Keystroke Dynamics - PowerPoint PPT Presentation

About This Presentation
Title:

Keystroke Dynamics

Description:

Keystroke Dynamics Jacob Wise and Chong Gu Introduction People have unique typing patterns Unique in the same way that fingerprints aren't proven unique ... – PowerPoint PPT presentation

Number of Views:227
Avg rating:3.0/5.0
Slides: 19
Provided by: csVirgin4
Category:

less

Transcript and Presenter's Notes

Title: Keystroke Dynamics


1
Keystroke Dynamics
  • Jacob Wise and Chong Gu

2
Introduction
  • People have unique typing patterns
  • Unique in the same way that fingerprints aren't
    proven unique
  • Typing patterns could be used for authentication
  • Stronger than password
  • Harder to copy
  • Can use challenge-response
  • Inexpensive

3
Previous Work
  • Neural Networks
  • Less mainstream approach
  • Papers co-authored by M.S. Obaidat
  • Traditional Approach
  • Reference Signatures computed by calculating the
    Mean and Standard Deviations
  • Measures distance between Reference Signature
    and Test Signature
  • Use digraph/trigraph
  • Rick Joyce Gopal Gupta (1990) F. Monrose a.
    Rubin (1997) F. Bergadano, D. Bunetti, and C.
    Picardi (2002)

4
First problem - Collecting Data
  • Built-in .NET DateTime class
  • Precise only to about 10 milliseconds
  • Methods from kernel32.dll
  • About 15 significant digits (don't know for sure)

5
First Prototype
  • Timing Data for all fields
  • User Name
  • Password
  • Full Name
  • Mistakes not allowed
  • Signature object is serialized and saved to a file

6
The World of Neural Networks
  • User Name / Password / Full Name unsuitable
  • Can't train a neural network on only positive
    examples
  • Would need to collect break-in attempts by other
    users
  • Hence the Counterexample option in the first
    prototype
  • Everyone-Types-The-Same-Thing works better
  • Hence the passage collection form...

7
The Passage Collection Form
8
Passage Analysis Form
  • Tool to help analyze collected keystroke data
  • Data is in .psig (PassageSignature) and
    .signature (Signature) files
  • We hope this tool will be used and extended in
    future work on this project
  • Tabs for BPN (Back-Propagation Network), more
    traditional analyses, and others that are yet to
    come

9
Passage Analysis Form
10
neural networks
  • Explain BPN basics
  • This started as just a first step
  • Ended up taking the whole time to tune

11
Traditional Approach
  • Reference Signature
  • Computed by calculating the mean and standard
    deviation of samples each user has provided
  • Based on Press Time or Flight Time
  • Samples that are too far off (greater than a
    certain threshold above the mean) are discarded.
    The Means are recalculated.
  • This value needs to be tuned
  • 3 std results in 0.85 of samples being discarded
  • 2 std results in 5 of samples being discarded

12
(No Transcript)
13
Traditional Approach - Reference Signatures
based on Flight Time
14
Traditional Approach - Reference Signatures
based on Press Time
15
Traditional Approach - Reference Signatures
  • We have noticed that there is a bigger variance
    between users if we base our Reference Signatures
    on Flight Times.

16
Traditional approach - the Verifier
  • Two approaches have been considered, but neither
    is up and running
  • Comparing individual Press/flight time of test
    signature with the Mean Reference Signature. A
    press/flight time is considered to be valid if it
    is within x profile standard deviations of the
    mean reference digraph. (where x needs to be
    tuned)
  • Comparing the magnitude of difference between the
    mean reference signature (M) and the test
    signature (T). A certain threshold for an
    acceptable size of the magnitude is required. A
    user with a bigger variability of his/her
    signatures, a bigger threshold value should be
    used.
  • This approach has had some good results
  • Again, the threshold value needs to be tuned.

17
Conclusion
  • We have...
  • Done lots of work but just barely scratched the
    surface
  • Focused getting some usable analysis tools up and
    running
  • Implemented fairly standard algorithms according
    to previous research
  • There is a lot of work to be done!

18
Epilogue
  • Papers that excite us and into which we didn't
    have time to seriously delve
  • User Authentication through Keystroke Dynamics
    Bergadano, Gunetti, Picardi (2002)
  • Password hardening based on keystroke dynamics
    Monrose, Reiter, Wetzel (2001)
  • Not just authentication
Write a Comment
User Comments (0)
About PowerShow.com