KEYSTROKE DYNAMICS AUTHENTICATION USING A SMALL NUMBER OF SAMPLES
The ubiquitous Internet connectivity has led to the introduction of an ever-increasing list of diverse online services ranging from financial transactions to online gaming and the other e-commerce purposes. For example, with cloud computing on the rise, geographically distant employees of organizations are able to access and share sensitive organizational resources online. The mentioned trend has increased the amount of user authentication processes. The aim of authentication is to decide whether a subject in question is in fact the subject that he claims to be. As an example can be mentioned traditional authentication, when end users authenticate themselves on computers by using the pair of username and password. In the past, many sophisticated authentication methods were developed. Generally, they can by divided to the three basic types of authentication depending on what kind of identification feature is used: authentication by knowledge, authentication by ownership of something, and authentication by biometrics. Each of these ways has its advantages and disadvantages.
Jméno a příjmení autora:
Jan Čapek, Miloslav Hub
Account management, account administration, authentication, biometric, keystroke dynamics, password
DOI (& full text):
The verification of a person’s identity is very important in today’s information society, especially in e-commerce systems and directly affects user account management and administration. Although…více
The verification of a person’s identity is very important in today’s information society, especially in e-commerce systems and directly affects user account management and administration. Although present e-commerce systems use many modern sophisticated methods of authentication, large numbers of e-commerce systems use passwords for this purpose incessantly. However, passwords are not considered be too secure because users usually do not adhere to security policies for creating and managing theirs passwords. This problem can be solved by security policies that require the user to change the password frequently, select a completely new password, and structure the password, which places additional demands on the user. The solution is a two-factor authentication where a user needs to know the right password and at the same time, he must write this password in the correct way. Indeed, many different methods for keystroke dynamics authentication exist nowadays, but unfortunately, many of them need a large number of samples to create a stable template and therefore it is impossible use them in systems whose security policy requires frequent password change. The authors suggest a completely new method for these purposes that is enough stable even with a small number of measurements to create a template. This proposed method of keystroke dynamics authentication is validated and results are compared with existing methods both over the own dataset and the existing reference datasets. The authors believe that the proposed method will simplify the management and administration of user accounts as well as their security.