Time Signatures – An Implementation of Keystroke and ... - IEEE Xplore

Time Signatures – An Implementation of Keystroke and Click Patterns for Practical and Secure Authentication Muhammad Sharif, Tariq Faiz, Mudassar Raza Department of Computer Sciences, COMSATS Institute of Information Technology, Wah Cantt, Punjab-Pakistan [email protected], [email protected], [email protected] II.

Abstract—The analysis of Keystroke Dynamics (KD) is a developing biometric technique for user authentication. In computer security, its use is limited to some constraints such as longer typing and practice sessions. In this paper, a practical user authentication system is proposed that combines a conventional login/password method and a said biometric technique. The conventional password authentication method is enhanced through analysis of Keystroke Dynamics (KD) and Click Patterns (CP). In this way increased security level is achieved without using long and complicated passwords. For this, an application is developed to demonstrate the technique and the results are analyzed. User Time Signatures (TS) are identified after analyzing user KD and CP. Based on ability to follow their specific TS, users are categorized into beginner, standard and expert. At the time of login, the user inputs are matched with respective database records for authentication.

The system has dual practical authentication schemes by applying Key board Analysis and Click Patterns. It comprises of following two modes: A. User Creation Mode (UCM) Following is the flow chart of the User Creation Mode: Start

Enter User Name

No

Keywords: Keystroke, Authentication I.

Login,

Password,

PROPOSED SYSTEM

DB

Valid

Biometric,

Yes

INTRODUCTION Check Time Signature Option

The use of KD in user authentication loses its effectiveness as it requires long training sessions and text strings that are not feasible to be used as password [4]. Short passwords are not accurately distinguishable through KD. It is desirable to increase security level without changes in conventional user name/password mechanism [5], eliminating long password and extra burden on user. Different techniques like Neural-Networks [1][2], KNearest Neighbor Algorithm [9], G4-SVM Wrapper App [7] and Pattern Classification Methods [8] are used for user authentication. The main idea behind this research is to apply such biometric patterns which are quite distinctive for every user during the process of user authentications. Thus the user authentication procedure becomes more reliable making it more difficult to be hacked. The keyboard typing patterns can provide a safe way by monitoring certain typing rhythms. During typing, the delays between two keystrokes and duration of keystroke can be used for a unique identification of any user. The consistency ratio of such well-known and regularly typed strings will be very high, though the possibility of human error cannot be neglected here. So the 80% to 90% accuracy can make keyboard-typing pattern more applicable such as voice recognition, hand writing analysis and bank signature comparisons etc.

978-1-4244-2917-2/08/$25.00 ©2008 IEEE

Required

No

Enter Password

Yes Re-Enter Password

Enter Password

No

Valid

Yes

No

Valid Yes

Click on Knock Pad

Saving Profile

End Fig.1. Flowchart-I (User Creation Mode)

559

DB

The User Creation Mode runs in four steps: First, given user name is matched with existing users’ database to obtain a valid and unique user name. User has the option to utilize TS (Training Session) feature. In case the user denies TS feature, he has to re-confirm his password.

At the last stage, user is required to enter a unique click pattern twice on a given Knock Pad, consists of four colored blocks having unique IDs (1 to 4), which provides more ease for the user to remember the sequence in which he knocked. It has been proved by different researches that it is much easier to remember numeric strings rather then alphabets or color combinations. It also provides the ease for color blind users. This additional profile of mouse knocking is also maintained in the database and is used during the user authentication process.

1 2 3 4

Fig.2. Form-I, Enter Username

Second, user is asked to enter his password five times with his unique TS. Fig.5. Form-IV, Mouse Knocking

As an example, S--T---A-R--I--K is distinguishable from S-T-A-R-I-K where “-” represents a unit of time interval while typing. The differences may be identified such as: i. ii. iii. iv. v.

Fig.3. Form-II, Enter Password

Third, the application automatically determines and displays the user skill level through KD analysis. The System auto computes user levels on the basis of key punching skill observed in TS. The system categorizes the users as Beginner, Standard and Expert. If user accepts that level, system adds the user name and creates his profile in the database. Otherwise user is again cycled through previous steps to improve his skill level. The Beginner has to show more tolerance than experts during authentication process. For this purpose, a training session has been designed and executed to create user profile identifying KD patterns. The user is trained in such a way that he deliberately chooses his unique typing pattern and rhythm that can be distinguished in a few key strokes.

“Max interval” between T&A “Min interval” between A&R Intervals between all keystrokes are not same Order of delays Measurement of delays.

To help the user deciding his unique key depression pattern, sample demos are provided through audio visual aids during training sessions. The software component identifies maximum and minimum delays between each pair of characters (i.e. pattern) of the password against each session. The maximum and minimum pattern delays are calculated for each pattern. These values are based on data set in combined sessions. The pattern difference is calculated as follows. Pattern Diff = Max (Pattern Delay) – Min (Pattern Delay)

This average ( Pattern Difference / n) of all pattern differences is calculated, and further used to categorize user level(expert is =51 and =101). Based on these user levels, following error margins are set during the logon process.

User Level Expert Standard Beginner

Fig.4. Form-III, User Level

560

Table I Added Error Margin Added Error Margin Lower Limit Upper Limit 20 ms 40 ms 40 ms 80 ms 80 ms 160 ms

B. User Authentication Mode The mode has two level user authentication schemes and it comprises of three steps. 1. The user provides his user name. 2. The user enters his password with his unique TS. 3. The user is required to enter a unique click pattern on a given Knock Pad that consists of four colored blocks having unique IDs. In case any error is detected during input process, proper error messages are generated automatically, access is granted otherwise.

Another important feature has been introduced here. While entering the password, the system will display random false sets of { }, {**}, {***} in password field of login form so that other people around may not guess the length of the password. Example: User ‘STARIK’ is logging in, first he enters user name then types password. Suppose, the password comprises of 9 characters ‘COMSATS’, the system will generate random sets of {**********} that may be lesser or greater than the actual password length. III.

EXPERIMENTAL RESULTS

A. Results for User Verification User Levels Beginner Standard Expert

1 2 3 4

Table II Level-Wise Success Ratio Success Fails 30 10 26 14 36 4

Attempts 40 40 40

Graph shows overall efficiency of the module with respect to success and failure of login attempts. The graph shows level- wise (Beginner, Standard and Expert) success rates against the failure.

Fig.6. Form-V, User Login

45

Security provided to a given user depends upon skill level stored in his profile. Following is the flow chart of the User Authentication Mode:

40 35 30 25

Fails

20

Success

15 10 5 0 Beginner

Standard

Expert

Fig.8. Graph No-I Ã

Table III Level-Wise Success Ratio (Short Password) User Levels Success Fails Attempts 32 8 40 Beginner 28 12 40 Standard 38 2 40 Expert 45 40 35 30 25

Fai l s

20 15

Success

10 5 0 Begi nner

Standar d

Fig.9. Graph No-II, success

Exper t

ratio with the short passwordÃ

Table IV Level-Wise Success ratio (Long Password) User Levels Success Fails Attempts 28 12 40 Beginner 24 16 40 Standard 32 8 40 Expert

Fig.7. Flowchart-II (User Authentication Mode)

561

[8] Tai-Hoon Cho, “Pattern Classification Methods for Keystroke Analysis”, SICE-ICASE, 2006. International Joint Conference Oct. 2006, page(s): 3812-3815 [9] Fadhli Wong Mohd Hasan Wong Supian, A.S.M. Ismail, A.F. Lai Weng Kin Ong Cheng Soon, “Enhanced User Authentication through Typing Biometric with Artificial Neural Networks and K-Nearest Neighbour Algorithm”, Thirty-Fifth Asilomar Conference on Signals, Systems and Computers, 2001. Volume: 2, On page(s): 911-915 vol.2, ISBN: 0-7803-7147-X

45 40 35 30 Fai l s

25 20 15

Success

10 5 0 Begi nner

Standar d

Exper t

Fig.10. Graph No-III, success ratio with the long password à IV. CONCLUSION

It is concluded that this application is more efficient than the short passwords. The blend of Time-Signature, Knock Pad and password security on authentication becomes unbreakable without compromising ease of use. V.

FUTURE WORK

While following the dictum that “there is always a room for improvement”, it is anticipated that the efficiency of this application can be further enhanced by using the statistical methodology for assessment of valid password. The software application can be made more dynamic through the use of artificial intelligence in such a way that the most appropriate passwords can be recommended by the application itself, based on the data collected through analysis of KD with the help of data dictionary. VI.

REFERENCES:

[1] Haider, S.; Abbas, A.; Zaidi, A.K. “A Multi Technique Approach for User Identification through Keystroke Dynamics”, 2000 IEEE International Conference on Systems, Man, and Cybernetics Volume 2, Issue , 2000 Page(s):1336 - 1341 [2] Brown, M.; Rogers, S.J. “A Practical Approach to User Authentication”, 10th Annual Computer Security Applications Conference, 1994. Volume, Issue, 5-9 Dec 1994 Page(s):108 – 116, IEEE [3] Varun Kacholia, Shashank Pandit, “”Biometric Authentication Using Random Distribution (BioART)”, Canadian IT Security Symposium (CITSS) 2003 [4] Ahmed, A.A.E. Traore, I., ” Anomaly Intrusion Detection Based on Biometrics”, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, 2005. IAW '05. [5] Nick Bartlow; Bojan Cukic, “Evaluating the Reliability of Credential Hardening through Keystroke Dynamics”, 17th International Symposium on Software Reliability Engineering, 2006. ISSRE apos06 Nov. 2006 Page(s):117 - 126 [6] Jarmo Ilonen1, “Keystroke Dynamics”, ADVANCED TOPICS IN INFORMATION PROCESSING 1 – LECTURES, Wed Dec 10, 2003, http://www.it.lut.fi/kurssit/03-04/010970000/lectures.html [7] Enzhe Yu Sungzoon Cho, “GA-SVM wrapper approach for feature subset selection in keystroke dynamics identity verification”, Proceedings of the International Joint Conference on Neural Networks, 2003. Volume: 3, On page(s): 2253- 2257 vol.3 ISSN: 1098-7576

562