A bioinformatics based approach to user authentication via keystroke dynamics

Keystroke dynamics is a behavioural biometric deployed as a software based method for the authentication and/or identification of a user requesting access to a secured computing facility. It relies on how a user types on the input device (here assumed to be a PC keyboard)-and makes the explicit assumption that there are typing characteristics that are unique to each individual. If these unique characteristics can be extracted-then they can be used, in conjunction with the login details to enhance the level of access security-over and above the possession of the login details alone. Most unique characteristics involve the extraction of keypress durations and multi-key latencies. These characteristics are extracted during an enrollment phase, where a user is requested to login into the computer system repeatedly. The unique characteristics then form a string of some length, proportional to the enrollment character content times the number of attributes extracted. In this study, the deployment of classical string matching features prevalent in the bioinformatics literature such as position specific scoring matrices (motifs) and multiple sequence alignments to provide a novel approach to user verification and identification within the context of keystroke dynamics based biometrics. This study provides quantitative information regarding the values of parameters such as attribute acceptance thresholds, the number of accepted attributes, and the effect of contiguity. In addition, this study examined the use of keystroke dynamics as a tool for user identification. The results in this study yield virtually 100% user authentication and identification within a single framework. Recommended by Guest Editor Phill Kyu Rhee. The author would like to thank the students at the Polish Japanese Institute of Information Technology, in Warsaw, Poland for participating in this study. Kenneth Revett received his Ph.D. degree in Neuroscience from the University of Maryland, College Park in 1999. His research interests include behavioural biometrics and computational modelling. He is author of the text Behavioral Biometrics: A Remote Access Approach, holds a UK patent in keystroke dynamics, and has published over 40 papers in the field.     

Password hardening based on keystroke dynamics

We present a novel approach to improving the security of passwords. In our approach, the legitimate user’s typing patterns (e.g., durations of keystrokes and latencies between keystrokes) are combined with the user’s password to generate a hardened password that is convincingly more secure than conventional passwords alone. In addition, our scheme automatically adapts to gradual changes in a user’s typing patterns while maintaining the same hardened password across multiple logins, for use in file encryption or other applications requiring a long-term secret key. Using empirical data and a prototype implementation of our scheme, we give evidence that our approach is viable in practice, in terms of ease of use, improved security, and performance. Published online: 26 October 2001     

基于键盘行为数据的用户身份识别

用户击键行为作为一种生物特征,具有采集成本低、安全性高的特点。然而,现有的研究方法和实验环境都是基于实验室数据,并不适用于极度不平衡的真实数据。比如,在实验室数据上效果出色的分类算法在真实数据上却无法应用。针对此问题,提出了基于真实击键行为数据的用户识别算法。该方法将聚类算法和距离算法结合起来,通过比较新来的击键行为和历史击键行为相似度以实现用户识别。实验结果表明,该算法在100名用户的3015条真实击键记录组成的数据集上准确率达到88.22%,在投入实际应用后,随着样本集的增大算法的准确率还可以进一步提升。     

Computer-access security systems using keystroke dynamics

An approach to securing access to computer systems is described. By performing real-time measurements of the time durations between the keystrokes when a password is entered and using pattern-recognition algorithms, three online recognition systems were devised and tested. Two types of passwords were considered: phrases and individual names. A fixed phrase was used in the identification system. Individual names were used as a password in the verification system and in the overall recognition system. All three systems were tested and evaluated. The identification system used 10 volunteers and gave an indecision error of 1.2%. The verification system used 26 volunteers and gave an error of 8.1% in rejecting valid users and an error of 2.8% in accepting invalid users. The overall recognition system used 32 volunteers and gave an error of 3.1% in rejecting valid users and an error of 0.5% in accepting invalid users     

Evaluation on a keystroke authentication system by keying force incorporated with temporal characteristics of keystroke dynamics

This paper presents the study to develop and evaluate techniques to authenticate valid users, using the keystroke dynamics of a user's PIN number entry on a numerical keypad, with force sensing resistors. Added with two conventional parameter lists of elements, i.e. digraph latency times and key hold times, keying force was chosen as a third element. Two experiments were conducted. The first experiment was to evaluate whether the three types of elements derived from keystrokes have a significant effect for subjects and to examine how trials and session effects generated the variation of the three elements. The second experiment was to demonstrate the system performance by calculating the False Rejection Rate (FRR) and the False Acceptance Rate (FAR) of the system. In the second experiment, a total of 20 keystrokes were recorded from each subject one week after the memorizing session, in order to evaluate the FRR of the system. To evaluate the FAR of the system, the subjects pretended to be impostors, and therefore they repeatedly watched videotaped pass trials made by a valid user as many times as they desired, and tried to imitate the keystroke dynamics of the valid users. The subject's keystrokes were then evaluated on whether they could fool the system. The first experiment, ANOVA revealed that a significant effect of subject was found on each of all three elements. Trial was not significantly affected to digraph latency times and peak force; however, it was significantly affected to key hold times. There was a trend that keystroke dynamics characterized by each element showed reformation of their patterns and reached a steady state over the 10 weeks of experimental sessions. The results of the second experiment showed the average equal error rate to be 2.4%. The results of system performance were compared with those of other studies and concluded that it was difficult to obtain enough information to behave as a perfect impostor by monitoring the videotaped keystrokes.     

Evaluation on a keystroke authentication system by keying force incorporated with temporal characteristics of keystroke dynamics

This paper presents the study to develop and evaluate techniques to authenticate valid users, using the keystroke dynamics of a user's PIN number entry on a numerical keypad, with force sensing resistors. Added with two conventional parameter lists of elements, i.e. digraph latency times and key hold times, keying force was chosen as a third element. Two experiments were conducted. The first experiment was to evaluate whether the three types of elements derived from keystrokes have a significant effect for subjects and to examine how trials and session effects generated the variation of the three elements. The second experiment was to demonstrate the system performance by calculating the False Rejection Rate (FRR) and the False Acceptance Rate (FAR) of the system. In the second experiment, a total of 20 keystrokes were recorded from each subject one week after the memorizing session, in order to evaluate the FRR of the system. To evaluate the FAR of the system, the subjects pretended to be impostors, and therefore they repeatedly watched videotaped pass trials made by a valid user as many times as they desired, and tried to imitate the keystroke dynamics of the valid users. The subject's keystrokes were then evaluated on whether they could fool the system. The first experiment, ANOVA revealed that a significant effect of subject was found on each of all three elements. Trial was not significantly affected to digraph latency times and peak force; however, it was significantly affected to key hold times. There was a trend that keystroke dynamics characterized by each element showed reformation of their patterns and reached a steady state over the 10 weeks of experimental sessions. The results of the second experiment showed the average equal error rate to be 2.4%. The results of system performance were compared with those of other studies and concluded that it was difficult to obtain enough information to behave as a perfect impostor by monitoring the videotaped keystrokes.     

Unconstrained keystroke dynamics authentication with shared secret

Among all the existing biometric modalities, authentication systems based on keystroke dynamics present interesting advantages. These solutions are well accepted by users and cheap as no additional sensor is required for authenticating the user before accessing to an application. In the last thirty years, many researchers have proposed, different algorithms aimed at increasing the performance of this approach. Their main drawback lies on the large number of data required for the enrollment step. As a consequence, the verification system is barely usable, because the enrollment is too restrictive. In this work, we propose a new method based on the Support Vector Machine (SVM) learning satisfying industrial conditions (i.e., few samples per user are needed during the enrollment phase to create its template). In this method, users are authenticated through the keystroke dynamics of a shared secret (chosen by the system administrator). We use the GREYC keystroke database that is composed of a large number of users (100) for validation purposes. We compared the proposed method with six methods from the literature (selected based on their ability to work with few enrollment samples). Experimental results show that, even though the computation time to build the template can be longer with our method (54 s against 3 s for most of the others), its performance outperforms the other methods in an industrial context (Equal Error Rate of 15.28% against 16.79% and 17.02% for the two best methods of the state-of-the-art, on our dataset and five samples to create the template, with a better computation time than the second best method).     

Verification of computer users using keystroke dynamics

This paper presents techniques to verify the identity of computer users using the keystroke dynamics of computer user's login string as characteristic patterns using pattern recognition and neural network techniques. This work is a continuation of our previous work where only interkey times were used as features for identifying computer users. In this work we used the key hold times for classification and then compared the performance with the former interkey time-based technique. Then we use the combined interkey and hold times for the identification process. We applied several neural network and pattern recognition algorithms for verifying computer users as they type their password phrases. It was found that hold times are more effective than interkey times and the best identification performance was achieved by using both time measurements. An identification accuracy of 100% was achieved when the combined hold and intekey time-based approach were considered as features using the fuzzy ARTMAP, radial basis function networks (RBFN), and learning vector quantization (LVQ) neural network paradigms. Other neural network and classical pattern algorithms such as backpropagation with a sigmoid transfer function (BP, Sigm), hybrid sum-of-products (HSOP), sum-of-products (SOP), potential function and Bayes' rule algorithms gave moderate performance.     

Computer user verification using login string keystroke dynamics

The keystroke dynamics of a computer user's login string provide a characteristic pattern that can be used for identity verification. Timing vectors for several hundred login attempts were collected for ten “valid” users and ten “forgers”, and classification analysis was applied to discriminate between them. Three different classifiers were applied, and in each case the key hold times were more effective features for discrimination than the interkey times. Best performance was achieved by an inductive learning classifier using both interkey and hold times. A high rate of typographical errors during login entry is reported. In practice, these are usually corrected errors-that is, they are strings which include backspaces to correct earlier errors-but their presence confounds the use of typing-style analysis as a practical means of securing access to computer systems     

User authentication via keystroke dynamics based on difference subspace and slope correlation degree

User authentication via keystroke dynamics remains a challenging problem due to the fact that keystroke dynamics pattern cannot be maintained stable over time. This paper describes a novel keystroke dynamics-based user authentication approach. The proposed approach consists of two stages, a training stage and an authentication stage. In the training stage, a set of orthogonal bases and a common feature vector are periodically generated from keystroke features of a legitimate user?s several recent successful authentications. In the authentication stage, the current keystroke feature vector is projected onto the set of orthogonal bases, and the distortion of the feature vector between its projection is obtained. User authentication is implemented by comparing the slope correlation degree of the distortion between the common feature vector with a threshold determined periodically using the recent impostor patterns. Theoretical and experimental results show that the proposed method presents high tolerance to instability of user keystroke patterns and yields better performance in terms of false acceptance rate (FAR) and false rejection rate (FRR) compared with some recent methods.     

Normalizing variations in feature vector structure in keystroke dynamics authentication systems

Usernames and passwords stubbornly remain the most prevalent authentication mechanism. Password secrecy ensures that only genuine users are granted access. If the secret is breached, impostors gain the access too. One method of strengthening password authentication is through keystroke dynamics. Keystroke dynamics algorithms typically constrain the authentication entry to one valid sequence of key presses. In this paper, we introduce the concept of event sequences. We explore the nature of variations between multiple valid key-entry sequences and propose a scheme that effectively represents these variations. We test the efficacy of the new authentication method in distinguishing users. The experimental results show that typing proficiency of individuals is not the only determining authentication factor. We show that typing sequence variations contain sufficient discriminatory information to warrant their inclusion into user authentication methods. Based on these results, we present a novel strategy to create feature vectors for keystroke dynamics-based authentication. The proposed approach ensures that the feature vector’s length and structure are related only to the length of the password, independent of its content or the order of keys pressed. This normalization of feature vector structure has multiple advantages including leveraging the discriminatory power of event sequences, faster search-and-retrieval in n-graph-based authentication systems, and simplicity. The proposed authentication scheme is applicable to both static and continual authentication systems.     

Improving static audio keystroke analysis by score fusion of acoustic and timing data

In this paper we investigate the capacity of sound & timing information during typing of a password for the user identification and authentication task. The novelty of this paper lies in the comparison of performance between improved timing-based and audio-based keystroke dynamics analysis and the fusion for the keystroke authentication. We collected data of 50 people typing the same given password 100 times, divided into 4 sessions of 25 typings and tested how well the system could recognize the correct typist. Using fusion of timing (9.73%) and audio calibration scores (8.99%) described in the paper we achieved 4.65% EER (Equal Error Rate) for the authentication task. The results show the potential of using Audio Keystroke Dynamics information as a way to authenticate or identify users during log-on.     

People counting via multiple views using a fast information fusion approach

Real-time estimates of a crowd size is a central task in civilian surveillance. In this paper we present a novel system counting people in a crowd scene with overlapping cameras. This system fuses all single view foreground information to localize each person present on the scene. The purpose of our fusion strategy is to use the foreground pixels of each single views to improve real-time objects association between each camera of the network. The foreground pixels are obtained by using an algorithm based on codebook. In this work, we aggregate the resulting silhouettes over cameras network, and compute a planar homography projection of each camera’s visual hull into ground plane. The visual hull is obtained by finding the convex hull of the foreground pixels. After the projection into the ground plane, we fuse the obtained polygons by using the geometric properties of the scene and on the quality of each camera detection. We also suggest a region-based approach tracking strategy which keeps track of people movements and of their identities along time, also enabling tolerance to occasional misdetections. This tracking strategy is implemented on the result of the views fusion and allows to estimate the crowd size dependently on each frame. Assessment of experiments using public datasets proposed for the evaluation of counting people system demonstrates the performance of our fusion approach. These results prove that the fusion strategy can run in real-time and is efficient for making data association. We also prove that the combination of our fusion approach and the proposed tracking improve the people counting.

     

Learning active fusion of multiple experts' decisions: an attention-based approach

In this letter, we propose a learning system, active decision fusion learning (ADFL), for active fusion of decisions. Each decision maker, referred to as a local decision maker, provides its suggestion in the form of a probability distribution over all possible decisions. The goal of the system is to learn the active sequential selection of the local decision makers in order to consult with and thus learn the final decision based on the consultations. These two learning tasks are formulated as learning a single sequential decision-making problem in the form of a Markov decision process (MDP), and a continuous reinforcement learning method is employed to solve it. The states of this MDP are decisions of the attended local decision makers, and the actions are either attending to a local decision maker or declaring final decisions. The learning system is punished for each consultation and wrong final decision and rewarded for correct final decisions. This results in minimizing the consultation and decision-making costs through learning a sequential consultation policy where the most informative local decision makers are consulted and the least informative, misleading, and redundant ones are left unattended. An important property of this policy is that it acts locally. This means that the system handles any nonuniformity in the local decision maker's expertise over the state space. This property has been exploited in the design of local experts. ADFL is tested on a set of classification tasks, where it outperforms two well-known classification methods, Adaboost and bagging, as well as three benchmark fusion algorithms: OWA, Borda count, and majority voting. In addition, the effect of local experts design strategy on the performance of ADFL is studied, and some guidelines for the design of local experts are provided. Moreover, evaluating ADFL in some special cases proves that it is able to derive the maximum benefit from the informative local decision makers and to minimize attending to redundant ones.     

A fuzzy-Bayesian approach to target recognition based on multisensor fusion

The Bayesian approach is widely used in automatic target recognition (ATR) systems based on multisensor fusion technology. Problems in data fusion systems are complex by nature and can often be characterized by not only randomness but also fuzziness. However, in general, current Bayesian methods can only account for randomness. To accommodate complex natural problems with both types of uncertainties, it is profitable to improve the existing approach by incorporating fuzzy theory into classical techniques. In this paper, after representing both the individual attribute of the target in the model database and the sensor observation or report as the fuzzy membership function, a likelihood function is constructed to deal with fuzzy data collected by each sensor. A similarity measure is introduced to determine the agreement degree of each sensor. Based on the similarity measure, a consensus fusion approach (CFA) is developed to generate a global likelihood from the individual attribute likelihood for the whole sensor reports. A numerical example is illustrated to show the target recognition application of the fuzzy-Bayesian approach. The text was submitted by the authors in English.     

A parallel decision tree-based method for user authentication based on keystroke patterns

We propose a Monte Carlo approach to attain sufficient training data, a splitting method to improve effectiveness, and a system composed of parallel decision trees (DTs) to authenticate users based on keystroke patterns. For each user, approximately 19 times as much simulated data was generated to complement the 387 vectors of raw data. The training set, including raw and simulated data, is split into four subsets. For each subset, wavelet transforms are performed to obtain a total of eight training subsets for each user. Eight DTs are thus trained using the eight subsets. A parallel DT is constructed for each user, which contains all eight DTs with a criterion for its output that it authenticates the user if at least three DTs do so; otherwise it rejects the user. Training and testing data were collected from 43 users who typed the exact same string of length 37 nine consecutive times to provide data for training purposes. The users typed the same string at various times over a period from November through December 2002 to provide test data. The average false reject rate was 9.62% and the average false accept rate was 0.88%.     

A deep multimodal network based on bottleneck layer features fusion for action recognition

Multimedia Tools and Applications - Human Activity Recognition (HAR) in videos using convolution neural network become the preferred choice for researcher due to the tremendous success of deep...     

A novel approach for multimodal medical image fusion

Fusion of multimodal medical images increases robustness and enhances accuracy in biomedical research and clinical diagnosis. It attracts much attention over the past decade. In this paper, an efficient multimodal medical image fusion approach based on compressive sensing is presented to fuse computed tomography (CT) and magnetic resonance imaging (MRI) images. The significant sparse coefficients of CT and MRI images are acquired via multi-scale discrete wavelet transform. A proposed weighted fusion rule is utilized to fuse the high frequency coefficients of the source medical images; while the pulse coupled neural networks (PCNN) fusion rule is exploited to fuse the low frequency coefficients. Random Gaussian matrix is used to encode and measure. The fused image is reconstructed via Compressive Sampling Matched Pursuit algorithm (CoSaMP). To show the efficiency of the proposed approach, several comparative experiments are conducted. The results reveal that the proposed approach achieves better fused image quality than the existing state-of-the-art methods. Furthermore, the novel fusion approach has the superiority of high stability, good flexibility and low time consumption.     

A Bayesian approach to visualization-oriented hyperspectral image fusion

In this paper, we propose a Bayesian approach towards fusion of hyperspectral images for the purpose of efficient visualization. Fusion has been posed as an estimation problem where the observed hyperspectral bands have been related to the fused image through a first order model of image formation. The parameters of the model indicate the quality of the pixel captured locally. As visualization is our primary aim of fusion, we expect higher contribution of the “visually important” pixels towards the final fused image. We propose a two-step framework for fusion of hyperspectral image, where the first step identifies the quality of each pixel of the data based on some of the local quality measures of the hyperspectral data. Subsequently, we formulate the problem of the estimation of the fused image in a MAP framework. We incorporate the total variation (TV) norm-based prior which preserves the sharp discontinuities in the fused image. The fused images, thus, appear sharp and natural where the edges and boundaries have been retained. We have provided visual as well as quantitative results to substantiate the effectiveness of the proposed technique.