基于遗传算法和灰色关联分析的击键特征识别算法

基于用户击键特征的身份认证比传统的基于口令的身份认证方法有更高的安全性，现有研究方法中基于神经网络、数据挖掘等算法计算复杂度高，而基于特征向量、贝叶斯统计模型等算法识别精度较低。为了在提高识别精度的同时有效降低计算复杂度，在研究现有算法的基础上提出了一种基于遗传算法与灰色关联分析的击键特征识别算法。该算法利用遗传算法根据用户训练样本确定表征用户击键特征的标准特征序列，通过对当前用户击键特征序列与标准特征序列进行灰色关联分析实现用户身份认证。实验结果表明，该算法识别精度达到神经网络、支持向量机等算法的较高水平，错误拒绝率与错误接受率分别为0%与1.5%。且计算复杂度低，与基于特征向量的算法相近。     

基于差别子空间的用户击键特征识别

根据用户的击键行为特征，提出了一种基于差别子空间的识别算法，该算法仅依据用户前几次成功登录的击键特征计算出能够代表用户击键的共性特征向量，进而利用当前用户击键特征向量与共性特征向量的欧几里德距离作为判别依据来判定用户的身份。该算法主要进行内积运算，实现简单且识别速度快，实验结果表明该算法误报率较低，鲁棒性较强。     

A parameterized model to select discriminating features on keystroke dynamics authentication on smartphones

Nowadays, smartphones work not only as personal devices, but also as distributed IoT edge devices uploading information to a cloud. Their secure authentications become more crucial as information from them can spread wider. Keystroke dynamics is one of prominent candidates for authentications factors. Combined with PIN/pattern authentications, keystroke dynamics provide a user-friendly multi-factor authentication for smartphones and other IoT devices equipped with keypads and touch screens. There have been many studies and researches on keystroke dynamics authentication with various features and machine-learning classification methods. However, most of researches extract the same features for the entire user and the features used to learn and authenticate the user’s keystroke dynamics pattern. Since the same feature is used for all users, it may include features that express the users’ keystroke dynamics well and those that do not. The authentication performance may be deteriorated because only the discriminative feature capable of expressing the keystroke dynamics pattern of the user is not selected. In this paper, we propose a parameterized model that can select the most discriminating features for each user. The proposed technique can select feature types that better represent the user’s keystroke dynamics pattern using only the normal user’s collected samples. In addition, performance evaluation in previous studies focuses on average EER(equal error rate) for all users. EER is the value at the midpoint between the FAR(false acceptance rate) and FRR(false rejection rate), FAR is the measure of security, and FRR is the measure of usability. The lower the FAR, the higher the authentication strength of keystroke dynamics. Therefore, the performance evaluation is based on the FAR. Experimental results show that the FRR of the proposed scheme is improved by at least 10.791% from the maximum of 31.221% compared with the other schemes.     

基于流形学习的用户身份认证

本文基于等距映射（ISOMAP）非线性降维算法, 提出了一种新的基于用户击键特征的用户身份认证算法, 该算法用测地距离代替传统的欧氏距离, 作为样本向量之间的距离度量,在用户击键特征向量空间中挖掘嵌入的低维黎曼流形,进行用户识别。用采集到的1500个击键模式数据进行实验测试,结果表明,该文的算法性能优于现有的同类算法,其错误拒绝率（FRR）和错误通过率（FAR）分别是1.65%和0%,低于现有的同类算法。     

Keystroke dynamics‐based user authentication service for cloud computing

User authentication is a crucial requirement for cloud service providers to prove that the outsourced data and services are safe from imposters. Keystroke dynamics is a promising behavioral biometrics for strengthening user authentication, however, current keystroke based solutions designed for certain datasets, for example, a fixed length text typed on a traditional personal computer keyboard and their authentication performances were not acceptable for other input devices nor free length text. Moreover, they suffer from a high dimensional feature space that degrades the authentication accuracy and performance. In this paper, a keystroke dynamics based authentication system is proposed for cloud environments that is applicable to fixed and free text typed on traditional and touch screen keyboards. The proposed system utilizes different feature extraction methods, as a preprocessing step, to minimize the feature space dimensionality. Moreover, different fusion rules are evaluated to combine the different feature extraction methods so that a set of the most relevant features is chosen. Because of the huge number of users' samples, a clustering method is applied to the users' profile templates to reduce the verification time. The proposed system is applied to three different benchmark datasets using three different classifiers. Experimental results demonstrate the effectiveness and efficiency of the proposed system. Copyright © 2015 John Wiley & Sons, Ltd.     

Normalizing variations in feature vector structure in keystroke dynamics authentication systems

Usernames and passwords stubbornly remain the most prevalent authentication mechanism. Password secrecy ensures that only genuine users are granted access. If the secret is breached, impostors gain the access too. One method of strengthening password authentication is through keystroke dynamics. Keystroke dynamics algorithms typically constrain the authentication entry to one valid sequence of key presses. In this paper, we introduce the concept of event sequences. We explore the nature of variations between multiple valid key-entry sequences and propose a scheme that effectively represents these variations. We test the efficacy of the new authentication method in distinguishing users. The experimental results show that typing proficiency of individuals is not the only determining authentication factor. We show that typing sequence variations contain sufficient discriminatory information to warrant their inclusion into user authentication methods. Based on these results, we present a novel strategy to create feature vectors for keystroke dynamics-based authentication. The proposed approach ensures that the feature vector’s length and structure are related only to the length of the password, independent of its content or the order of keys pressed. This normalization of feature vector structure has multiple advantages including leveraging the discriminatory power of event sequences, faster search-and-retrieval in n-graph-based authentication systems, and simplicity. The proposed authentication scheme is applicable to both static and continual authentication systems.     

Continuous Authentications Using Frequent English Terms

Most of the current computer systems authenticate a user’s identity only at the point of entry to the system (i.e., login). However, an effective authentication system includes continuous or frequent monitoring of the identity of a user already logged into a system to ensure the validity of the identity of the user throughout a session. Such a system is called a “continuous or active authentication system.” An authentication system equipped with such a security mechanism protects the system against certain attacks including session hijacking that can be performed later by a malicious user. The aim of this research is to advance the state-of-the-art of the user-active authentication research using keystroke dynamics. Through this research, we assess the performance and influence of various keystroke features on keystroke dynamics authentication systems. In particular, we investigate the performance of keystroke features on a subset of most frequently used English words. The performance of four features including key duration, flight time latency, diagraph time latency, and word total time duration are analyzed. A series of experiments is performed to measure the performance of each feature individually as well as the results from the combinations of these features. More specifically, four machine learning techniques are adapted for the purpose of assessing keystroke authentication schemes. The selected classification methods are Support Vector Machine (SVM), Linear Discriminate Classifier (LDC), K-Nearest Neighbors (K-NN), and Naive Bayesian (NB). Moreover, this research proposes a novel approach based on sequential change-point methods for early detection of an imposter in computer authentication without the needs for any modeling of users in advance, that is, no need for a-priori information regarding changes. The proposed approach based on sequential change-point methods provides the ability to detect the impostor in early stages of attacks. The study is performed and evaluated based on data collected for 28 users. The experimental results indicate that the word total time feature offers the best performance result among all four keystroke features, followed by diagraph time latency. Furthermore, the results of the experiments also show that the combination of features enhances the performance accuracy. In addition, the nearest neighbor method performs the best among the four machine learning techniques.     

基于三分类的击键序列身份认证

针对基于统计学用户击键模式识别算法识别率较低的不足，提出了一种统计学三分类主机用户身份认证算法。该方法通过对当前注册用户的击键特征与由训练样本得到的标准击键特征进行比较，将当前注册用户划分为合法用户类、怀疑类与入侵类三类,对怀疑类采用二次识别机制。 采用动态判别域值，引入了与系统安全性和友好性相关的可控参量k，由系统管理员根据实际确定。并对该算法性能进行了理论分析与实验测试，结果表明该算法在保持贝叶斯统计算法需要训练样本集规模较小、算法收敛速度快优点的基础上,识别精度高于贝叶斯统计算法，错误拒绝率(FRR)和错误通过率(FAR)分别为1.6%和1.5%。     

Improving authentication accuracy using artificial rhythms and cues for keystroke dynamics-based authentication

Keystroke dynamics-based authentication (KDA) is to verify a user’s identity using not only the password but also keystroke dynamics. With a small number of patterns available, data quality is of great importance in KDA applications. Recently, the authors have proposed to employ artificial rhythms and tempo cues to improve data quality: consistency and uniqueness of typing patterns. This paper examines whether improvement in uniqueness and consistency translates into improvement in authentication performance in real-world applications. In particular, we build various novelty detectors using typing patterns based on various strategies in which artificial rhythms and/or tempo cues are implemented. We show that artificial rhythms and tempo cues improve authentication accuracies and that they can be applicable in practical authentication systems.     

A parallel decision tree-based method for user authentication based on keystroke patterns

We propose a Monte Carlo approach to attain sufficient training data, a splitting method to improve effectiveness, and a system composed of parallel decision trees (DTs) to authenticate users based on keystroke patterns. For each user, approximately 19 times as much simulated data was generated to complement the 387 vectors of raw data. The training set, including raw and simulated data, is split into four subsets. For each subset, wavelet transforms are performed to obtain a total of eight training subsets for each user. Eight DTs are thus trained using the eight subsets. A parallel DT is constructed for each user, which contains all eight DTs with a criterion for its output that it authenticates the user if at least three DTs do so; otherwise it rejects the user. Training and testing data were collected from 43 users who typed the exact same string of length 37 nine consecutive times to provide data for training purposes. The users typed the same string at various times over a period from November through December 2002 to provide test data. The average false reject rate was 9.62% and the average false accept rate was 0.88%.     

One-class naïve Bayes with duration feature ranking for accurate user authentication using keystroke dynamics

Biometric-based approaches, including keystroke dynamics on keyboards, mice, and mobile devices, have incorporated machine learning algorithms to learn users’ typing behavior for authentication systems. Among the machine learning algorithms, one-class naïve Bayes (ONENB) has been shown to be effective when it is applied to anomaly tests; however, there have been few studies on applying the ONENB algorithm to keystroke dynamics-based authentication. We applied the ONENB algorithm to calculate the likelihood of attributes in keystroke dynamics data. Additionally, we propose the speed inspection in typing skills (SITS) algorithm designed from the observation that every person has a different typing speed on specific keys. These specific characteristics, also known as the keystroke’s index order, can be used as essential patterns for authentication systems to distinguish between a genuine user and imposter. To further evaluate the effectiveness of the SITS algorithm and examine the quality of each attribute type (e.g., dwell time and flight time), we investigated the influence of attribute types on the keystroke’s index order. From the experimental results of the proposed algorithms and their combination, we observed that the shortest/longest time attributes and separation of the attributes are useful for enhancing the performance of the proposed algorithms.     

采用击键特征曲线差异度的用户身份认证方法

击键特征是一种能反映用户行为的动态特征,可作为用户身份识别的信息源。传统的认证方法通常仅采用击键特征向量中所包含的每个特征值的大小来进行身份识别,而没有利用任意两个相邻特征值之间的变化率,在一些情况下,可能导致识别准确度不理想。针对上述问题,定义了一种新颖的击键特征曲线差异度的概念,并由此提出基于击键特征曲线差异度的认证算法。该认证算法不仅利用了常规的击键特征信息,还首次引入了任意两个相邻特征值之间的变化率信息,使算法性能得到显著提高。实验结果表明,相比于曼哈顿距离算法、统计学算法、神经网络算法和机器学习算法,新算法的错误拒绝率、错误接受率和相等错误率更低,识别准确度更高,效果更好。     

Securing keystroke dynamics from replay attacks

Keystroke dynamics is a viable behavioral biometric technique for identity verification based on users’ keyboard interaction traits. Keystroke dynamics can help prevent credentials from being abused in case of theft or leakage. But what happens if the keystroke events are eavesdropped and being replayed? Attackers that intercept keystroke dynamics authentication sessions of benign users can easily replay them from other sources unchanged or with minor changes and gain illegitimate privileges. Hence, even with its major security advantages, keystroke dynamics can still expose authentication mechanisms to replay attacks. Although replay attack is one of the oldest techniques to manipulate authentication systems, keystroke dynamics does not help preventing it. We suggest a new protocol for dynamics exchange based on choosing a subset of real and fake information snippets shared between the client and service providers to lure potential attackers. We evaluated our method on four state-of-the-art keystroke dynamics algorithms and three publicly available datasets and showed that we can dramatically reduce the possibility of replay attacks while preserving highly accurate user verification.     

基于击键特征的用户身份认证新方法

口令保护机制是绝大多数计算机及网络安全管理中的重要一环，如何有效防止因口令失窃而造成计算机及网络系统的非法进入，一直是一个倍受关注的问题，为此文章提出了一种利用用户口令输入击键特征进行用户身份认证的新方法，该方法利用人在点击键盘时所产生的按键压力和击键频率，构造出能够描述每个用户独有特征的击键特征向量，并由此提出了一种基于有限正例样本集合识别正反例的新算法，相关实验结果表明该身份认证新方法具有较高的用户识别能力。     

Privacy-preserving continuous authentication using behavioral biometrics

Continuous authentication modalities collect and utilize users’ sensitive data to authenticate them continuously. Such data contain information about user activities, behaviors, and other demographic information, which causes privacy concerns. In this paper, we propose two privacy-preserving protocols that enable continuous authentication while preventing the disclosure of user-sensitive information to an authentication server. We utilize homomorphic cryptographic primitives that protect the privacy of biometric features with an oblivious transfer protocol that enables privacy-preserving information retrieval. We performed the biometric evaluation of the proposed protocols on two datasets, a swipe gesture dataset and a keystroke dynamics dataset. The biometric evaluation shows that the protocols have very good performance. The execution time of the protocols is measured by considering continuous authentication using: only swipe gestures, keystroke dynamics, and hybrid modalities. The execution time proves the protocols are very efficient, even on high-security levels.

     

On the discriminability of keystroke feature vectors used in fixed text keystroke authentication

Heterogeneous and aggregate vectors are the two widely used feature vectors in fixed text keystroke authentication. In this paper, we address the question “Which vectors, heterogeneous, aggregate, or a combination of both, are more discriminative and why?” We accomplish this in three ways - (1) by providing an intuitive example to illustrate how aggregation of features inherently reduces discriminability; (2) by formulating “discriminability” as a non-parametric estimate of Bhattacharya distance, we show theoretically that the discriminability of a heterogeneous vector is higher than an aggregate vector; and (3) by conducting user recognition experiments using a dataset containing keystrokes from 33 users typing a 32-character reference text, we empirically validate our theoretical analysis. To compare the discriminability of heterogeneous and aggregate vectors with different combinations of keystroke features, we conduct feature selection analysis using three methods: (1) ReliefF, (2) correlation based feature selection, and (3) consistency based feature selection. Results of feature selection analysis reinforce the findings of our theoretical analysis.     

基于可信计算的防网络欺诈认证方案

由于大部分用户没有用户证书,在不安全网络环境中,基于用户名/口令的远程用户认证是最为常见的认证方式.正是基于这一点,许多攻击方式才得以成功实施.在分析了当今主要网络欺诈的方法和现有密钥保护机制的基础上,提出一种基于可信计算技术抵御网络欺诈的认证方案.该方案结合使用了可信计算保护存储机制、证书链、口令分割等多种技术,即使用户名/口令被盗,仍然能保证用户的认证安全.分析结果表明了该方法能有效抵御网络欺诈攻击.     

Mining a new biometrics to improve the accuracy of keystroke dynamics-based authentication system on free-text

Related works for applying keystroke dynamics (KD) on free text identification indicated that applying KD can improve the accuracy of personal authentication on free text. As the result, this paper proposes a new biometrics, i.e., the keystroke clusters map (KC-Map), by clustering users’ keystrokes in order to effectively enhance the accuracy of personal authentication in free text. Since KC-Map is conducted via clustering, it is not suitable for traditional classifiers. In order to tackle this problem, the paper further proposes a keystroke clusters map similarity classifier (KCMS classifier). Experimental results positively show that the proposed KC-Map and KCMS classifier can efficiently improve the accuracy of personal authentication on free text with up to 1.27 times. In addition, one of the huge disadvantages on the current approaches in free text identification is that users are generally required to be trained for several months. Longer training time makes free text identification more impractical. Another motivation of this paper is to explore whether it is possible to shorten the training time into an acceptable range. Experimental results show that, to achieve relatively fair identification accuracy, users only need to carry out about 20 min for training.     

一种面向击键动态身份认证的多模板选择算法

在击键动态身份认证系统中,样本采集和模板建立直接影响系统性能。目前单模板击键认证系统存在无法使错误接受率和错误拒绝率都降低到可接受范围内的不足。为此将多模板思想引入击键认证过程中,在提出最大认证概率算法和最小认证概率算法后,提出均衡概率多模板选择算法,将两种错误率都控制在合理范围内。通过实验同GMMS算法进行对比,并研究了模板数和模板样本数对认证结果的影响,最后与单模板认证系统进行了比较分析。     

基于知识图嵌入的跨社交网络用户对齐算法

针对目前跨社交网络用户对齐算法存在的网络嵌入效果不佳、负采样方法所生成负例质量无法保证等问题,提出一种基于知识图嵌入的跨社交网络用户对齐（KGEUA）算法。在嵌入阶段,利用部分已知的种子锚用户对进行正例扩充,并提出Near_K负采样方法生成负例,最后利用知识图嵌入方法将两个社交网络嵌入到统一的低维向量空间中。在对齐阶段,针对目前的用户相似度度量方法进行改进,将提出的结构相似度与传统的余弦相似度结合共同度量用户相似度,并提出基于自适应阈值的贪心匹配方法对齐用户,最后将新对齐的用户对加入到训练集中以持续优化向量空间。实验结果表明,提出的算法在Twitter-Foursquare数据集上的hits@30值达到了67.7%,比用户对齐现有最佳算法的结果高出3.3~34.8个百分点,显著提升用户对齐效果。