Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Feature Subset for Improving Accuracy of Keystroke Dynamics on Mobile Environment

  • Lee, Sung-Hoon (Information Security Engineering, University of Science and Technology) ;
  • Roh, Jong-hyuk (Information Security Research Division, Electronics and Telecommunications Research Institute) ;
  • Kim, SooHyung (Information Security Research Division, Electronics and Telecommunications Research Institute) ;
  • Jin, Seung-Hun (Information Security Research Division, Electronics and Telecommunications Research Institute)
  • Received : 2017.06.28
  • Accepted : 2017.09.24
  • Published : 2018.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

Keystroke dynamics user authentication is a behavior-based authentication method which analyzes patterns in how a user enters passwords and PINs to authenticate the user. Even if a password or PIN is revealed to another user, it analyzes the input pattern to authenticate the user; hence, it can compensate for the drawbacks of knowledge-based (what you know) authentication. However, users' input patterns are not always fixed, and each user's touch method is different. Therefore, there are limitations to extracting the same features for all users to create a user's pattern and perform authentication. In this study, we perform experiments to examine the changes in user authentication performance when using feature vectors customized for each user versus using all features. User customized features show a mean improvement of over 6% in error equal rate, as compared to when all features are used.

Keywords

References

  1. R. S. Gaines, W. Lisowski, S. J. Press, and N. Shapiro, Authentication by Keystroke Timing: Some Preliminary Results. Santa Monica, CA: RAND Corporation, 1980.
  2. N. L. Clarke and S. M. Furnell, "Authenticating mobile phone users using keystroke analysis," International Journal Information Security, vol. 6, no. 1, pp. 1-14, 2007. https://doi.org/10.1007/s10207-006-0006-6
  3. P. S. Teh, A. B. J. Teoh, and S. Yue, "A survey of keystroke dynamics biometrics," The Scientific World Journal, vol. 2013, article no. 408280, 2013.
  4. P. H. Pisani and A. C. Lorena, "A systematic review on keystroke dynamics," Journal of the Brazilian Computer Society, vol. 19, no. 4, pp. 573-587, 2013. https://doi.org/10.1007/s13173-013-0117-7
  5. C. Giuffrida, K. Majdanik, M. Conti, and H. Bos, "I sensed it was you: authenticating mobile users with sensorenhanced keystroke dynamics," in Proceedings of the International Detection of Intrusions and Malware, and Vulnerability Assessment, Egham, UK, 2014, pp. 92-111.
  6. G. Ho, "Tapdynamics: strengthening user authentication on mobile phones with keystroke dynamics," Stanford University, Stanford, CA, Technical Report, 2014.
  7. P. S. Teh, N. Zhang, A. B. J. Teoh, and K. Chen, "A survey on touch dynamics authentication in mobile device," Computers & Security, vol. 59, pp. 210-235, 2016. https://doi.org/10.1016/j.cose.2016.03.003
  8. R. Giot, B. Dorizzi, and C. Rosenberger, "A review on the public benchmark databases for static keystroke dynamics," Computers & Security. Vol. 55, pp. 46-61, 2015. https://doi.org/10.1016/j.cose.2015.06.008
  9. H. Saevanee, N. Clarke, S. Furnell, and V. Biscione, "Continuous user authentication using multi-modal biometrics," Computers & Security, vol. 53, pp. 234-246, 2015. https://doi.org/10.1016/j.cose.2015.06.001
  10. N. Zheng, K. Bai, H. Huang, and H. Wang, "You are how you touch: user verification on smartphones via tapping behaviors," in Proceedings of the IEEE 22nd International Conference on Network Protocols, Raleigh, NC, 2014, pp. 221-232.
  11. P. S. Teh, N. Zhang, A. B. J. Teoh, and K. Chen, "Recognizing your touch: towards strengthening mobile device authentication via touch dynamics integration," in Proceedings of the 13th International Conference on Advances in Mobile Computing and Multimedia, Brussels, Belgium, 2015, pp. 108-116.
  12. P. H. Pisani and A. C. Lorena, "Emphasizing typing signature in keystroke dynamics using immune algorithms," Applied Soft Computing, vol. 34, pp. 178-193, 2015. https://doi.org/10.1016/j.asoc.2015.05.008
  13. Android Developers-SensorManager [Online]. Available: https://developer.android.com/reference/android/hardware/SensorManager.html.
  14. S. Raschka, "About feature scaling and normalization-and the effect of standardization for machine learning algorithms," 2014 [Online]. Available: http://sebastianraschka.com/Articles/2014_about_feature_scaling.html.
  15. K. A. Heller, K. M. Svore, A. D. Keromytis, and S. J. Stolfo, "One class support vector machines for detecting anomalous windows registry accesses," in Proceedings of the Workshop on Data Mining for Computer Security, 2003, pp. 1-8.
  16. F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, et al., "Scikit-learn: machine learning in Python," Journal of Machine Learning Research, vol. 12, pp. 2825-2830, 2011.
  17. Wikipedia, "Heuristic," [Online]. Available: https://en.wikipedia.org/wiki/Heuristic_(computer_science).