On the Use of Rough Sets for User Authentication Via Keystroke Dynamics
Keystroke dynamics is a behavioral biometric that is based on how a user enters their login details. In this study, a set of eight attributes were extracted during the course of entering login details. This collection of attributes was used to form a refe
- PDF / 223,637 Bytes
- 15 Pages / 430 x 660 pts Page_size
- 71 Downloads / 195 Views
University of Westminster Harrow School of Computer Science London, UK HA1 3TP [email protected] 2 Universidade do Minho Department of Information Systems Campus de Azurem 4800-058 Guimaraes, Portugal {psmagalhaes,hsantos}@dsi.uminho.pt
Abstract. Keystroke dynamics is a behavioral biometric that is based on how a user enters their login details. In this study, a set of eight attributes were extracted during the course of entering login details. This collection of attributes was used to form a reference signature (a biometrics identification record) for subsequent authentication requests. The algorithm for the authentication step entails transforming the attributes into a discretised form based on the amino acid alphabet. A set of bioinformatics based algorithms are then used to perform the actual authentication test. In addition, the use of rough sets was employed in this study to determine if subsets of attributes were more important in the classification (authentication) than others. Lastly, the results of this study indicate that the error rate is less than 1% in the majority of the cases. Keywords: behavioral biometrics, keystroke dynamics, multiple sequence alignment, reducts, rough sets.
1 Introduction The concept of keystroke dynamics emerged from studies of the typing patterns exhibited by users when entering text into a computer using a keypad entry device. Researchers in the field focused on the keystroke pattern, in terms of keystroke duration and keystroke latencies. Evidence from preliminary studies indicated that typing patterns were sufficiently unique as to be easily distinguishable from one another, much like a person’s written signature [1]. The basic idea is to extract a characteristic signature from a particular user’s entry of a login ID – and use this information along with the login ID and password in deciding whether a login attempt is legitimate. There are two critical issues that must be addressed in the development of viable biometric: the selection of discriminatory attributes and the classification algorithm. In this paper, the attributes are selected based on latency (both digraphs and trigraphs are employed), dwell times (the amount of time a key is depressed, typing speed for both the login ID and password, length of time for login ID, J. Neves, M. Santos, and J. Machado (Eds.): EPIA 2007, LNAI 4874, pp. 145–159, 2007. © Springer-Verlag Berlin Heidelberg 2007
146
K. Revett, S. Tenreiro de Magalhães, and H.M.D. Santos
password, and total time for both ID and password. These attributes are then discretised into an alphabet containing 20 discrete elements (the amino acid alphabet of molecular biology) for subsequent classification. The classification algorithm employed in this study is based on the rough set paradigm first presented to the literature by Z. Pawlak in the early 1980s [2],[3]. The result of this combined approach will be explored in this paper and compared with our previous work and that of author researchers in the filed. In the next section, we provide an ove
Data Loading...