Visible to the public Biblio

Filters: Keyword is keystroke analysis  [Clear All Filters]
2021-08-17
Liu, Jian, Chen, Yingying, Dong, Yudi, Wang, Yan, Zhao, Tiannming, Yao, Yu-Dong.  2020.  Continuous User Verification via Respiratory Biometrics. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :1—10.
The ever-growing security issues in various mobile applications and smart devices create an urgent demand for a reliable and convenient user verification method. Traditional verification methods request users to provide their secrets (e.g., entering passwords and collecting fingerprints). We envision that the essential trend of user verification is to free users from active participation in the verification process. Toward this end, we propose a continuous user verification system, which re-uses the widely deployed WiFi infrastructure to capture the unique physiological characteristics rooted in user's respiratory motions. Different from the existing continuous verification approaches, posing dependency on restricted scenarios/user behaviors (e.g., keystrokes and gaits), our system can be easily integrated into any WiFi infrastructure to provide non-intrusive continuous verification. Specifically, we extract the respiration-related signals from the channel state information (CSI) of WiFi. We then derive the user-specific respiratory features based on the waveform morphology analysis and fuzzy wavelet transformation of the respiration signals. Additionally, a deep learning based user verification scheme is developed to identify legitimate users accurately and detect the existence of spoofing attacks. Extensive experiments involving 20 participants demonstrate that the proposed system can robustly verify/identify users and detect spoofers under various types of attacks.
Kurth, Michael, Gras, Ben, Andriesse, Dennis, Giuffrida, Cristiano, Bos, Herbert, Razavi, Kaveh.  2020.  NetCAT: Practical Cache Attacks from the Network. 2020 IEEE Symposium on Security and Privacy (SP). :20—38.
Increased peripheral performance is causing strain on the memory subsystem of modern processors. For example, available DRAM throughput can no longer sustain the traffic of a modern network card. Scrambling to deliver the promised performance, instead of transferring peripheral data to and from DRAM, modern Intel processors perform I/O operations directly on the Last Level Cache (LLC). While Direct Cache Access (DCA) instead of Direct Memory Access (DMA) is a sensible performance optimization, it is unfortunately implemented without care for security, as the LLC is now shared between the CPU and all the attached devices, including the network card.In this paper, we reverse engineer the behavior of DCA, widely referred to as Data-Direct I/O (DDIO), on recent Intel processors and present its first security analysis. Based on our analysis, we present NetCAT, the first Network-based PRIME+PROBE Cache Attack on the processor's LLC of a remote machine. We show that NetCAT not only enables attacks in cooperative settings where an attacker can build a covert channel between a network client and a sandboxed server process (without network), but more worryingly, in general adversarial settings. In such settings, NetCAT can enable disclosure of network timing-based sensitive information. As an example, we show a keystroke timing attack on a victim SSH connection belonging to another client on the target server. Our results should caution processor vendors against unsupervised sharing of (additional) microarchitectural components with peripherals exposed to malicious input.
Ouchi, Yumo, Okudera, Ryosuke, Shiomi, Yuya, Uehara, Kota, Sugimoto, Ayaka, Ohki, Tetsushi, Nishigaki, Masakatsu.  2020.  Study on Possibility of Estimating Smartphone Inputs from Tap Sounds. 2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC). :1425—1429.
Side-channel attacks occur on smartphone keystrokes, where the input can be intercepted by a tapping sound. Ilia et al. reported that keystrokes can be predicted with 61% accuracy from tapping sounds listened to by the built-in microphone of a legitimate user's device. Li et al. reported that by emitting sonar sounds from an attacker smartphone's built-in speaker and analyzing the reflected waves from a legitimate user's finger at the time of tap input, keystrokes can be estimated with 90% accuracy. However, the method proposed by Ilia et al. requires prior penetration of the target smartphone and the attack scenario lacks plausibility; if the attacker's smartphone can be penetrated, the keylogger can directly acquire the keystrokes of a legitimate user. In addition, the method proposed by Li et al. is a side-channel attack in which the attacker actively interferes with the terminals of legitimate users and can be described as an active attack scenario. Herein, we analyze the extent to which a user's keystrokes are leaked to the attacker in a passive attack scenario, where the attacker wiretaps the sounds of the legitimate user's keystrokes using an external microphone. First, we limited the keystrokes to the personal identification number input. Subsequently, mel-frequency cepstrum coefficients of tapping sound data were represented as image data. Consequently, we found that the input is discriminated with high accuracy using a convolutional neural network to estimate the key input.
Bicakci, Kemal, Salman, Oguzhan, Uzunay, Yusuf, Tan, Mehmet.  2020.  Analysis and Evaluation of Keystroke Dynamics as a Feature of Contextual Authentication. 2020 International Conference on Information Security and Cryptology (ISCTURKEY). :11—17.
The following topics are dealt with: authorisation; data privacy; mobile computing; security of data; cryptography; Internet of Things; message authentication; invasive software; Android (operating system); vectors.
Jin, Kun, Liu, Chaoyue, Xia, Cathy.  2020.  OTDA: a Unsupervised Optimal Transport framework with Discriminant Analysis for Keystroke Inference. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.
Keystroke Inference has been a hot topic since it poses a severe threat to our privacy from typing. Existing learning-based Keystroke Inference suffers the domain adaptation problem because the training data (from attacker) and the test data (from victim) are generally collected in different environments. Recently, Optimal Transport (OT) is applied to address this problem, but suffers the “ground metric” limitation. In this work, we propose a novel method, OTDA, by incorporating Discriminant Analysis into OT through an iterative learning process to address the ground metric limitation. By embedding OTDA into a vibration-based Keystroke Inference platform, we conduct extensive studies about domain adaptation with different factors, such as people, keyboard position, etc.. Our experiment results show that OTDA can achieve significant performance improvement on classification accuracy, i.e., outperforming baseline by 15% to 30%, state-of-the-art OT and other domain adaptation methods by 10% to 20%.
Belman, Amith K., Paul, Tirthankar, Wang, Li, Iyengar, S. S., Śniatała, Paweł, Jin, Zhanpeng, Phoha, Vir V., Vainio, Seppo, Röning, Juha.  2020.  Authentication by Mapping Keystrokes to Music: The Melody of Typing. 2020 International Conference on Artificial Intelligence and Signal Processing (AISP). :1—6.
Expressing Keystroke Dynamics (KD) in form of sound opens new avenues to apply sound analysis techniques on KD. However this mapping is not straight-forward as varied feature space, differences in magnitudes of features and human interpretability of the music bring in complexities. We present a musical interface to KD by mapping keystroke features to music features. Music elements like melody, harmony, rhythm, pitch and tempo are varied with respect to the magnitude of their corresponding keystroke features. A pitch embedding technique makes the music discernible among users. Using the data from 30 users, who typed fixed strings multiple times on a desktop, shows that these auditory signals are distinguishable between users by both standard classifiers (SVM, Random Forests and Naive Bayes) and humans alike.
Shen, Xingfa, Yan, Guo, Yang, Jian, Xu, Sheng.  2020.  WiPass: CSI-based Keystroke Recognition for Numerical Keypad of Smartphones. 2020 35th Youth Academic Annual Conference of Chinese Association of Automation (YAC). :276—283.
Nowadays, smartphones are everywhere. They play an indispensable role in our lives and makes people convenient to communicate, pay, socialize, etc. However, they also bring a lot of security and privacy risks. Keystroke operations of numeric keypad are often required when users input password to perform mobile payment or input other privacy-sensitive information. Different keystrokes may cause different finger movements that will bring different interference to WiFi signal, which may be reflected by channel state information (CSI). In this paper, we propose WiPass, a password-keystroke recognition system for numerical keypad input on smartphones, which especially occurs frequently in mobile payment APPs. Based on only a public WiFi hotspot deployed in the victim payment scenario, WiPass would extracts and analyzes the CSI data generated by the password-keystroke operation of the smartphone user, and infers the user's payment password by comparing the CSI waveforms of different keystrokes. We implemented the WiPass system by using COTS WiFi AP devices and smartphones. The average keystroke segmentation accuracy was 80.45%, and the average keystroke recognition accuracy was 74.24%.
Singh, Shivshakti, Inamdar, Aditi, Kore, Aishwarya, Pawar, Aprupa.  2020.  Analysis of Algorithms for User Authentication using Keystroke Dynamics. 2020 International Conference on Communication and Signal Processing (ICCSP). :0337—0341.
In the present scenario, security is the biggest concern in any domain of applications. The latest and widely used system for user authentication is a biometric system. This includes fingerprint recognition, retina recognition, and voice recognition. But these systems can be bypassed by masqueraders. To avoid this, a combination of these systems is used which becomes very costly. To overcome these two drawbacks keystroke dynamics were introduced in this field. Keystroke dynamics is a biometric authentication-based system on behavior, which is an automated method in which the identity of an individual is identified and confirmed based on the way and the rhythm of passwords typed on a keyboard by the individual. The work in this paper focuses on identifying the best algorithm for implementing an authentication system with the help of machine learning for user identification based on keystroke dynamics. Our proposed model which uses XGBoost gives a comparatively higher accuracy of 93.59% than the other algorithms for the dataset used.
2021-03-04
Ramadhanty, A. D., Budiono, A., Almaarif, A..  2020.  Implementation and Analysis of Keyboard Injection Attack using USB Devices in Windows Operating System. 2020 3rd International Conference on Computer and Informatics Engineering (IC2IE). :449—454.

Windows is one of the popular operating systems in use today, while Universal Serial Bus (USB) is one of the mechanisms used by many people with practical plug and play functions. USB has long been used as a vector of attacks on computers. One method of attack is Keylogger. The Keylogger can take advantage of existing vulnerabilities in the Windows 10 operating system attacks carried out in the form of recording computer keystroke activity without the victim knowing. In this research, an attack will be carried out by running a Powershell Script using BadUSB to be able to activate the Keylogger program. The script is embedded in the Arduino Pro Micro device. The results obtained in the Keyboard Injection Attack research using Arduino Pro Micro were successfully carried out with an average time needed to run the keylogger is 7.474 seconds with a computer connected to the internet. The results of the keylogger will be sent to the attacker via email.

2020-01-28
Xuan, Shichang, Wang, Huanhong, Gao, Duo, Chung, Ilyong, Wang, Wei, Yang, Wu.  2019.  Network Penetration Identification Method Based on Interactive Behavior Analysis. 2019 Seventh International Conference on Advanced Cloud and Big Data (CBD). :210–215.

The Internet has gradually penetrated into the national economy, politics, culture, military, education and other fields. Due to its openness, interconnectivity and other characteristics, the Internet is vulnerable to all kinds of malicious attacks. The research uses a honeynet to collect attacker information, and proposes a network penetration recognition technology based on interactive behavior analysis. Using Sebek technology to capture the attacker's keystroke record, time series modeling of the keystroke sequences of the interaction behavior is proposed, using a Recurrent Neural Network. The attack recognition method is constructed by using Long Short-Term Memory that solves the problem of gradient disappearance, gradient explosion and long-term memory shortage in ordinary Recurrent Neural Network. Finally, the experiment verifies that the short-short time memory network has a high accuracy rate for the recognition of penetration attacks.

Monaco, John V..  2019.  Feasibility of a Keystroke Timing Attack on Search Engines with Autocomplete. 2019 IEEE Security and Privacy Workshops (SPW). :212–217.
Many websites induce the browser to send network traffic in response to user input events. This includes websites with autocomplete, a popular feature on search engines that anticipates the user's query while they are typing. Websites with this functionality require HTTP requests to be made as the query input field changes, such as when the user presses a key. The browser responds to input events by generating network traffic to retrieve the search predictions. The traffic emitted by the client can expose the timings of keyboard input events which may lead to a keylogging side channel attack whereby the query is revealed through packet inter-arrival times. We investigate the feasibility of such an attack on several popular search engines by characterizing the behavior of each website and measuring information leakage at the network level. Three out of the five search engines we measure preserve the mutual information between keystrokes and timings to within 1% of what it is on the host. We describe the ways in which two search engines mitigate this vulnerability with minimal effects on usability.
Bernardi, Mario Luca, Cimitile, Marta, Martinelli, Fabio, Mercaldo, Francesco.  2019.  Keystroke Analysis for User Identification Using Deep Neural Networks. 2019 International Joint Conference on Neural Networks (IJCNN). :1–8.

The current authentication systems based on password and pin code are not enough to guarantee attacks from malicious users. For this reason, in the last years, several studies are proposed with the aim to identify the users basing on their typing dynamics. In this paper, we propose a deep neural network architecture aimed to discriminate between different users using a set of keystroke features. The idea behind the proposed method is to identify the users silently and continuously during their typing on a monitored system. To perform such user identification effectively, we propose a feature model able to capture the typing style that is specific to each given user. The proposed approach is evaluated on a large dataset derived by integrating two real-world datasets from existing studies. The merged dataset contains a total of 1530 different users each writing a set of different typing samples. Several deep neural networks, with an increasing number of hidden layers and two different sets of features, are tested with the aim to find the best configuration. The final best classifier scores a precision equal to 0.997, a recall equal to 0.99 and an accuracy equal to 99% using an MLP deep neural network with 9 hidden layers. Finally, the performances obtained by using the deep learning approach are also compared with the performance of traditional decision-trees machine learning algorithm, attesting the effectiveness of the deep learning-based classifiers in the domain of keystroke analysis.

Krishna, Gutha Jaya, Ravi, Vadlamani.  2019.  Keystroke Based User Authentication Using Modified Differential Evolution. TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON). :739–744.

User Authentication is a difficult problem yet to be addressed accurately. Little or no work is reported in literature dealing with clustering-based anomaly detection techniques for user authentication for keystroke data. Therefore, in this paper, Modified Differential Evolution (MDE) based subspace anomaly detection technique is proposed for user authentication in the context of behavioral biometrics using keystroke dynamics features. Thus, user authentication is posed as an anomaly detection problem. Anomalies in CMU's keystroke dynamics dataset are identified using subspace-based and distance-based techniques. It is observed that, among the proposed techniques, MDE based subspace anomaly detection technique yielded the highest Area Under ROC Curve (AUC) for user authentication problem. We also performed a Wilcoxon Signed Rank statistical test to corroborate our results statistically.

Calot, Enrique P., Ierache, Jorge S., Hasperué, Waldo.  2019.  Document Typist Identification by Classification Metrics Applying Keystroke Dynamics Under Unidealised Conditions. 2019 International Conference on Document Analysis and Recognition Workshops (ICDARW). 8:19–24.

Keystroke Dynamics is the study of typing patterns and rhythm for personal identification and traits. Keystrokes may be analysed as fixed text such as passwords or as continuous typed text such as documents. This paper reviews different classification metrics for continuous text, such as the A and R metrics, Canberra, Manhattan and Euclidean and introduces a variant of the Minkowski distance. To test the metrics, we adopted a substantial dataset containing 239 thousand records acquired under real, harsh, and unidealised conditions. We propose a new parameter for the Minkowski metric, and we reinforce another for the A metric, as initially stated by its authors.

Patel, Yogesh, Ouazzane, Karim, Vassilev, Vassil T., Faruqi, Ibrahim, Walker, George L..  2019.  Keystroke Dynamics Using Auto Encoders. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–8.

In the modern day and age, credential based authentication systems no longer provide the level of security that many organisations and their services require. The level of trust in passwords has plummeted in recent years, with waves of cyber attacks predicated on compromised and stolen credentials. This method of authentication is also heavily reliant on the individual user's choice of password. There is the potential to build levels of security on top of credential based authentication systems, using a risk based approach, which preserves the seamless authentication experience for the end user. One method of adding this security to a risk based authentication framework, is keystroke dynamics. Monitoring the behaviour of the users and how they type, produces a type of digital signature which is unique to that individual. Learning this behaviour allows dynamic flags to be applied to anomalous typing patterns that are produced by attackers using stolen credentials, as a potential risk of fraud. Methods from statistics and machine learning have been explored to try and implement such solutions. This paper will look at an Autoencoder model for learning the keystroke dynamics of specific users. The results from this paper show an improvement over the traditional tried and tested statistical approaches with an Equal Error Rate of 6.51%, with the additional benefits of relatively low training times and less reliance on feature engineering.

Ayotte, Blaine, Banavar, Mahesh K., Hou, Daqing, Schuckers, Stephanie.  2019.  Fast and Accurate Continuous User Authentication by Fusion of Instance-Based, Free-Text Keystroke Dynamics. 2019 International Conference of the Biometrics Special Interest Group (BIOSIG). :1–6.

Keystroke dynamics study the way in which users input text via their keyboards, which is unique to each individual, and can form a component of a behavioral biometric system to improve existing account security. Keystroke dynamics systems on free-text data use n-graphs that measure the timing between consecutive keystrokes to distinguish between users. Many algorithms require 500, 1,000, or more keystrokes to achieve EERs of below 10%. In this paper, we propose an instance-based graph comparison algorithm to reduce the number of keystrokes required to authenticate users. Commonly used features such as monographs and digraphs are investigated. Feature importance is determined and used to construct a fused classifier. Detection error tradeoff (DET) curves are produced with different numbers of keystrokes. The fused classifier outperforms the state-of-the-art with EERs of 7.9%, 5.7%, 3.4%, and 2.7% for test samples of 50, 100, 200, and 500 keystrokes.

Handa, Jigyasa, Singh, Saurabh, Saraswat, Shipra.  2019.  A Comparative Study of Mouse and Keystroke Based Authentication. 2019 9th International Conference on Cloud Computing, Data Science Engineering (Confluence). :670–674.

One of the basic behavioural biometric methods is keystroke element. Being less expensive and not requiring any extra bit of equipment is the main advantage of keystroke element. The primary concentration of this paper is to give an inevitable review of behavioural biometrics strategies, measurements and different methodologies and difficulties and future bearings specially of keystroke analysis and mouse dynamics. Keystrokes elements frameworks utilize insights, e.g. time between keystrokes, word decisions, word mixes, general speed of writing and so on. Mouse Dynamics is termed as the course of actions captured from the moving mouse by an individual when interacting with a GUI. These are representative factors which may be called mouse dynamics signature of an individual, and may be used for verification of identity of an individual. In this paper, we compare the authentication system based on keystroke dynamics and mouse dynamics.

Jaha, Farida, Kartit, Ali.  2019.  Real-World Applications and Implementation of Keystroke Biometric System. Proceedings of the 4th International Conference on Big Data and Internet of Things. :1–7.

keystroke dynamics authenticates the system user by analyzing his typing rhythm. Given that each of us has his own typing rhythm and that the method is based on the keyboard makes it available in all computer machines, these two reasons (uniqueness and reduced cost) have made the method very solicit by administrators of security. In addition, the researchers used the method in different fields that are listed later in the paper.

2020-01-21
Huang, Jiaju, Klee, Bryan, Schuckers, Daniel, Hou, Daqing, Schuckers, Stephanie.  2019.  Removing Personally Identifiable Information from Shared Dataset for Keystroke Authentication Research. 2019 IEEE 5th International Conference on Identity, Security, and Behavior Analysis (ISBA). :1–7.

Research on keystroke dynamics has the good potential to offer continuous authentication that complements conventional authentication methods in combating insider threats and identity theft before more harm can be done to the genuine users. Unfortunately, the large amount of data required by free-text keystroke authentication often contain personally identifiable information, or PII, and personally sensitive information, such as a user's first name and last name, username and password for an account, bank card numbers, and social security numbers. As a result, there are privacy risks associated with keystroke data that must be mitigated before they are shared with other researchers. We conduct a systematic study to remove PII's from a recent large keystroke dataset. We find substantial amounts of PII's from the dataset, including names, usernames and passwords, social security numbers, and bank card numbers, which, if leaked, may lead to various harms to the user, including personal embarrassment, blackmails, financial loss, and identity theft. We thoroughly evaluate the effectiveness of our detection program for each kind of PII. We demonstrate that our PII detection program can achieve near perfect recall at the expense of losing some useful information (lower precision). Finally, we demonstrate that the removal of PII's from the original dataset has only negligible impact on the detection error tradeoff of the free-text authentication algorithm by Gunetti and Picardi. We hope that this experience report will be useful in informing the design of privacy removal in future keystroke dynamics based user authentication systems.

2018-02-27
Sulavko, A. E., Eremenko, A. V., Fedotov, A. A..  2017.  Users' Identification through Keystroke Dynamics Based on Vibration Parameters and Keyboard Pressure. 2017 Dynamics of Systems, Mechanisms and Machines (Dynamics). :1–7.

The paper considers an issues of protecting data from unauthorized access by users' authentication through keystroke dynamics. It proposes to use keyboard pressure parameters in combination with time characteristics of keystrokes to identify a user. The authors designed a keyboard with special sensors that allow recording complementary parameters. The paper presents an estimation of the information value for these new characteristics and error probabilities of users' identification based on the perceptron algorithms, Bayes' rule and quadratic form networks. The best result is the following: 20 users are identified and the error rate is 0.6%.

Soleymani, Mohammad, Riegler, Michael, al Halvorsen, P$\backslash$a.  2017.  Multimodal Analysis of Image Search Intent: Intent Recognition in Image Search from User Behavior and Visual Content. Proceedings of the 2017 ACM on International Conference on Multimedia Retrieval. :251–259.

Users search for multimedia content with different underlying motivations or intentions. Study of user search intentions is an emerging topic in information retrieval since understanding why a user is searching for a content is crucial for satisfying the user's need. In this paper, we aimed at automatically recognizing a user's intent for image search in the early stage of a search session. We designed seven different search scenarios under the intent conditions of finding items, re-finding items and entertainment. We collected facial expressions, physiological responses, eye gaze and implicit user interactions from 51 participants who performed seven different search tasks on a custom-built image retrieval platform. We analyzed the users' spontaneous and explicit reactions under different intent conditions. Finally, we trained machine learning models to predict users' search intentions from the visual content of the visited images, the user interactions and the spontaneous responses. After fusing the visual and user interaction features, our system achieved the F-1 score of 0.722 for classifying three classes in a user-independent cross-validation. We found that eye gaze and implicit user interactions, including mouse movements and keystrokes are the most informative features. Given that the most promising results are obtained by modalities that can be captured unobtrusively and online, the results demonstrate the feasibility of deploying such methods for improving multimedia retrieval platforms.

Compagno, Alberto, Conti, Mauro, Lain, Daniele, Tsudik, Gene.  2017.  Don'T Skype & Type!: Acoustic Eavesdropping in Voice-Over-IP. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. :703–715.

Acoustic emanations of computer keyboards represent a serious privacy issue. As demonstrated in prior work, physical properties of keystroke sounds might reveal what a user is typing. However, previous attacks assumed relatively strong adversary models that are not very practical in many real-world settings. Such strong models assume: (i) adversary's physical proximity to the victim, (ii) precise profiling of the victim's typing style and keyboard, and/or (iii) significant amount of victim's typed information (and its corresponding sounds) available to the adversary. This paper presents and explores a new keyboard acoustic eavesdropping attack that involves Voice-over-IP (VoIP), called Skype & Type (S&T), while avoiding prior strong adversary assumptions. This work is motivated by the simple observation that people often engage in secondary activities (including typing) while participating in VoIP calls. As expected, VoIP software acquires and faithfully transmits all sounds, including emanations of pressed keystrokes, which can include passwords and other sensitive information. We show that one very popular VoIP software (Skype) conveys enough audio information to reconstruct the victim's input – keystrokes typed on the remote keyboard. Our results demonstrate that, given some knowledge on the victim's typing style and keyboard model, the attacker attains top-5 accuracy of 91.7% in guessing a random key pressed by the victim. Furthermore, we demonstrate that S&T is robust to various VoIP issues (e.g., Internet bandwidth fluctuations and presence of voice over keystrokes), thus confirming feasibility of this attack. Finally, it applies to other popular VoIP software, such as Google Hangouts.

West, Andrew G..  2017.  Analyzing the Keystroke Dynamics of Web Identifiers. Proceedings of the 2017 ACM on Web Science Conference. :181–190.

Web identifiers such as usernames, hashtags, and domain names serve important roles in online navigation, communication, and community building. Therefore the entities that choose such names must ensure that end-users are able to quickly and accurately enter them in applications. Uniqueness requirements, a desire for short strings, and an absence of delimiters often constrain this name selection process. To gain perspective on the speed and correctness of name entry, we crowdsource the typing of 51,000+ web identifiers. Surface level analysis reveals, for example, that typing speed is generally a linear function of identifier length. Examining keystroke dynamics at finer granularity proves more interesting. First, we identify features predictive of typing time/accuracy, finding: (1) the commonality of character bi-grams inside a name, and (2) the degree of ambiguity when tokenizing a name - to be most indicative. A machine-learning model built over 10 such features exhibits moderate predictive capability. Second, we evaluate our hypothesis that users subconsciously insert pauses in their typing cadence where text delimiters (e.g., spaces) would exist, if permitted. The data generally supports this claim, suggesting its application alongside algorithmic tokenization methods, and possibly in name suggestion frameworks.

Monaro, Merylin, Spolaor, Riccardo, Li, QianQian, Conti, Mauro, Gamberini, Luciano, Sartori, Giuseppe.  2017.  Type Me the Truth!: Detecting Deceitful Users via Keystroke Dynamics. Proceedings of the 12th International Conference on Availability, Reliability and Security. :60:1–60:6.

In this paper, we propose a novel method, based on keystroke dynamics, to distinguish between fake and truthful personal information written via a computer keyboard. Our method does not need any prior knowledge about the user who is providing data. To our knowledge, this is the first work that associates the typing human behavior with the production of lies regarding personal information. Via experimental analysis involving 190 subjects, we assess that this method is able to distinguish between truth and lies on specific types of autobiographical information, with an accuracy higher than 75%. Specifically, for information usually required in online registration forms (e.g., name, surname and email), the typing behavior diverged significantly between truthful or untruthful answers. According to our results, keystroke analysis could have a great potential in detecting the veracity of self-declared information, and it could be applied to a large number of practical scenarios requiring users to input personal data remotely via keyboard.

Huang, J., Hou, D., Schuckers, S..  2017.  A Practical Evaluation of Free-Text Keystroke Dynamics. 2017 IEEE International Conference on Identity, Security and Behavior Analysis (ISBA). :1–8.

Free text keystroke dynamics is a behavioral biometric that has the strong potential to offer unobtrusive and continuous user authentication. Unfortunately, due to the limited data availability, free text keystroke dynamics have not been tested adequately. Based on a novel large dataset of free text keystrokes from our ongoing data collection using behavior in natural settings, we present the first study to evaluate keystroke dynamics while respecting the temporal order of the data. Specifically, we evaluate the performance of different ways of forming a test sample using sessions, as well as a form of continuous authentication that is based on a sliding window on the keystroke time series. Instead of accumulating a new test sample of keystrokes, we update the previous sample with keystrokes that occur in the immediate past sliding window of n minutes. We evaluate sliding windows of 1 to 5, 10, and 30 minutes. Our best performer using a sliding window of 1 minute, achieves an FAR of 1% and an FRR of 11.5%. Lastly, we evaluate the sensitivity of the keystroke dynamics algorithm to short quick insider attacks that last only several minutes, by artificially injecting different portions of impostor keystrokes into the genuine test samples. For example, the evaluated algorithm is found to be able to detect insider attacks that last 2.5 minutes or longer, with a probability of 98.4%.