International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169

Volume: 5 Issue: 5 280 282

_______________________________________________________________________________________________
Literature Survey on Keystroke Dynamics for User Authentication

BrajeshSingh1 ,Saurabh Sonawane2 , Yash Shah3 , Vaishakh Singh4

Department of Computer Engineering, Maharashtra Institute ofTechnology, Pune

Abstract- Behavioural biometrics is the field of study related to the measure of uniquely identifying and measuring the patterns in human
activities. Computer security plays a vital role as most of the sensitive data is stored on computers. Keystrokes Dynamics is a technique based on
human behaviour for typing the password. Whenever any user logins into the system, username and password combinations are used for
authenticating the users. The username is not secret, and the imposter acts as user to guess the password also because of simplicity of password,
the system is prone to more attacks. In this case biometrics provide secure and convenient authentication. Our system uses a Support Vector
Machine (SVM) which is one of the best known classifications and regression algorithm. Support Vectors (SV) that fall under different regions
is separated using hyper planes linear as well as non-linear. Researchers have proved that SVM will converge to the best possible solution in
very less time.

Index Terms-Biometrics, Digraph, Key logger, Keystroke, Non static Biometrics, Security, Trigraph

__________________________________________________*****_________________________________________________

I. INTRODUCTION
With the ever increasing demand for more secure access
control in many of todays security applications, traditional
methods such as PINs, tokens, or passwords fail tokeep up
with the challenges presented because they can be lost or
stolen. On the other hand, biometrics based on who the
person is or how the person behaves present a significant
security advancement to meetthese new challenges. Among
them, keystroke dynamics provide a natural choice for
secure password-free computer access.Keystroke
dynamics refer to the habitual patterns or rhythms an
individual exhibitswhile typing on a keyboard input device.
These rhythms and patterns of tapping areidiosyncratic, in
the same way as a persons handwriting or signature, due
totheir similar governing neurophysiological mechanisms. In
fact, as early as the 19thcentury, telegraph operators could
recognize each otherthrough their specific tapping styles.
This suggests that keystroke dynamics contain sufficient
information to serve as a biometric identifier. Our system for
keystroke dynamics has different phases for user
authentication.
1.User authentication details
2.Train the system
3.Patterns matching using SVM
4.Trust score calculation
II. LITERATURE SURVEY
In [1] authors have discussed about the possibility
of adaptation of keystroke Dynamics in more detail. For
adaptation they have used two models, sliding and growing.
In growing, each example classified as being from
legitimate user is included as new detector. In sliding each
positive example replaces the oldest positive example .So in
IJRITCC | May 2017, Available @ http://www.ijritcc.org
_______________________________________________________________________________________
this way sliding method is more efficient than the growing
method, as the number of positive examples is constant.
While typing, the computer records the time at which key is
pressed (dwell time), for how long the key is pressed and
latency between consecutives keys i.e. time elapsed from
one key to a subsequent key. The time measured between
key up and the key down is called Flight time. Thus from
the raw data, three timing features can be extracted are
press-to-press (PP), release-to-release (RR) and release-to-
press (RP). Other timing information like time it takes to
write a word, digraph(two letters) or tri-graph (three letters)
can also be extracted. Keystroke dynamics uses security
metrics like FalseAcceptance rate (FAR), False Rejection
rate (FRR) and Equal error rate (EER) is explained in [2].[5]
improved biometric authentication by using keystrokes
analysis. They utilize telephone number and text message
obtained from mobile phone for authenticate users. They
compare performance of different type of biometric
techniques. It is show that, hand geometry Identification
with 1.5% EER has lowest performance and vein
mechanism has highest performance with 5% EER.
In[3] the proposed approach mitigates security
threat by a host based user profiling technique where a key
stroke dynamics is used for analysing the user behaviour and
a retraining approach is also proposed as the imposter
patterns are absent at the time of registration. Retraining
boosts the overall system performance in mitigating the
insider threat. In short it is providing security to cloud from
insiders attack. The proposed work uses a Support Vector
Machine (SVM) which is one of the best known
classifications and regression algorithm to date. The two
main techniques that used here are FRR and FAR.
The retraining results in average increase of
65.91% on the number of keys imposter typed before being
280
International Journal on Recent and Innovation Trends in Computing and Communication
Volume: 5 Issue: 5
_______________________________________________________________________________________________
caught. So in future the efficiency of the proposed approach
will be increased by combining it with the other behavioural
techniques like search and command sequence analysis. So
from this idea we get knowledge that we can provide insider
security to any application by using keystroke Dynamics.
Authentication is main part of every secure
communication system specially in wide spread networks
such as mobile cloud computing.[4] paper presents an
android application which used secure type of keystroke
dynamics authentication to improve the security of
communication between mobile user and CSP(Cloud service
provider), TTP is used. It means that all of security services
such as cryptography techniques is done in TTP. Gaussian
Probability density is used as a function for calculating the
similarity of feature.
In [6], they have studied how to apply keystroke
dynamics on touch screen devices using Bayesian network
classification. In this they have used four factors which are
dwell time, interval time, interval time ration and distance
between buttons. This paper also tells us why multifactor
authentication (MFA) is better option compared to single
factor authentication (SFA). Along with FAR and FFR, one
more technique EER (Error Equal Rate) is used for
measurement of performance of biometric system. Lower
the EER, better the system.
ISSN: 2321-8169
280 282
[7] have four measure category for classification, which are,
statistical algorithm, artificial neural network, pattern
recognition, and learning algorithm. For statistical approach,
Bayes classification, based on posterior probability is used.
For pattern recognition, nearest neighbour method is used.
For machine learning, SVM and K-Mean method is used. In
this three models are used for keystroke dynamics. First is
filter model, it requires characteristics of data to evaluate
and select the feature without involving any learning
algorithm. Second model wrapper model, it uses learning
algorithm for the execution and evaluation of the data. Third
model is hybrid model, it takes the advantages of filter as
well as wrapper model.
In keystroke dynamic based authentication, novelty
detection methods are used since only the valid users pattern
are available. When a classifier is first constructed after a
while, however, imposter keystroke patterns become
available from failed login attempts. [8] propose to employ
the retraining framework where a novelty detector is
retrained while the imposters patterns to enhance
authentication accuracy. In [8], learning vector quantisation
for novelty detection support data description are retrained
with the imposter patterns. Experimental result shows that
retraining improves the authentication performance and that
learning vector quantisation for novelty detection out
performs other widely used novelty detectors.

III. LITERATURE GAP

Sr Title of the paper Publication name Paper concept Gaps in the paper
no. ,place and Date ( year)

1 Keystrokes Springer-Verlag Here they studied the The system authenticated the
Dynamics in Berlin Heidelberg feasibility of using user based only on the mean and
General Settings 2007 Keystroke standard deviation of the Held
Dynamics as a biometric in Times and the Interkey
a more general setting,
where users go
about their normal daily
activities of emailing, web
surng, and soon.

2 Feasibility Study IEEE-2013 This paper concentrates in we have used Bayesian network
on Authentication studying about a chance to classifier whereas we have used
Based Keystrokes use the multi-factor SVM
Dynamics over authentication on mobile
Touch Screen devices.
Devices

3 Authentication Int. J. Advance Soft This paper addresses using Adaptability is not concerned
Method through Compu. Appl, Vol. 6, keystroke authentication in for security.
Keystrokes No. 3, November 2014 MCC. It has described a Plus dynamic keystroke is not
Measurement of Secure biometric method covered in this paper only static
Mobile users in based on measuring keystroke is concede
Cloud keystrokes duration.
Environment

281
IJRITCC | May 2017, Available @ http://www.ijritcc.org
_______________________________________________________________________________________
International Journal on Recent and Innovation Trends in Computing and Communication ISSN: 2321-8169
Volume: 5 Issue: 5 280 282
_______________________________________________________________________________________________
4 Keystroke International Journal The paper emphasizes on In this paper we are not creating
Dynamics for of Computer the importance of keystroke a database.
User Applications ,2016 dynamics for desktop, Only two hand authentication is
Authentication laptop etc. used, single hand database is not
and Identification used.
by using Typing
Rhythm

5 Adaptive IEEE,2015 This paper studied keystroke In this paper trust score factor is
Approaches for dynamics in a data stream not calculated for security
Keystroke context,
Dynamics

IV. CONCLUSION
Insiders attack has continued to be biggest problem to date.
Proposed system shows better result in overcoming of such
insider threats. Also proposed system does not require extra
hardware for implementation.

REFERENCES

[1] Paulo Henrique pisani, Ana Lorena, Andre C. P. L. F. de

Carvalho, IEEE-2015,Adaptive approaches for key stroke
dynamics
[2] RohitPatil, Amar Renke, Keystrokes Dynamics for User
Authentication and Identification by Using Typing
Rhythm, International Journal of Computer Applications
2016.
[3] Mahesh Babu B, Mary SairaBhanu UNIVERSITY,
Analyzing User Behaviour Using Keystrokes Dynamics to
Protect Cloud from Malicious Insiders, IEEE 2016
[4] Mahnoush Babaeizadeh, MajidBakhtiari, and
MohdAizainiMaarof, Authentication Method through
Keystrokes Measurement of Mobile users in Cloud
Environment, Int. J. Advance Soft Compu. Appl, Vol. 6,
No.3,November 2014 ISSN 2074-8523
[5] N. L. Clarke, and S. M. Furnell, "Advanced user
authentication for mobile devices", computers and security,
26, no. 2, (2007), pp. 109-119.
[6] Nattapong Jeanjaitrong and Pattarasinee Bhattarakalosol,
Feasibility study on authentication based keystroke
dynamics over touch screen devices,ISCIT-2013
[7] Rohit A Patil,Amar L. Renke, Keystroke Dynamics for
User Authentication and Identification by using Typing
Rhythm,International Journal of Computer Applications
vol. 144, nos. 9, June. 2016.
[8] Hyoung-jooLee,Sungzoon Cho, Retraining a keystroke
dynamics-based authenticator with impostor patterns, in
ELSEVIER.

282
IJRITCC | May 2017, Available @ http://www.ijritcc.org
_______________________________________________________________________________________