics has been increasing, especially in the last decade. The main motivation behind this effort is due to the fact that keystroke dynamics biometrics is economical and can be easily integrated into the existing computer security systems with minimal alteration and user intervention. Numerous studies have been conducted in terms of data acquisition devices, feature representations, classification methods, experimental protocols, and evaluations. However, an up-to-date extensive survey and evaluation is not yet available. The objective of this paper is to provide an insightful survey and comparison on keystroke dynamics biometrics research performed throughout the last three decades, as well as offering suggestions and possible future research directions.
... A striking commonly is that most have only mentioned the capture of the timing associated with the typed text without any focus on how to do it. Among the very few where some mention has been made, most quoted the accuracy only, varying from 0.1millisecond [18] to 1second [19]. Long et al. [20] reported inter key latencies varying from 55 milliseconds to hundreds of milliseconds corresponding to efficient typists and " hunt and peck' users respectively. ...
One of the most challenging tasks facing the security expert remains the correct authentication of humanbeing which has been crucial to the fabric of our society. The emphasis is now on reliable personidentification for computerized devices as the latter forms an integral part of our daily activities.Moreover with increasing geographical mobility of individuals, the identification problem has becomemore acute. One alternative, to curb down the increasing number of computer related crimes, is throughthe use of keystroke biometric technology which represents an enhancement to password mechanisms byincorporating typing rhythms in it.Time captured being critical to the performance of the identifier, it is primordial that it satisfies certainrequirements at a suitable degree of acceptability This paper presents an evaluation of timing options forkeystroke dynamics paying attention to their repeatability and reliability as well as their portability ondifferent systems. In actual passwords schemes users enroll using one computer and access resourcesusing other configurations at different locations without bothering about the different underlyingoperating systems.
... statistical 9.00% Bleha et al (1990) [12] bayes 5.45% Obaidat and Sadoun (1997) [13] neuronal networks 5.8% Robinson et al (1998) [14] statistical 10,00% Coltell et al (1999) [15] statistical 17.5% Bergadano et al (2002) [16] ...
We present in this paper a study on the ability and the benefits of using a keystroke dynamics authentication method for collaborative systems. Authentication is a challenging issue in order to guarantee the security of use of collaborative systems during the access control step. Many solutions exist in the state of the art such as the use of one time passwords or smart-cards. We focus in this paper on biometric based solutions that do not necessitate any additional sensor. Keystroke dynamics is an interesting solution as it uses only the keyboard and is invisible for users. Many methods have been published in this field. We make a comparative study of many of them considering the operational constraints of use for collaborative systems.
... Each authentication scheme category has its strengths and weaknesses. Possession based authentication is susceptible to loss or theft and in some cases copying/cloning as for magnetic strip, keys etc. Similarly simplicity, cheapness, ease of implementation and use, the desired characteristics of the password based scheme also explain the waning confidence which designers have in its ability to provide sufficient levels of authentication (Conn A.P et al, 1990). The strength of the system is dependent on the secrecy of the underlying shared secret. ...
... In another work the target strings were divided into three difficulty levels. (Coltell O et al., 1999). In 1997, Monrose and Rubin (Monrose F & Rubin A, 1998) extended the basic research by considering a system that uses "free Style" (i.e., nonstructured) text, which is a few sentences from a list of available phrases. ...
Pure hardware based biometric systems of user authentication have low rate of errors but increase computational and economic cost. Alternate biometric methods based purely on software development are now booming. This paper presents our results on improving authentication of users using a password mechanism hardened with keystroke timing vectors. We develop a system that is trained with the keystroke timing vectors of the owners and then later used to differentiate between authentic users and impostors. Using a prototype implementation of our scheme, we compare the results of human-selected, derived passwords and system generated to reveal the practical viability of our approach in terms of results achieved, ease of implementation and use.
... De Ru et al. [10] analyzed a feature based on the distance of the keys in the keyboard and the combination of keys called typing difficulty, besides the keystroke latency; • Timing Accuracy: As most of the typing biometrics features are time-based, the precision of the key-up and the key-down times have to be analyzed. The timing accuracy varies between 0.1 ms [7] and 1000 ms (1 s) [11]. • Trials of Authentication: In [12], it was observed that legitimate users usually fail in the first trial of authentication, but in the second one, a successful authentication was realized. ...
... This mechanism creates a new updated template every time a successful authentication is performed, including the new sample and discarding the oldest one. • Classifier: In [2]- [4], [6], [7], and [11], a statistical classifier was applied, using known techniques as k-means, Bayes, etc. In [9] and [10], fuzzy logic was applied using a user's categorization as output. ...
This paper uses a static keystroke dynamics in user authentication. The inputs are the key down and up times and the key ASCII codes captured while the user is typing a string. Four features (key code, two keystroke latencies, and key duration) were analyzed and seven experiments were performed combining these features. The results of the experiments were evaluated with three types of user: the legitimate, the impostor and the observer impostor users. The best results were achieved utilizing all features, obtaining a false rejection rate of 1.45% and a false acceptance rate of 1.89%. This approach can be used to improve the usual login-password authentication when the password is no more a secret. This paper innovates using four features to authenticate users.
... Dos secuencias fueron analizadas en [11], la primera es una secuencia de 31 caracteres y la segunda es el "login". En [9], la secuencia clave fue dividida en tres niveles basados en el grado de dificultad. El número de caracteres de la secuencia es un asunto importante, siendo que en [14] fue demostrado que errores de clasificación aumentan cuando la cantidad de caracteres de la secuencia clave es inferior a 10 letras; Número de Muestras: Muestras son adquiridas durante el proceso de registro para formar el conjunto de entrenamiento. ...
... En [6] se afirma que la utilización en conjunto de estas características ofrece mejores resultados que cuando utilizadas de forma aislada; Precisión del Tiempo de Muestreo: Como las características de la biometría del tecleo están basadas en intervalos de tiempos, la precisión de los tiempos en que las teclas son pulsadas y sueltas deben ser analizados. La precisión del tiempo de muestreo presentado por varios investigadores varia entre 0.0001 segundo [6] y 1 segundo [9]. Mecanismo de Adaptación: Características biométricas cambian con el tiempo. ...
... Excepcionalmente en [4], un mecanismo de adaptación es utilizado, siendo que el mismo es activado cada vez que una autenticación es positiva, creándose una nueva plantilla actualizada con la nueva muestra y descartándose la más antigua. E Clasificador: En [3], [6], [9]- [11] y [14], un clasificador estadístico fue empleado, utilizando técnicas conocidas tales como k vecinos más próximos, Bayes, etc. En [5], un clasificador de lógica difusa fue empleado. En [12], se utilizó un clasificador que mezcla técnicas estadísticas, neuronales y difusas. ...
This paper uses a fuzzy logic approach in a static typing biometrics user authentication. The inputs are the down and up times, and the ASCII code of the keys that are captured while the user is typing a known string. In this research, it was collected four features (the key code, two keystroke latencies and the key duration) captured in two different strings. The first string was imposed, and the second one was chosen by each user. Seven experiments were developed utilizing a fuzzy logic classifier and the proposed features. The results of the experiments are evaluated in three situations of authentication: the legitimate user, the impostor and the specialist impostor. The best results were achieved utilizing all the features, obtaining a false rejection rate of 3.5% and a false acceptance rate of 2.9%. This approach can be used in the usual login-password authentication for improvement of the false acceptance rate, when the password is no more a secret.In this paper recurrent neural networks are considered to realize traffic prediction in computer network.
... De Ru et al. [10] analyzed a feature based on the distance of the keys in the keyboard and the combination of keys called typing difficulty, besides the keystroke latency; • Timing Accuracy: As most of the typing biometrics features are time-based, the precision of the key-up and the key-down times have to be analyzed. The timing accuracy varies between 0.1 ms [7] and 1000 ms (1 s) [11]. • Trials of Authentication: In [12], it was observed that legitimate users usually fail in the first trial of authentication, but in the second one, a successful authentication was realized. ...
... This mechanism creates a new updated template every time a successful authentication is performed, including the new sample and discarding the oldest one. • Classifier: In [2]- [4], [6], [7], and [11], a statistical classifier was applied, using known techniques as k-means, Bayes, etc. In [9] and [10], fuzzy logic was applied using a user's categorization as output. ...
This paper uses a static typing biometrics in user authentication. The inputs are the key down and up times and the key ASCII
codes captured while the user is typing a string. Four features (key code, two keystroke latencies and key duration) were
analyzed, and, seven experiments were performed combining these features. The results of the experiments were evaluated involving
three types of user: the legitimate, the impostor and the observer impostor users. The best results were achieved utilizing
all features, obtaining a false rejection rate (FRR) of 1.45 1.89 authentication when the password is no more a secret. This
paper innovates using the combination of four features to authenticate users.
