Biblio

Found 127 results

Filters: Keyword is password  [Clear All Filters]
2021-05-13
Whaiduzzaman, Md, Oliullah, Khondokar, Mahi, Md. Julkar Nayeen, Barros, Alistair.  2020.  AUASF: An Anonymous Users Authentication Scheme for Fog-IoT Environment. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.
Authentication is a challenging and emerging issue for Fog-IoT security paradigms. The fog nodes toward large-scale end-users offer various interacted IoT services. The authentication process usually involves expressing users' personal information such as username, email, and password to the Authentication Server (AS). However, users are not intended to express their identities or information over the fog or cloud servers. Hence, we have proposed an Anonymous User Authentication Scheme for Fog-IoT (AUASF) to keep the anonymity existence of the IoT users and detect the intruders. To provide anonymity, the user can send encrypted credentials such as username, email, and mobile number through the Cloud Service Provider (CSP) for registration. IoT user receives the response with a default password and a secret Id from the CSP. After that, the IoT user submits the default password for first-time access to Fog Service Provider (FSP). The FSP assigns a One Time Password (OTP) to each user for further access. The developed scheme is equipped with hash functions, symmetric encryptions, and decryptions for security perceptions across fog that serves better than the existing anonymity schemes.
2021-08-17
Thawre, Gopikishan, Bahekar, Nitin, Chandavarkar, B. R..  2020.  Use Cases of Authentication Protocols in the Context of Digital Payment System. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.
In the digital payment system, the transactions and their data about clients are very sensitive, so the security and privacy of personal information of the client is a big concern. The confirmation towards security necessities prevents the data from a stolen and unauthorized person over the digital transactions, So the stronger authentication methods required, which must be based on cryptography. Initially, in the payment ecosystem, they were using the Kerberos protocol, but now different approaches such as Challenge-Handshake Authentication Protocol (CHAP), Tokenization, Two-Factor Authentication(PIN, MPIN, OTP), etc. such protocols are being used in the payment system. This paper presents the use cases of different authentication protocols. Further, the use of these protocols in online payment systems to verify each individual are explained.
2021-05-03
Pimple, Nishant, Salunke, Tejashree, Pawar, Utkarsha, Sangoi, Janhavi.  2020.  Wireless Security — An Approach Towards Secured Wi-Fi Connectivity. 2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS). :872–876.
In today's era, the probability of the wireless devices getting hacked has grown extensively. Due to the various WLAN vulnerabilities, hackers can break into the system. There is a lack of awareness among the people about security mechanisms. From the past experiences, the study reveals that router security encrypted protocol is often cracked using several ways like dictionary attack and brute force attack. The identified methods are costly, require extensive hardware, are not reliable and do not detect all the vulnerabilities of the system. This system aims to test all router protocols which are WEP, WPA, WPA2, WPS and detect the vulnerabilities of the system. Kali Linux version number 2.0 is being used over here and therefore the tools like airodump-ng, aircrack-ng are used to acquire access point pin which gives prevention methods for detected credulity and aims in testing various security protocols to make sure that there's no flaw which will be exploited.
2021-04-27
Wang, S., Yang, Y., Liu, S..  2020.  Research on Audit Model of Dameng Database based on Security Configuration Baseline. 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :833–836.
Compared with traditional databases such as Oracle database, SQL Server database and MySQL database, Dameng database is a domestic database with independent intellectual property rights. Combined with the security management of Dameng database and the requirement of database audit, this paper designs the security configuration baseline of Dameng database. By designing the security configuration baseline of Dameng database, the audit work of Dameng database can be carried out efficiently, and by analyzing the audit results, the security configuration baseline of Dameng database can be improved.
2021-03-09
Jindal, A. K., Shaik, I., Vasudha, V., Chalamala, S. R., Ma, R., Lodha, S..  2020.  Secure and Privacy Preserving Method for Biometric Template Protection using Fully Homomorphic Encryption. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1127–1134.

The rapid proliferation of biometrics has led to growing concerns about the security and privacy of the biometric data (template). A biometric uniquely identifies an individual and unlike passwords, it cannot be revoked or replaced since it is unique and fixed for every individual. To address this problem, many biometric template protection methods using fully homomorphic encryption have been proposed. But, most of them (i) are computationally expensive and practically infeasible (ii) do not support operations over real valued biometric feature vectors without quantization (iii) do not support packing of real valued feature vectors into a ciphertext (iv) require multi-shot enrollment of users for improved matching performance. To address these limitations, we propose a secure and privacy preserving method for biometric template protection using fully homomorphic encryption. The proposed method is computationally efficient and practically feasible, supports operations over real valued feature vectors without quantization and supports packing of real valued feature vectors into a single ciphertext. In addition, the proposed method enrolls the users using one-shot enrollment. To evaluate the proposed method, we use three face datasets namely LFW, FEI and Georgia tech face dataset. The encrypted face template (for 128 dimensional feature vector) requires 32.8 KB of memory space and it takes 2.83 milliseconds to match a pair of encrypted templates. The proposed method improves the matching performance by 3 % when compared to state-of-the-art, while providing high template security.

2021-04-08
Walia, K. S., Shenoy, S., Cheng, Y..  2020.  An Empirical Analysis on the Usability and Security of Passwords. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :1–8.
Security and usability are two essential aspects of a system, but they usually move in opposite directions. Sometimes, to achieve security, usability has to be compromised, and vice versa. Password-based authentication systems require both security and usability. However, to increase password security, absurd rules are introduced, which often drive users to compromise the usability of their passwords. Users tend to forget complex passwords and use techniques such as writing them down, reusing them, and storing them in vulnerable ways. Enhancing the strength while maintaining the usability of a password has become one of the biggest challenges for users and security experts. In this paper, we define the pronounceability of a password as a means to measure how easy it is to memorize - an aspect we associate with usability. We examine a dataset of more than 7 million passwords to determine whether the usergenerated passwords are secure. Moreover, we convert the usergenerated passwords into phonemes and measure the pronounceability of the phoneme-based representations. We then establish a relationship between the two and suggest how password creation strategies can be adapted to better align with both security and usability.
2021-04-27
Rashid, N. A. M., Zukri, N. H. A., Zulkifli, Z. A., Awang, N., Buja, A. G..  2020.  A Multi Agent-Based Security Protocol for Securing Password Management Application. 2020 10th IEEE International Conference on Control System, Computing and Engineering (ICCSCE). :42—45.
Password-based authentication is the most common authentication method for either online or offline system. Password composition policies become too burdensome and put the user in a state of struggle to remember their password. Thus, most of the user save their password on the browser or even list it down in their personal gadgets. Therefore, a multi agent-based password management application have been developed to helps user in keeping their password safely. However, multi-agent system facing security issues such as man in the middle attack, data modification and eavesdropping. This paper proposed a security protocol for multi agent-based architecture in order to reduce potential threats. The security protocol focuess on the authentication of mobile agents, data transmission and the data local protection. The communication channels are secured using cryptography techniques.
2021-05-13
Aghabagherloo, Alireza, Mohajeri, Javad, Salmasizadeh, Mahmoud, Feghhi, Mahmood Mohassel.  2020.  An Efficient Anonymous Authentication Scheme Using Registration List in VANETs. 2020 28th Iranian Conference on Electrical Engineering (ICEE). :1—5.

Nowadays, Vehicular Ad hoc Networks (VANETs) are popularly known as they can reduce traffic and road accidents. These networks need several security requirements, such as anonymity, data authentication, confidentiality, traceability and cancellation of offending users, unlinkability, integrity, undeniability and access control. Authentication of the data and sender are most important security requirements in these networks. So many authentication schemes have been proposed up to now. One of the well-known techniques to provide users authentication in these networks is the authentication based on the smartcard (ASC). In this paper, we propose an ASC scheme that not only provides necessary security requirements such as anonymity, traceability and unlinkability in the VANETs but also is more efficient than the other schemes in the literatures.

2021-08-17
Bicakci, Kemal, Salman, Oguzhan, Uzunay, Yusuf, Tan, Mehmet.  2020.  Analysis and Evaluation of Keystroke Dynamics as a Feature of Contextual Authentication. 2020 International Conference on Information Security and Cryptology (ISCTURKEY). :11—17.
The following topics are dealt with: authorisation; data privacy; mobile computing; security of data; cryptography; Internet of Things; message authentication; invasive software; Android (operating system); vectors.
2021-07-27
Su, K.-M., Liu, I.-H., Li, J.-S..  2020.  The Risk of Industrial Control System Programmable Logic Controller Default Configurations. 2020 International Computer Symposium (ICS). :443—447.
In recent years, many devices in industrial control systems (ICS) equip Ethernet modules for more efficient communication and more fiexible deployment. Many communication protocols of those devices are based on internet protocol, which brings the above benefits but also makes it easier to access by anyone including attackers. In the case of using the factory default configurations, we wiiˆ demonstrate how to easily modify the programmable logic controllers (PLCs) program through the Integrated Development Environment provided by the manufacturer under the security protection of PLC not set properly and discuss the severity of it.
2021-07-08
Oktian, Yustus Eko, Lee, Sang-Gon, Lee, Hoon-Jae.  2020.  TwoChain: Leveraging Blockchain and Smart Contract for Two Factor Authentication. 2020 3rd International Seminar on Research of Information Technology and Intelligent Systems (ISRITI). :187—191.
User identity and personal information remain to be hot targets for attackers. From recent surveys, we can categorize that 65.5% of all cyberattacks in 2018 target user information. Sadly, most of the time, the system's security depends on how secure it is the implementation from the provider-side. One defense technique that the user can take part in is applying a two-factor authentication (2FA) system for their account. However, we observe that state-of-the-art 2FAs have several weaknesses and limitations. In this paper, we propose TwoChain, a blockchain-based 2FA system for web services to overcome those issues. Our implementation facilitates an alternative 2FA system that is more secure, disposable, and decentralized. Finally, we release TwoChain for public use.
2021-03-09
Lingenfelter, B., Vakilinia, I., Sengupta, S..  2020.  Analyzing Variation Among IoT Botnets Using Medium Interaction Honeypots. 2020 10th Annual Computing and Communication Workshop and Conference (CCWC). :0761—0767.

Through analysis of sessions in which files were created and downloaded on three Cowrie SSH/Telnet honeypots, we find that IoT botnets are by far the most common source of malware on connected systems with weak credentials. We detail our honeypot configuration and describe a simple method for listing near-identical malicious login sessions using edit distance. A large number of IoT botnets attack our honeypots, but the malicious sessions which download botnet software to the honeypot are almost all nearly identical to one of two common attack patterns. It is apparent that the Mirai worm is still the dominant botnet software, but has been expanded and modified by other hackers. We also find that the same loader devices deploy several different botnet malware strains to the honeypot over the course of a 40 day period, suggesting multiple botnet deployments from the same source. We conclude that Mirai continues to be adapted but can be effectively tracked using medium interaction honeypots such as Cowrie.

Hossain, T., rakshit, A., Konar, A..  2020.  Brain-Computer Interface based User Authentication System for Personal Device Security. 2020 International Conference on Computer, Electrical Communication Engineering (ICCECE). :1—6.

The paper proposes a novel technique of EEG induced Brain-Computer Interface system for user authentication of personal devices. The scheme enables a human user to lock and unlock any personal device using his/her mind generated password. A two stage security verification is employed in the scheme. In the first stage, a 3 × 3 spatial matrix of flickering circles will appear on the screen of which, rows are blinked randomly and user has to mentally select a row which contains his desired circle.P300 is released when the desired row is blinked. Successful selection of row is followed by the selection of a flickering circle in the desired row. Gazing at a particular flickering circle generates SSVEP brain pattern which is decoded to trace the mentally selected circle. User is able to store mentally uttered number in the selected circle, later the number with it's spatial position will serve as the password for the unlocking phase. Here, the user is equipped with a headphone where numbers starting from zero to nine are spelled randomly. Spelled number matching with the mentally uttered number generates auditory P300 in the subject's brain. The particular choice of mentally uttered number is detected by successful detection of auditory P300. A novel weight update algorithm of Recurrent Neural Network (RNN), based on Extended-Kalman Filter and Particle Filter is used here for classifying the brain pattern. The proposed classifier achieves the best classification accuracy of 95.6%, 86.5% and 83.5% for SSVEP, visual P300 and auditory P300 respectively.

2021-08-17
Singh, Shivshakti, Inamdar, Aditi, Kore, Aishwarya, Pawar, Aprupa.  2020.  Analysis of Algorithms for User Authentication using Keystroke Dynamics. 2020 International Conference on Communication and Signal Processing (ICCSP). :0337—0341.
In the present scenario, security is the biggest concern in any domain of applications. The latest and widely used system for user authentication is a biometric system. This includes fingerprint recognition, retina recognition, and voice recognition. But these systems can be bypassed by masqueraders. To avoid this, a combination of these systems is used which becomes very costly. To overcome these two drawbacks keystroke dynamics were introduced in this field. Keystroke dynamics is a biometric authentication-based system on behavior, which is an automated method in which the identity of an individual is identified and confirmed based on the way and the rhythm of passwords typed on a keyboard by the individual. The work in this paper focuses on identifying the best algorithm for implementing an authentication system with the help of machine learning for user identification based on keystroke dynamics. Our proposed model which uses XGBoost gives a comparatively higher accuracy of 93.59% than the other algorithms for the dataset used.
2021-08-31
Shamini, P. Baby, Wise, D. C. Joy Winnie, Megavarshini, K. S., Ramesh, Mudaliar Kritika.  2020.  A Real Time Auditing System using QR Code for Secure Cloud Storage. 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). :847—850.
The objective of the project is to structure a portable application for inspecting and putting away information through a distributed storage administration. The information is remotely put away in the cloud. In some distributed storage frameworks, the cloud record may contain some touchy data. Scrambling the entire shared record doesn't permit different clients to get to it. In the current framework the client needs to use the biometric information to guarantee the character of the client and afterward a marking key will be checked which is to ensure the personality and security of the client. The principle downside of utilizing the biometric information is that it can't be coordinated precisely because of the elements that influence the difference in biometric information. A reference id made is naturally changed over to the QR code and it is checked utilizing a scanner and the specific record is downloaded. This record whenever erased or lost in the customer's inward stockpiling it very well may be recovered again from the cloud.
2021-03-09
Wilkens, F., Fischer, M..  2020.  Towards Data-Driven Characterization of Brute-Force Attackers. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.

Brute-force login attempts are common for every host on the public Internet. While most of them can be discarded as low-threat attacks, targeted attack campaigns often use a dictionary-based brute-force attack to establish a foothold in the network. Therefore, it is important to characterize the attackers' behavior to prioritize defensive measures and react to new threats quickly. In this paper we present a set of metrics that can support threat hunters in characterizing brute-force login attempts. Based on connection metadata, timing information, and the attacker's dictionary these metrics can help to differentiate scans and to find common behavior across distinct IP addresses. We evaluated our novel metrics on a real-world data set of malicious login attempts collected by our honeypot Honeygrove. We highlight interesting metrics, show how clustering can be leveraged to reveal common behavior across IP addresses, and describe how selected metrics help to assess the threat level of attackers. Amongst others, we for example found strong indicators for collusion between ten otherwise unrelated IP addresses confirming that a clustering of the right metrics can help to reveal coordinated attacks.

2021-04-27
Calzavara, S., Focardi, R., Grimm, N., Maffei, M., Tempesta, M..  2020.  Language-Based Web Session Integrity. 2020 IEEE 33rd Computer Security Foundations Symposium (CSF). :107—122.
Session management is a fundamental component of web applications: despite the apparent simplicity, correctly implementing web sessions is extremely tricky, as witnessed by the large number of existing attacks. This motivated the design of formal methods to rigorously reason about web session security which, however, are not supported at present by suitable automated verification techniques. In this paper we introduce the first security type system that enforces session security on a core model of web applications, focusing in particular on server-side code. We showcase the expressiveness of our type system by analyzing the session management logic of HotCRP, Moodle, and phpMyAdmin, unveiling novel security flaws that have been acknowledged by software developers.
2021-01-18
Sebbah, A., Kadri, B..  2020.  A Privacy and Authentication Scheme for IoT Environments Using ECC and Fuzzy Extractor. 2020 International Conference on Intelligent Systems and Computer Vision (ISCV). :1–5.
The internet of things (IoT) is consisting of many complementary elements which have their own specificities and capacities. These elements are gaining new application and use cases in our lives. Nevertheless, they open a negative horizon of security and privacy issues which must be treated delicately before the deployment of any IoT. Recently, different works emerged dealing with the same branch of issues, like the work of Yuwen Chen et al. that is called LightPriAuth. LightPriAuth has several drawbacks and weakness against various popular attacks such as Insider attack and stolen smart card. Our objective in this paper is to propose a novel solution which is “authentication scheme with three factor using ECC and fuzzy extractor” to ensure security and privacy. The obtained results had proven the superiority of our scheme's performances compared to that of LightPriAuth which, additionally, had defeated the weaknesses left by LightPriAuth.
2021-03-09
Mihailescu, M. I., Nita, S. Loredana.  2020.  Three-Factor Authentication Scheme Based on Searchable Encryption and Biometric Fingerprint. 2020 13th International Conference on Communications (COMM). :139–144.

The current paper is proposing a three-factor authentication (3FA) scheme based on three components. In the first component a token and a password will be generated (this module represents the kernel of the three-factor authentication scheme - 3FA). In the second component a pass-code will be generated, using to the token resulted in the first phase. We will use RSA for encryption and decryption of the generated values (token and pass-code). For the token ID and passcode the user will use his smartphone. The third component uses a searchable encryption scheme, whose purpose is to retrieve the documents of the user from the cloud server, based on a keyword and his/her fingerprint. The documents are stored encrypted on a mistrust server (cloud environment) and searchable encryption will help us to search specific information and to access those documents in an encrypted content. We will introduce also a software simulation developed in C\# 8.0 for our scheme and a source code analysis for the main algorithms.

2021-03-18
Khan, A., Chefranov, A. G..  2020.  A Captcha-Based Graphical Password With Strong Password Space and Usability Study. 2020 International Conference on Electrical, Communication, and Computer Engineering (ICECCE). :1—6.

Security for authentication is required to give a superlative secure users' personal information. This paper presents a model of the Graphical password scheme under the impact of security and ease of use for user authentication. We integrate the concept of recognition with re-called and cued-recall based schemes to offer superior security compared to existing schemes. Click Symbols (CS) Alphabet combine into one entity: Alphanumeric (A) and Visual (V) symbols (CS-AV) is Captcha-based password scheme, we integrate it with recall-based n ×n grid points, where a user can draw the shape or pattern by the intersection of the grid points as a way to enter a graphical password. Next scheme, the combination of CS-AV with grid cells allows very large password space ( 2.4 ×104 bits of entropy) and provides reasonable usability results by determining an empirical study of memorable password space. Proposed schemes support most applicable platform for input devices and promising strong resistance to shoulder surfing attacks on a mobile device which can be occurred during unlocking (pattern) the smartphone.

2021-01-28
Sammoud, A., Chalouf, M. A., Hamdi, O., Montavont, N., Bouallegue, A..  2020.  A secure three-factor authentication and biometrics-based key agreement scheme for TMIS with user anonymity. 2020 International Wireless Communications and Mobile Computing (IWCMC). :1916—1921.

E- Health systems, specifically, Telecare Medical Information Systems (TMIS), are deployed in order to provide patients with specific diseases with healthcare services that are usually based on remote monitoring. Therefore, making an efficient, convenient and secure connection between users and medical servers over insecure channels within medical services is a rather major issue. In this context, because of the biometrics' characteristics, many biometrics-based three factor user authentication schemes have been proposed in the literature to secure user/server communication within medical services. In this paper, we make a brief study of the most interesting proposals. Then, we propose a new three-factor authentication and key agreement scheme for TMIS. Our scheme tends not only to fix the security drawbacks of some studied related work, but also, offers additional significant features while minimizing resource consumption. In addition, we perform a formal verification using the widely accepted formal security verification tool AVISPA to demonstrate that our proposed scheme is secure. Also, our comparative performance analysis reveals that our proposed scheme provides a lower resource consumption compared to other related work's proposals.

2021-07-08
AlQahtani, Ali Abdullah S, Alamleh, Hosam, Gourd, Jean, Alnuhait, Hend.  2020.  TS2FA: Trilateration System Two Factor Authentication. 2020 3rd International Conference on Computer Applications Information Security (ICCAIS). :1—4.
Two-factor authentication (2FA) systems implement by verifying at least two factors. A factor is something a user knows (password, or phrase), something a user possesses (smart card, or smartphone), something a user is (fingerprint, or iris), something a user does (keystroke), or somewhere a user is (location). In the existing 2FA system, a user is required to act in order to implement the second layer of authentication which is not very user-friendly. Smart devices (phones, laptops, tablets, etc.) can receive signals from different radio frequency technologies within range. As these devices move among networks (Wi-Fi access points, cellphone towers, etc.), they receive broadcast messages, some of which can be used to collect information. This information can be utilized in a variety of ways, such as establishing a connection, sharing information, locating devices, and, most appropriately, identifying users in range. The principal benefit of broadcast messages is that the devices can read and process the embedded information without being connected to the broadcaster. Moreover, the broadcast messages can be received only within range of the wireless access point sending the broadcast, thus inherently limiting access to those devices in close physical proximity and facilitating many applications dependent on that proximity. In the proposed research, a new factor is used - something that is in the user's environment with minimal user involvement. Data from these broadcast messages is utilized to implement a 2FA scheme by determining whether two devices are proximate or not to ensure that they belong to the same user.
2021-03-09
THIGA, M. M..  2020.  Increasing Participation and Security in Student Elections through Online Voting: The Case of Kabarak University. 2020 IST-Africa Conference (IST-Africa). :1—7.

Electronic voting systems have enhanced efficiency in student elections management in universities, supporting such elections to become less expensive, logistically simple, with higher accuracy levels as compared to manually conducted elections. However, e-voting systems that are confined to campus hall voting inhibits access to eligible voters who are away from campus. This study examined the challenges of lack of wide access and impersonation of voter in the student elections of 2018 in Kabarak University. The main objective of this study was therefore to upgrade the offline electronic voting system through developing a secure online voting system and deploying the system for use in the 2019 student elections at Kabarak University. The resultant system and development process employed demonstrate the applicability of a secure online voting not only in the higher education context, but also in other democracies where infusion of online access and authentication in the voting processes is a requisite.

Hossain, M. D., Ochiai, H., Doudou, F., Kadobayashi, Y..  2020.  SSH and FTP brute-force Attacks Detection in Computer Networks: LSTM and Machine Learning Approaches. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :491—497.

Network traffic anomaly detection is of critical importance in cybersecurity due to the massive and rapid growth of sophisticated computer network attacks. Indeed, the more new Internet-related technologies are created, the more elaborate the attacks become. Among all the contemporary high-level attacks, dictionary-based brute-force attacks (BFA) present one of the most unsurmountable challenges. We need to develop effective methods to detect and mitigate such brute-force attacks in realtime. In this paper, we investigate SSH and FTP brute-force attack detection by using the Long Short-Term Memory (LSTM) deep learning approach. Additionally, we made use of machine learning (ML) classifiers: J48, naive Bayes (NB), decision table (DT), random forest (RF) and k-nearest-neighbor (k-NN), for additional detection purposes. We used the well-known labelled dataset CICIDS2017. We evaluated the effectiveness of the LSTM and ML algorithms, and compared their performance. Our results show that the LSTM model outperforms the ML algorithms, with an accuracy of 99.88%.

2021-03-29
Shaout, A., Schmidt, N..  2020.  Keystroke Identifier Using Fuzzy Logic to Increase Password Security. 2020 21st International Arab Conference on Information Technology (ACIT). :1—8.

Cybersecurity is a major issue today. It is predicted that cybercrime will cost the world \$6 trillion annually by 2021. It is important to make logins secure as well as to make advances in security in order to catch cybercriminals. This paper will design and create a device that will use Fuzzy logic to identify a person by the rhythm and frequency of their typing. The device will take data from a user from a normal password entry session. This data will be used to make a Fuzzy system that will be able to identify the user by their typing speed. An application of this project could be used to make a more secure log-in system for a user. The log-in system would not only check that the correct password was entered but also that the rhythm of how the password was typed matched the user. Another application of this system could be used to help catch cybercriminals. A cybercriminal may have a certain rhythm at which they type at and this could be used like a fingerprint to help officials locate cybercriminals.