Abstract
A number of previous studies have investigated the use of keystroke analysis as a means of authenticating users’ identities at the point of initial login. By contrast, relatively little research has focused upon the potential of applying the technique for identity verification during the logged-in session. Previous work by the authors has determined that keystroke analysis is a viable metric for continuous monitoring, provided that sufficient data is captured to create a reliable profile. This paper presents a series of results from a three-month trial in which profiles were created using digraph, trigraph and keyword-based keystroke latencies. The profiles were based upon a total of over 5 million keystroke samples, collected from 35 participants. The results demonstrate that the techniques offer significant promise as a means of non-intrusive identity verification during keyboard-related activities, with an optimum false acceptance rate of 4.9% being observed at a rate of 0% false rejection.
Chapter PDF
Key words
References
Brown M. and Rogers S.J., 1993, “User identification via keystroke characteristics of typed names using neural networks” , International Journal of Man-Machine Studies, vol. 39, pp999–1014.
Card S.K., Moran T.P. & Newell A., 1980. “Computer text-editing: An informationprocessing analysis of a routine cognitive skill”, Cognitive Psychology, vol. 12, pp32–74.
Dowland P.S., Fumell S.M. & Papadaki M., 2002, “Keystroke Analysis as a Method of Advanced User Authentication and Response” , Proceedings of IFIP/SEC 2002 - 17th International Conference on Information Security, Cairo, Egypt, 7–9 May, pp215–226.
Fumell, S.M., 1995, “Data Security in European Healthcare Information Systems” , PhD Thesis, University of Plymouth, UK.
Gaines R., Lisowski W., Press S. and Shapiro N., 1980, “Authentication by Keystroke Timing: some preliminary results” , Rand Report R-256-NSF, Rand Corporation.
Joyce R. and Gupta G. 1990. “Identity authentication based on keystroke latencies” , Communications of the ACM, vol. 33, no. 2, pp 168–176.
Legett J., Williams G., Usnick M. and Longnecker M., 1991, “Dynamic identity verification via keystroke characteristics” , International Journal of Man-machine Studies, vol. 35, pp859–870.
Mahar D., Napier R., Wagner M., Laverty W., Henderson R.D. and Hiron M., 1995, “Optimizing digraph-latency based biometric typist verification systems: inter and intra typist differences in digraph latency distributions”, International Journal of HumanComputer Studies, vol. 43, pp579–592.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 IFIP International Federation for Information Processing
About this paper
Cite this paper
Dowland, P.S., Furnell, S.M. (2004). A Long-Term Trial of Keystroke Profiling Using Digraph, Trigraph and Keyword Latencies . In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds) Security and Protection in Information Processing Systems. SEC 2004. IFIP — The International Federation for Information Processing, vol 147. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8143-X_18
Download citation
DOI: https://doi.org/10.1007/1-4020-8143-X_18
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-8016-1
Online ISBN: 978-1-4020-8143-9
eBook Packages: Springer Book Archive